Skip to content

Commit

Permalink
Merge pull request #48 from silinternational/develop
Browse files Browse the repository at this point in the history 
Release 5.0.0
  • Loading branch information
@briskt
briskt authored Feb 23, 2022
2 parents 7d1e459 + 4e307c4 commit 9c9ca47
Show file tree
Hide file tree
Showing 25 changed files with 276 additions and 172 deletions.
7 changes: 7 additions & 0 deletions aws/alb/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
10 changes: 4 additions & 6 deletions aws/asg-ebs/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
/*
* Generate user_data from template file
*/
data "template_file" "user_data" {
template = file("${path.module}/user-data.sh")

vars = {
locals {
user_data = templatefile("${path.module}/user-data.sh", {
ecs_cluster_name = var.ecs_cluster_name
additional_user_data = var.additional_user_data
aws_region = var.aws_region
Expand All @@ -18,7 +16,7 @@ data "template_file" "user_data" {
ebs_mkfs_extraopts = var.ebs_mkfs_extraopts
ebs_fs_type = var.ebs_fs_type
ebs_mountopts = var.ebs_mountopts
}
})
}

/*
Expand All @@ -37,7 +35,7 @@ resource "aws_launch_configuration" "as_conf" {
volume_size = var.aws_instance["volume_size"]
}

user_data = data.template_file.user_data.rendered
user_data = local.user_data

lifecycle {
create_before_destroy = true
Expand Down
7 changes: 7 additions & 0 deletions aws/asg-ebs/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
10 changes: 4 additions & 6 deletions aws/asg-efs/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
/*
* Generate user_data from template file
*/
data "template_file" "user_data" {
template = file("${path.module}/user-data.sh")

vars = {
locals {
user_data = templatefile("${path.module}/user-data.sh", {
ecs_cluster_name = var.ecs_cluster_name
efs_dns_name = var.efs_dns_name
mount_point = var.mount_point
additional_user_data = var.additional_user_data
}
})
}

/*
Expand All @@ -28,7 +26,7 @@ resource "aws_launch_configuration" "as_conf" {
volume_size = var.aws_instance["volume_size"]
}

user_data = data.template_file.user_data.rendered
user_data = local.user_data

lifecycle {
create_before_destroy = true
Expand Down
7 changes: 7 additions & 0 deletions aws/asg-efs/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
10 changes: 4 additions & 6 deletions aws/asg/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
/*
* Generate user_data from template file
*/
data "template_file" "user_data" {
template = file("${path.module}/user-data.sh")

vars = {
locals {
user_data = templatefile("${path.module}/user-data.sh", {
ecs_cluster_name = var.ecs_cluster_name
additional_user_data = var.additional_user_data
}
})
}

/*
Expand All @@ -26,7 +24,7 @@ resource "aws_launch_configuration" "as_conf" {
volume_size = var.aws_instance["volume_size"]
}

user_data = data.template_file.user_data.rendered
user_data = local.user_data

lifecycle {
create_before_destroy = true
Expand Down
7 changes: 7 additions & 0 deletions aws/asg/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
7 changes: 7 additions & 0 deletions aws/cloudflare-sg/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
90 changes: 45 additions & 45 deletions aws/cloudtrail/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,38 +1,40 @@
resource "aws_s3_bucket" "cloudtrail" {
bucket = var.s3_bucket_name
force_destroy = true
}

resource "aws_s3_bucket_policy" "cloudtrail" {
bucket = aws_s3_bucket.cloudtrail.id

policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
policy = jsonencode(
{
Version = "2012-10-17"
Statement = [
{
"Sid": "AWSCloudTrailAclCheck",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:GetBucketAcl",
"Resource": "arn:aws:s3:::${var.s3_bucket_name}"
Sid = "AWSCloudTrailAclCheck"
Effect = "Allow"
Principal = {
Service = "cloudtrail.amazonaws.com"
}
Action = "s3:GetBucketAcl"
Resource = "arn:aws:s3:::${var.s3_bucket_name}"
},
{
"Sid": "AWSCloudTrailWrite",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::${var.s3_bucket_name}/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
Sid = "AWSCloudTrailWrite"
Effect = "Allow"
Principal = {
Service = "cloudtrail.amazonaws.com"
}
Action = "s3:PutObject"
Resource = "arn:aws:s3:::${var.s3_bucket_name}/*"
Condition = {
StringEquals = {
"s3:x-amz-acl" = "bucket-owner-full-control"
}
}
]
}
POLICY

}
},
]
})
}

resource "aws_iam_user" "cloudtrail-s3" {
Expand All @@ -43,26 +45,24 @@ resource "aws_iam_user_policy" "cloudtrail-s3" {
name = "cloudtrail-s3"
user = aws_iam_user.cloudtrail-s3.name

policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
policy = jsonencode(
{
"Effect": "Allow",
"Action": [
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"${aws_s3_bucket.cloudtrail.arn}",
"${aws_s3_bucket.cloudtrail.arn}/*"
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Action = [
"s3:GetBucketPolicy",
"s3:GetObject",
"s3:ListBucket",
],
Resource = [
aws_s3_bucket.cloudtrail.arn,
"${aws_s3_bucket.cloudtrail.arn}/*",
]
},
]
}
]
}
EOF

})
}

resource "aws_cloudtrail" "cloudtrail" {
Expand Down
7 changes: 7 additions & 0 deletions aws/cloudtrail/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
10 changes: 4 additions & 6 deletions aws/ecr/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,18 +5,16 @@ resource "aws_ecr_repository" "repo" {
name = var.repo_name
}

data "template_file" "repo_policy" {
template = file("${path.module}/ecr-policy.json")

vars = {
locals {
repo_policy = templatefile("${path.module}/ecr-policy.json", {
ecsInstanceRole_arn = var.ecsInstanceRole_arn
ecsServiceRole_arn = var.ecsServiceRole_arn
cd_user_arn = var.cd_user_arn
}
})
}

resource "aws_ecr_repository_policy" "policy" {
repository = aws_ecr_repository.repo.name
policy = data.template_file.repo_policy.rendered
policy = local.repo_policy
}

7 changes: 7 additions & 0 deletions aws/ecr/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@

terraform {
required_version = ">= 0.12"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.0.0, < 5.0.0"
}
}
}
Loading

0 comments on commit 9c9ca47

Please sign in to comment.