diff --git a/.gitignore b/.gitignore index f2b2783..239bd93 100644 --- a/.gitignore +++ b/.gitignore @@ -20,8 +20,8 @@ package-lock.json # .tfplan files *.tfplan* -# .tfvars files -*.tfvars - # .tfimport files *.tfimport + +# .tfvars files +*.tfvars diff --git a/.terrahub.yml b/.terrahub.yml index 459afb6..5e7307e 100644 --- a/.terrahub.yml +++ b/.terrahub.yml @@ -11,7 +11,7 @@ project: terraform: varFile: - default.tfvars - version: 0.12.12 + version: 0.12.13 template: provider: - aws: diff --git a/README.md b/README.md index 45e5fdc..1638e19 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ To get started, simply include `main.tf` into your terraform codebase: ```hcl module "landing_zone" { source = "TerraHubCorp/landing-zone/aws" - version = "0.1.10" + version = "0.1.11" root_path = path.module landing_zone_providers = var.landing_zone_providers landing_zone_components = var.landing_zone_components @@ -54,7 +54,7 @@ landing_zone_providers = { [...] } landing_zone_components = { - landing_zone_vpc = "s3://terraform-aws-landing-zone/mycompany/landing_zone_vpc/default.tfvars" + landing_zone_vpc = "s3://terraform-aws-landing-zone/components/landing_zone_vpc/default.tfvars" [...] } terraform_backend = { @@ -95,6 +95,10 @@ After `landing_zone_reader_config` module configures everything, second step is ```hcl module "landing_zone_reader" { source = "./modules/landing_zone_reader" + terraform_backend_type = "local" + terraform_backend_config = { + path = "/tmp/.terrahub/landing_zone/terrahub_load_outputs/terraform.tfstate" + } } ``` diff --git a/bin/s3_sync_down.sh b/bin/s3_sync_down.sh index a961fc9..3ff1807 100755 --- a/bin/s3_sync_down.sh +++ b/bin/s3_sync_down.sh @@ -5,5 +5,5 @@ S3_PATH="s3://terraform-aws-landing-zone" LOCAL_PATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" >/dev/null 2>&1 && pwd )" for i in "${FOLDERS[@]}"; do - aws s3 sync --exclude "*" --include "*.tfvars" --include "*.tfimport" --include "*.xml" --content-type "text/plain" $S3_PATH/$i/ $LOCAL_PATH/$i/ + aws s3 sync --exclude "*" --include "*.tfvars" --include "*.tfimport" --include "*.xml" --content-type "text/plain" ${S3_PATH}/${i}/ ${LOCAL_PATH}/${i}/ done diff --git a/bin/s3_sync_up.sh b/bin/s3_sync_up.sh index afa02ad..c05f56f 100755 --- a/bin/s3_sync_up.sh +++ b/bin/s3_sync_up.sh @@ -5,5 +5,5 @@ S3_PATH="s3://terraform-aws-landing-zone" LOCAL_PATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" >/dev/null 2>&1 && pwd )" for i in "${FOLDERS[@]}"; do - aws s3 sync --exclude "*" --include "*.tfvars" --include "*.tfimport" --include "*.xml" --content-type "text/plain" $LOCAL_PATH/$i/ $S3_PATH/$i/ + aws s3 sync --exclude "*" --include "*.tfvars" --include "*.tfimport" --include "*.xml" --content-type "text/plain" ${LOCAL_PATH}/${i}/ ${S3_PATH}/${i}/ done diff --git a/bin/tf_import.sh b/bin/tf_import.sh old mode 100644 new mode 100755 index ff0dc94..0012ff4 --- a/bin/tf_import.sh +++ b/bin/tf_import.sh @@ -1,90 +1,49 @@ #!/usr/bin/env bash -LOCAL_PATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../components/" >/dev/null 2>&1 && pwd )" - -############################# -# landing_zone_organization # -############################# -terrahub import --batch ${LOCAL_PATH}/landing_zone_organization/default.tfimport \ - --include landing_zone_organization - -###################################### -# landing_zone_organization_accounts # -###################################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_organization_accounts/default.tfimport \ - --include landing_zone_organization_accounts - -############################################ -# landing_zone_directory_service_directory # -############################################ -terrahub import --batch ${LOCAL_PATH}/landing_zone_directory_service_directory/default.tfimport \ - --include landing_zone_directory_service_directory - -########################### -# landing_zone_cloudtrail # @todo -########################### -#terrahub import --batch ${LOCAL_PATH}/landing_zone_cloudtrail/default.tfimport \ -# --include landing_zone_cloudtrail_s3_bucket,landing_zone_cloudtrail_s3_bucket_policy,landing_zone_cloudtrail,landing_zone_directory_service_directory - -########################### -# landing_zone_vpc_subnet # -########################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_vpc_subnet/default.tfimport \ - --include landing_zone_gateway_igw,landing_zone_gateway_nat,landing_zone_network_acl,landing_zone_route,landing_zone_route_igw,landing_zone_route_ipv6,landing_zone_route_pcx,landing_zone_route_table,landing_zone_route_table_association,landing_zone_subnet,landing_zone_vpc,landing_zone_vpc_endpoint_gateway,landing_zone_vpc_endpoint_interface,landing_zone_vpc_peering_connection - -############################### -# landing_zone_security_group # -############################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_security_group/default.tfimport \ - --include landing_zone_security_group,landing_zone_security_group_rule_egress,landing_zone_security_group_rule_ingress - -######################### -# landing_zone_iam_role # -######################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role/default.tfimport \ - --include landing_zone_iam_role - -########################### -# landing_zone_iam_policy # -########################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_policy/default.tfimport \ - --include landing_zone_iam_policy - -########################################### -# landing_zone_iam_role_policy_attachment # -########################################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/default.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/bloomingaprons.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/mitocgroup.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/terrahub.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/eurechean.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/vcalmic.tfimport \ - --include landing_zone_iam_role_policy_attachment -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_role_policy_attachment/aluchianic.tfimport \ - --include landing_zone_iam_role_policy_attachment - -################################## -# landing_zone_iam_saml_provider # -################################## -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_saml_provider/default.tfimport \ - --include landing_zone_iam_saml_provider - -##################################### -# landing_zone_iam_instance_profile # -##################################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_iam_instance_profile/default.tfimport \ - --include landing_zone_iam_instance_profile - -#################### -# landing_zone_eip # -#################### -terrahub import --batch ${LOCAL_PATH}/landing_zone_eip/default.tfimport \ - --include landing_zone_eip +LZ_LOCAL_PATH="./components" +LZ_TFIMPORT_FILENAME="default.tfimport" +LZ_COMPONENTS=( + "landing_zone_eip" + "landing_zone_gateway_igw" + "landing_zone_gateway_nat" + "landing_zone_iam_instance_profile" + "landing_zone_iam_policy" + "landing_zone_iam_role" + "landing_zone_iam_role_policy_attachment" + "landing_zone_iam_saml_provider" + "landing_zone_network_acl" + "landing_zone_organization" + "landing_zone_organization_accounts" + "landing_zone_route" + "landing_zone_route_igw" + "landing_zone_route_ipv6" + "landing_zone_route_pcx" + "landing_zone_route_table" + "landing_zone_route_table_association" + "landing_zone_security_group" + "landing_zone_security_group_rule_egress" + "landing_zone_security_group_rule_ingress" + "landing_zone_subnet" + "landing_zone_vpc" + "landing_zone_vpc_endpoint_gateway" + "landing_zone_vpc_endpoint_interface" + "landing_zone_vpc_peering_connection" +) + +################### +# terrahub import # +################### +for LZ_COMPONENT in "${LZ_COMPONENTS[@]}"; do + SEARCH_PATH="${LZ_LOCAL_PATH}/${LZ_COMPONENT}" + + shopt -s nullglob + LZ_IMPORT_FILES=(${SEARCH_PATH}/*.tfimport) + + for LZ_IMPORT_FILE in "${LZ_IMPORT_FILES[@]}"; do + terrahub import --batch ${LZ_IMPORT_FILE} --include ${LZ_COMPONENT} + done + +done ####################### # delete remote state # @@ -99,3 +58,5 @@ terrahub state -D aws_security_group_rule.landing_zone_security_group --include && terrahub state -D aws_security_group_rule.landing_zone_security_group_terrahub-2 --include landing_zone_security_group \ && terrahub state -D aws_security_group_rule.landing_zone_security_group_terrahub-3 --include landing_zone_security_group \ && terrahub state -D aws_security_group_rule.landing_zone_security_group_terrahub-4 --include landing_zone_security_group + +# terrahub run -i $(printf ",%s" "${LZ_COMPONENTS[@]}") diff --git a/components/landing_zone_cloudtrail/.terrahub.yml b/components/landing_zone_cloudtrail/.terrahub.yml index 93f5da7..b674473 100644 --- a/components/landing_zone_cloudtrail/.terrahub.yml +++ b/components/landing_zone_cloudtrail/.terrahub.yml @@ -14,7 +14,8 @@ component: aws_cloudtrail: landing_zone_cloudtrail: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' - s3_bucket_name: data.terraform_remote_state.landing_zone_cloudtrail_s3_bucket.bucket + s3_bucket_name: >- + data.terraform_remote_state.landing_zone_cloudtrail_s3_bucket.outputs.bucket name: var.landing_zone_cloudtrail_name is_multi_region_trail: var.landing_zone_cloudtrail_is_multi_region_trail is_organization_trail: var.landing_zone_cloudtrail_is_organization_trail diff --git a/components/landing_zone_cloudtrail/default.tfimport b/components/landing_zone_cloudtrail/default.tfimport new file mode 100644 index 0000000..70d7d32 --- /dev/null +++ b/components/landing_zone_cloudtrail/default.tfimport @@ -0,0 +1 @@ +landing_zone_cloudtrail,aws_cloudtrail.landing_zone_cloudtrail,Default diff --git a/components/landing_zone_cloudtrail/default.tfvars b/components/landing_zone_cloudtrail/default.tfvars new file mode 100644 index 0000000..159e411 --- /dev/null +++ b/components/landing_zone_cloudtrail/default.tfvars @@ -0,0 +1,13 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_cloudtrail_name = "Default" +landing_zone_cloudtrail_is_multi_region_trail = true +landing_zone_cloudtrail_is_organization_trail = true +landing_zone_event_selector_data_resource_type = "AWS::Lambda::Function" +landing_zone_event_selector_data_resource_values = [ + "arn:aws:lambda:us-east-1:123456789012:function:DeepProdSayHelloCreateDb", + "arn:aws:lambda:us-east-1:123456789012:function:DeepProdSayHelloCreateFs", + "arn:aws:lambda:us-east-1:123456789012:function:DeepProdSayHelloCreateMsg" +] diff --git a/components/landing_zone_cloudtrail_s3_bucket/default.tfimport b/components/landing_zone_cloudtrail_s3_bucket/default.tfimport new file mode 100644 index 0000000..8eaadba --- /dev/null +++ b/components/landing_zone_cloudtrail_s3_bucket/default.tfimport @@ -0,0 +1 @@ +landing_zone_cloudtrail_s3_bucket,aws_s3_bucket.landing_zone_cloudtrail_s3_bucket,data-lake-cloudtrail diff --git a/components/landing_zone_cloudtrail_s3_bucket/default.tfvars b/components/landing_zone_cloudtrail_s3_bucket/default.tfvars new file mode 100644 index 0000000..fa24c3c --- /dev/null +++ b/components/landing_zone_cloudtrail_s3_bucket/default.tfvars @@ -0,0 +1,6 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_cloudtrail_s3_bucket_name = "data-lake-cloudtrail" +landing_zone_cloudtrail_s3_bucket_versioning = true diff --git a/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfimport b/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfimport new file mode 100644 index 0000000..5f14ab2 --- /dev/null +++ b/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfimport @@ -0,0 +1 @@ +landing_zone_cloudtrail_s3_bucket_policy,aws_s3_bucket_policy.landing_zone_cloudtrail_s3_bucket_policy,data-lake-cloudtrail diff --git a/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfvars b/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfvars new file mode 100644 index 0000000..a5856ad --- /dev/null +++ b/components/landing_zone_cloudtrail_s3_bucket_policy/default.tfvars @@ -0,0 +1,3 @@ +landing_zone_providers = [ + "default" +] diff --git a/components/landing_zone_code_build/default.tfvars b/components/landing_zone_code_build/default.tfvars new file mode 100644 index 0000000..4352bae --- /dev/null +++ b/components/landing_zone_code_build/default.tfvars @@ -0,0 +1,10 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_build_name = "AWS-Landing-Zone-CodeBuild" +landing_zone_code_build_artifacts_type = "CODEPIPELINE" +landing_zone_code_build_source_type = "CODEPIPELINE" +landing_zone_code_build_environment_compute_type = "BUILD_GENERAL1_SMALL" +landing_zone_code_build_environment_image = "aws/codebuild/nodejs:8.11.0" +landing_zone_code_build_environment_type = "LINUX_CONTAINER" diff --git a/components/landing_zone_code_build_role/default.tfvars b/components/landing_zone_code_build_role/default.tfvars new file mode 100644 index 0000000..a86d8e4 --- /dev/null +++ b/components/landing_zone_code_build_role/default.tfvars @@ -0,0 +1,8 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_build_role_name = "LandingZoneCodeBuildRole" +landing_zone_code_build_role_description = "Managed by TerraHub" +landing_zone_code_build_role_force_detach_policies = false +landing_zone_code_build_role_path = "/" diff --git a/components/landing_zone_code_build_role_policy/default.tfvars b/components/landing_zone_code_build_role_policy/default.tfvars new file mode 100644 index 0000000..8811ffd --- /dev/null +++ b/components/landing_zone_code_build_role_policy/default.tfvars @@ -0,0 +1,5 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_build_role_policy_name = "AWS-Landing-Zone-CodePipeline-Policy" diff --git a/components/landing_zone_code_pipeline/default.tfvars b/components/landing_zone_code_pipeline/default.tfvars new file mode 100644 index 0000000..c78d93d --- /dev/null +++ b/components/landing_zone_code_pipeline/default.tfvars @@ -0,0 +1,5 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_pipeline_name = "AWS-Landing-Zone-CodePipeline" diff --git a/components/landing_zone_code_pipeline_role/default.tfvars b/components/landing_zone_code_pipeline_role/default.tfvars new file mode 100644 index 0000000..97aaab6 --- /dev/null +++ b/components/landing_zone_code_pipeline_role/default.tfvars @@ -0,0 +1,8 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_pipeline_role_name = "LandingZoneCodePipelineRole" +landing_zone_code_pipeline_role_description = "Managed by TerraHub" +landing_zone_code_pipeline_role_force_detach_policies = false +landing_zone_code_pipeline_role_path = "/" diff --git a/components/landing_zone_code_pipeline_role_policy/default.tfvars b/components/landing_zone_code_pipeline_role_policy/default.tfvars new file mode 100644 index 0000000..f139829 --- /dev/null +++ b/components/landing_zone_code_pipeline_role_policy/default.tfvars @@ -0,0 +1,5 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_code_pipeline_role_policy_name = "AWS-Landing-Zone-CodePipeline-Policy" diff --git a/components/landing_zone_config_aggregate_authorization/.terrahub.yml b/components/landing_zone_config_aggregate_authorization/.terrahub.yml index 4daf85b..eef70d6 100644 --- a/components/landing_zone_config_aggregate_authorization/.terrahub.yml +++ b/components/landing_zone_config_aggregate_authorization/.terrahub.yml @@ -2,27 +2,27 @@ component: name: landing_zone_config_configuration_aggregator template: locals: - elements_config_configuration_aggregator_tag_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_aggregator_tags_resource"] - elements_config_configuration_aggregator_map: >- + elements_landing_zone_config_configuration_aggregator_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_aggregator_tags"] + elements_landing_zone_config_configuration_aggregator_map: >- var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_aggregator_resource"] resource: aws_config_configuration_aggregator: landing_zone_config_configuration_aggregator: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_aggregator_tags_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_aggregator_tags"]) name: >- - local.elements_config_configuration_aggregator_map["config_${count.index}"]["name"] + local.elements_landing_zone_config_configuration_aggregator_map["config_${count.index}"]["name"] account_aggregation_source: account_ids: >- split("|", - local.elements_config_configuration_aggregator_map["config_${count.index}"]["account_ids"]) + local.elements_landing_zone_config_configuration_aggregator_map["config_${count.index}"]["account_ids"]) regions: >- split("|", - local.elements_config_configuration_aggregator_map["config_${count.index}"]["regions"]) + local.elements_landing_zone_config_configuration_aggregator_map["config_${count.index}"]["regions"]) tags: >- - local.elements_config_configuration_aggregator_tag_map["config_${count.index}"] + local.elements_landing_zone_config_configuration_aggregator_tags_map["config_${count.index}"] output: arns: value: >- diff --git a/components/landing_zone_config_aggregate_authorization/default.tfvars b/components/landing_zone_config_aggregate_authorization/default.tfvars new file mode 100644 index 0000000..2688968 --- /dev/null +++ b/components/landing_zone_config_aggregate_authorization/default.tfvars @@ -0,0 +1,14 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_aggregate_authorization_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Configuration Aggregator Auth" + } + } +} diff --git a/components/landing_zone_config_config_rule/.terrahub.yml b/components/landing_zone_config_config_rule/.terrahub.yml index b7a6307..f92c513 100644 --- a/components/landing_zone_config_config_rule/.terrahub.yml +++ b/components/landing_zone_config_config_rule/.terrahub.yml @@ -2,25 +2,27 @@ component: name: landing_zone_config_config_rule template: locals: - elements_config_rule_tag_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_rule_tags_resource"] - elements_config_rule_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_rule_resource"] + elements_landing_zone_config_config_rule_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_config_rule_tags"] + elements_landing_zone_config_config_rule_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_config_rule_resource"] resource: aws_config_config_rule: landing_zone_config_config_rule: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_rule_resource"]) - name: 'local.elements_config_rule_map["config_${count.index}"]["name"]' + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_config_rule_resource"]) + name: >- + local.elements_landing_zone_config_config_rule_map["config_${count.index}"]["name"] description: >- - local.elements_config_rule_map["config_${count.index}"]["description"] + local.elements_landing_zone_config_config_rule_map["config_${count.index}"]["description"] source: owner: >- - local.elements_config_rule_map["config_${count.index}"]["source_owner"] + local.elements_landing_zone_config_config_rule_map["config_${count.index}"]["source_owner"] source_identifier: >- - local.elements_config_rule_map["config_${count.index}"]["source_identifier"] - tags: 'local.elements_config_rule_tag_map["config_${count.index}"]' + local.elements_landing_zone_config_config_rule_map["config_${count.index}"]["source_identifier"] + tags: >- + local.elements_landing_zone_config_config_rule_tags_map["config_${count.index}"] output: arns: value: >- diff --git a/components/landing_zone_config_config_rule/default.tfvars b/components/landing_zone_config_config_rule/default.tfvars new file mode 100644 index 0000000..96502e9 --- /dev/null +++ b/components/landing_zone_config_config_rule/default.tfvars @@ -0,0 +1,22 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_config_rule_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Config Rule" + } + }, + landing_zone_config_config_rule_resource = { + config_0 = { + name = "Landing Zone Config Rule" + description = "Description" + source_owner = "AWS" + source_identifier = "S3_BUCKET_VERSIONING_ENABLED" + } + } +} diff --git a/components/landing_zone_config_configuration_aggregator/.terrahub.yml b/components/landing_zone_config_configuration_aggregator/.terrahub.yml index 2293d04..7d8497a 100644 --- a/components/landing_zone_config_configuration_aggregator/.terrahub.yml +++ b/components/landing_zone_config_configuration_aggregator/.terrahub.yml @@ -2,18 +2,18 @@ component: name: landing_zone_config_aggregate_authorization template: locals: - elements_config_aggregate_authorization_tag_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_aggregate_authorization_tags_resource"] + elements_config_aggregate_authorization_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_aggregate_authorization_tags"] resource: aws_config_aggregate_authorization: landing_zone_config_aggregate_authorization: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_aggregate_authorization_tags_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_aggregate_authorization_tags"]) account_id: 'var.${tfvar.terrahub["landing_zone_providers"]["0"]}_account_id' region: 'var.${tfvar.terrahub["landing_zone_providers"]["0"]}_region' tags: >- - local.elements_config_aggregate_authorization_tag_map["config_${count.index}"] + local.elements_config_aggregate_authorization_tags_map["config_${count.index}"] output: arns: value: >- diff --git a/components/landing_zone_config_configuration_aggregator/default.tfvars b/components/landing_zone_config_configuration_aggregator/default.tfvars new file mode 100644 index 0000000..147e904 --- /dev/null +++ b/components/landing_zone_config_configuration_aggregator/default.tfvars @@ -0,0 +1,21 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_configuration_aggregator_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Configuration Aggregator" + } + }, + landing_zone_config_configuration_aggregator_resource = { + config_0 = { + name = "Landing Zone Configuration Aggregator" + account_ids = "123456789012" + regions = "us-east-1" + } + } +} diff --git a/components/landing_zone_config_configuration_recorder/.terrahub.yml b/components/landing_zone_config_configuration_recorder/.terrahub.yml index ca20ec9..23848b4 100644 --- a/components/landing_zone_config_configuration_recorder/.terrahub.yml +++ b/components/landing_zone_config_configuration_recorder/.terrahub.yml @@ -2,18 +2,18 @@ component: name: landing_zone_config_configuration_recorder template: locals: - config_configuration_recorder_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_configuration_recorder_resource"] + elements_landing_zone_config_configuration_recorder_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_recorder_resource"] resource: aws_config_configuration_recorder: landing_zone_config_configuration_recorder: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_configuration_recorder_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_recorder_resource"]) name: >- - local.config_configuration_recorder_map["config_${count.index}"]["name"] + local.elements_landing_zone_config_configuration_recorder_map["config_${count.index}"]["name"] role_arn: >- - arn:aws:iam::${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_account_id}::role/${local.config_configuration_recorder_map["config_${count.index}"]["role_name"]} + arn:aws:iam::${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_account_id}::role/${local.elements_landing_zone_config_configuration_recorder_map["config_${count.index}"]["role_name"]} output: ids: value: >- diff --git a/components/landing_zone_config_configuration_recorder/default.tfvars b/components/landing_zone_config_configuration_recorder/default.tfvars new file mode 100644 index 0000000..bbf3fc7 --- /dev/null +++ b/components/landing_zone_config_configuration_recorder/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_configuration_recorder_resource = { + config_0 = { + name = "default " + role_name = "rolename" + } + } +} diff --git a/components/landing_zone_config_configuration_recorder_status/.terrahub.yml b/components/landing_zone_config_configuration_recorder_status/.terrahub.yml index ab52ae8..ced04ad 100644 --- a/components/landing_zone_config_configuration_recorder_status/.terrahub.yml +++ b/components/landing_zone_config_configuration_recorder_status/.terrahub.yml @@ -4,15 +4,15 @@ component: - landing_zone_config_configuration_recorder template: locals: - config_configuration_recorder_status_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_configuration_recorder_status_resource"] + elements_landing_zone_config_configuration_recorder_status_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_recorder_status_resource"] resource: aws_config_configuration_recorder_status: landing_zone_config_configuration_recorder_status: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_configuration_recorder_status_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_configuration_recorder_status_resource"]) name: >- - local.config_configuration_recorder_status_map["config_${count.index}"]["name"] + local.elements_landing_zone_config_configuration_recorder_status_map["config_${count.index}"]["name"] is_enabled: >- - tobool(local.config_configuration_recorder_status_map["config_${count.index}"]["is_enabled"]) + tobool(local.elements_landing_zone_config_configuration_recorder_status_map["config_${count.index}"]["is_enabled"]) diff --git a/components/landing_zone_config_configuration_recorder_status/default.tfvars b/components/landing_zone_config_configuration_recorder_status/default.tfvars new file mode 100644 index 0000000..08e58a9 --- /dev/null +++ b/components/landing_zone_config_configuration_recorder_status/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_configuration_recorder_status_resource = { + config_0 = { + name = "default" + is_enabled = true + } + } +} diff --git a/components/landing_zone_config_delivery_channel/.terrahub.yml b/components/landing_zone_config_delivery_channel/.terrahub.yml index cabc20c..ee0e968 100644 --- a/components/landing_zone_config_delivery_channel/.terrahub.yml +++ b/components/landing_zone_config_delivery_channel/.terrahub.yml @@ -2,17 +2,18 @@ component: name: landing_zone_config_delivery_channel template: locals: - config_delivery_channel_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_delivery_channel_resource"] + elements_landing_zone_config_delivery_channel_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_delivery_channel_resource"] resource: aws_config_delivery_channel: landing_zone_config_delivery_channel: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_delivery_channel_resource"]) - name: 'local.config_delivery_channel_map["config_${count.index}"]["name"]' + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_delivery_channel_resource"]) + name: >- + local.elements_landing_zone_config_delivery_channel_map["config_${count.index}"]["name"] s3_bucket_name: >- - local.config_delivery_channel_map["config_${count.index}"]["s3_bucket_name"] + local.elements_landing_zone_config_delivery_channel_map["config_${count.index}"]["s3_bucket_name"] output: ids: value: >- diff --git a/components/landing_zone_config_delivery_channel/default.tfvars b/components/landing_zone_config_delivery_channel/default.tfvars new file mode 100644 index 0000000..75a42f6 --- /dev/null +++ b/components/landing_zone_config_delivery_channel/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_delivery_channel_resource = { + config_0 = { + name = "Landing-Zone-Delivery-Channel" + s3_bucket_name = "awsconfig-bucket" + } + } +} diff --git a/components/landing_zone_config_organization_custom_rule/.terrahub.yml b/components/landing_zone_config_organization_custom_rule/.terrahub.yml index 120ba56..4329411 100644 --- a/components/landing_zone_config_organization_custom_rule/.terrahub.yml +++ b/components/landing_zone_config_organization_custom_rule/.terrahub.yml @@ -2,21 +2,21 @@ component: name: landing_zone_config_organization_custom_rule template: locals: - config_organization_custom_rule_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_organization_custom_rule_resource"] + elements_landing_zone_config_organization_custom_rule_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_organization_custom_rule_resource"] resource: aws_config_organization_custom_rule: landing_zone_config_organization_custom_rule: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_organization_custom_rule_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_organization_custom_rule_resource"]) name: >- - local.config_organization_custom_rule_map["config_${count.index}"]["name"] + local.elements_landing_zone_config_organization_custom_rule_map["config_${count.index}"]["name"] lambda_function_arn: >- - arn:aws:lambda:${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_region}:${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_account_id}:function:${local.config_organization_custom_rule_map["config_${count.index}"]["lambda_function_name"]} + arn:aws:lambda:${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_region}:${var.${tfvar.terrahub["landing_zone_providers"]["0"]}_account_id}:function:${local.elements_landing_zone_config_organization_custom_rule_map["config_${count.index}"]["lambda_function_name"]} trigger_types: >- split("|", - local.config_organization_custom_rule_map["config_${count.index}"]["trigger_types"]) + local.elements_landing_zone_config_organization_custom_rule_map["config_${count.index}"]["trigger_types"]) output: arns: value: >- diff --git a/components/landing_zone_config_organization_custom_rule/default.tfvars b/components/landing_zone_config_organization_custom_rule/default.tfvars new file mode 100644 index 0000000..1b760df --- /dev/null +++ b/components/landing_zone_config_organization_custom_rule/default.tfvars @@ -0,0 +1,13 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_organization_custom_rule_resource = { + config_0 = { + name = "LandingZoneCustomRule" + lambda_function_name = "LandingZoneLambda" + trigger_types = "ConfigurationItemChangeNotification" + } + } +} diff --git a/components/landing_zone_config_organization_managed_rule/.terrahub.yml b/components/landing_zone_config_organization_managed_rule/.terrahub.yml index 1b188b7..764ec9b 100644 --- a/components/landing_zone_config_organization_managed_rule/.terrahub.yml +++ b/components/landing_zone_config_organization_managed_rule/.terrahub.yml @@ -2,18 +2,18 @@ component: name: landing_zone_config_organization_managed_rule template: locals: - config_organization_managed_rule_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_organization_managed_rule_resource"] + elements_landing_zone_config_organization_managed_rule_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_organization_managed_rule_resource"] resource: aws_config_organization_managed_rule: landing_zone_config_organization_managed_rule: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["config_organization_managed_rule_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_config_organization_managed_rule_resource"]) name: >- - local.config_organization_managed_rule_map["config_${count.index}"]["name"] + local.elements_landing_zone_config_organization_managed_rule_map["config_${count.index}"]["name"] rule_identifier: >- - local.config_organization_managed_rule_map["config_${count.index}"]["rule_identifier"] + local.elements_landing_zone_config_organization_managed_rule_map["config_${count.index}"]["rule_identifier"] output: arns: value: >- diff --git a/components/landing_zone_config_organization_managed_rule/default.tfvars b/components/landing_zone_config_organization_managed_rule/default.tfvars new file mode 100644 index 0000000..70bb08f --- /dev/null +++ b/components/landing_zone_config_organization_managed_rule/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_config_organization_managed_rule_resource = { + config_0 = { + name = "LandingZoneManagedRule" + rule_identifier = "AWS_RULE_IDENTIFIER" + } + } +} diff --git a/components/landing_zone_directory_service_directory/default.tfimport b/components/landing_zone_directory_service_directory/default.tfimport new file mode 100644 index 0000000..0e3aec0 --- /dev/null +++ b/components/landing_zone_directory_service_directory/default.tfimport @@ -0,0 +1 @@ +landing_zone_directory_service_directory,aws_directory_service_directory.landing_zone_directory_service_directory,[id] diff --git a/components/landing_zone_directory_service_directory/default.tfvars b/components/landing_zone_directory_service_directory/default.tfvars new file mode 100644 index 0000000..f5d902d --- /dev/null +++ b/components/landing_zone_directory_service_directory/default.tfvars @@ -0,0 +1,27 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_subnet_data = { + config_0 = { + availability_zone = "us-east-1a" + }, + config_1 = { + availability_zone = "us-east-1b" + } + }, + landing_zone_directory_service_resource = { + config_0 = { + name = "corp.mycompany.com" + short_name = "CORP" + password = "" + alias = "mycompany" + description = "My Company Group Active Directory" + edition = "Standard" + enable_sso = "false" + size = "Small" + type = "MicrosoftAD" + } + } +} diff --git a/components/landing_zone_eip/default.tfimport b/components/landing_zone_eip/default.tfimport new file mode 100644 index 0000000..baa63ca --- /dev/null +++ b/components/landing_zone_eip/default.tfimport @@ -0,0 +1 @@ +landing_zone_eip,aws_eip.landing_zone_eip,[ip] diff --git a/components/landing_zone_eip/default.tfvars b/components/landing_zone_eip/default.tfvars new file mode 100644 index 0000000..e58ff85 --- /dev/null +++ b/components/landing_zone_eip/default.tfvars @@ -0,0 +1,19 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_eip_tags_resource = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Elastic IP" + } + }, + landing_zone_eip_resource = { + config_0 = { + vpc = "true" + } + } +} diff --git a/components/landing_zone_gateway_cgw/default.tfvars b/components/landing_zone_gateway_cgw/default.tfvars new file mode 100644 index 0000000..f4616bc --- /dev/null +++ b/components/landing_zone_gateway_cgw/default.tfvars @@ -0,0 +1,21 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_gateway_cgw_tags_element = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Customer Gateway" + } + }, + landing_zone_gateway_cgw_resource = { + config_0 = { + bgp_asn = 65000 + ip_address = "172.83.124.10" + type = "ipsec.1" + } + } +} diff --git a/components/landing_zone_gateway_igw/.terrahub.yml b/components/landing_zone_gateway_igw/.terrahub.yml index 9e5561c..cef4fed 100644 --- a/components/landing_zone_gateway_igw/.terrahub.yml +++ b/components/landing_zone_gateway_igw/.terrahub.yml @@ -6,8 +6,8 @@ component: locals: elements_landing_zone_vpc_data_map: >- var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_vpc_data"] - elements_landing_zone_gateway_igw_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_igw_resource"] + elements_landing_zone_gateway_igw_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_igw_tags"] data: aws_vpc: vpc_selected: @@ -21,9 +21,10 @@ component: landing_zone_gateway_igw: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_igw_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_igw_tags"]) vpc_id: 'element(data.aws_vpc.vpc_selected.*.id, count.index)' - tags: 'local.elements_landing_zone_gateway_igw_map["config_${count.index}"]' + tags: >- + local.elements_landing_zone_gateway_igw_tags_map["config_${count.index}"] output: ids: value: >- diff --git a/components/landing_zone_gateway_igw/default.tfimport b/components/landing_zone_gateway_igw/default.tfimport new file mode 100644 index 0000000..134d2fb --- /dev/null +++ b/components/landing_zone_gateway_igw/default.tfimport @@ -0,0 +1 @@ +landing_zone_gateway_igw,aws_internet_gateway.landing_zone_gateway_igw,[id] diff --git a/components/landing_zone_gateway_igw/default.tfvars b/components/landing_zone_gateway_igw/default.tfvars new file mode 100644 index 0000000..e995a70 --- /dev/null +++ b/components/landing_zone_gateway_igw/default.tfvars @@ -0,0 +1,19 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_igw_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Internet Gateway" + } + } +} diff --git a/components/landing_zone_gateway_nat/.terrahub.yml b/components/landing_zone_gateway_nat/.terrahub.yml index bd8e26c..bf978e2 100644 --- a/components/landing_zone_gateway_nat/.terrahub.yml +++ b/components/landing_zone_gateway_nat/.terrahub.yml @@ -11,8 +11,8 @@ component: var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_subnet_data"] elements_landing_zone_eip_data_map: >- var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_eip_data"] - elements_landing_zone_gateway_nat_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_nat_resource"] + elements_landing_zone_gateway_nat_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_nat_tags"] data: aws_vpc: vpc_selected: @@ -41,10 +41,11 @@ component: landing_zone_gateway_nat: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_nat_resource"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_gateway_nat_tags"]) allocation_id: 'element(data.aws_eip.eip_selected.*.id, count.index)' subnet_id: 'element(data.aws_subnet.subnet_selected.*.id, count.index)' - tags: 'local.elements_landing_zone_gateway_nat_map["config_${count.index}"]' + tags: >- + local.elements_landing_zone_gateway_nat_tags_map["config_${count.index}"] output: ids: value: >- diff --git a/components/landing_zone_gateway_nat/default.tfimport b/components/landing_zone_gateway_nat/default.tfimport new file mode 100644 index 0000000..9808f7f --- /dev/null +++ b/components/landing_zone_gateway_nat/default.tfimport @@ -0,0 +1 @@ +landing_zone_gateway_nat,aws_nat_gateway.landing_zone_gateway_nat,[id] diff --git a/components/landing_zone_gateway_nat/default.tfvars b/components/landing_zone_gateway_nat/default.tfvars new file mode 100644 index 0000000..4150683 --- /dev/null +++ b/components/landing_zone_gateway_nat/default.tfvars @@ -0,0 +1,41 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24" + }, + config_1 = { + cidr_block = "172.16.0.0/24" + } + }, + landing_zone_eip_data = { + config_0 = { + public_ip = "" + }, + config_1 = { + public_ip = "" + } + }, + landing_zone_gateway_nat_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Gateway NAT" + }, + config_1 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Gateway NAT" + } + } +} diff --git a/components/landing_zone_gateway_tgw/default.tfvars b/components/landing_zone_gateway_tgw/default.tfvars new file mode 100644 index 0000000..c7fd37f --- /dev/null +++ b/components/landing_zone_gateway_tgw/default.tfvars @@ -0,0 +1,25 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_gateway_tgw_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Transit Gateway" + } + }, + landing_zone_gateway_tgw_resource = { + config_0 = { + amazon_side_asn = 64512 + auto_accept_shared_attachments = "disable" + default_route_table_association = "disable" + default_route_table_propagation = "disable" + description = "Landing Zone Transit Gateway" + dns_support = "disable" + vpn_ecmp_support = "disable" + } + } +} diff --git a/components/landing_zone_gateway_vgw/default.tfvars b/components/landing_zone_gateway_vgw/default.tfvars new file mode 100644 index 0000000..a360069 --- /dev/null +++ b/components/landing_zone_gateway_vgw/default.tfvars @@ -0,0 +1,24 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_vgw_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Customer Gateway" + } + }, + landing_zone_gateway_vgw_resource = { + config_0 = { + availability_zone = "us-east-1c" + } + } +} diff --git a/components/landing_zone_iam_instance_profile/default.tfimport b/components/landing_zone_iam_instance_profile/default.tfimport new file mode 100644 index 0000000..a5b19ca --- /dev/null +++ b/components/landing_zone_iam_instance_profile/default.tfimport @@ -0,0 +1 @@ +landing_zone_iam_instance_profile,aws_iam_instance_profile.landing_zone_iam_instance_profile,Landing_Zone_IAM_profile diff --git a/components/landing_zone_iam_instance_profile/default.tfvars b/components/landing_zone_iam_instance_profile/default.tfvars new file mode 100644 index 0000000..1d7b2f1 --- /dev/null +++ b/components/landing_zone_iam_instance_profile/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_iam_instance_profile_resource = { + config_0 = { + name = "Landing_Zone_IAM_profile" + role = "Role" + } + } +} diff --git a/components/landing_zone_iam_policy/default.tfimport b/components/landing_zone_iam_policy/default.tfimport new file mode 100644 index 0000000..a5a1440 --- /dev/null +++ b/components/landing_zone_iam_policy/default.tfimport @@ -0,0 +1 @@ +landing_zone_iam_policy,aws_iam_policy.landing_zone_iam_policy,arn:aws:iam::123456789012:policy/LandingZoneIAMPolicy diff --git a/components/landing_zone_iam_policy/default.tfvars b/components/landing_zone_iam_policy/default.tfvars new file mode 100644 index 0000000..184a929 --- /dev/null +++ b/components/landing_zone_iam_policy/default.tfvars @@ -0,0 +1,27 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_iam_policy_resource = { + config_0 = { + name = "LandingZoneIAMPolicy" + description = "Managed By TerraHub" + path = "/" + policy = <- - s3://terraform-aws-landing-zone/mycompany/landing_zone_iam_saml_provider/saml-metadata/ + s3://terraform-aws-landing-zone/components/landing_zone_iam_saml_provider/saml-metadata/ LZ_LOCAL_PATH: saml-metadata phases: pre_build: diff --git a/components/landing_zone_iam_saml_provider/default.tfimport b/components/landing_zone_iam_saml_provider/default.tfimport new file mode 100644 index 0000000..b4658da --- /dev/null +++ b/components/landing_zone_iam_saml_provider/default.tfimport @@ -0,0 +1 @@ +landing_zone_iam_saml_provider,aws_iam_saml_provider.landing_zone_iam_saml_provider,arn:aws:iam::123456789012:saml-provider/saml diff --git a/components/landing_zone_iam_saml_provider/default.tfvars b/components/landing_zone_iam_saml_provider/default.tfvars new file mode 100644 index 0000000..e2e8cc6 --- /dev/null +++ b/components/landing_zone_iam_saml_provider/default.tfvars @@ -0,0 +1,11 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_iam_saml_provider_resource = { + config_0 = { + name = "saml" + } + } +} diff --git a/components/landing_zone_network_acl/default.tfimport b/components/landing_zone_network_acl/default.tfimport new file mode 100644 index 0000000..0563748 --- /dev/null +++ b/components/landing_zone_network_acl/default.tfimport @@ -0,0 +1 @@ +landing_zone_network_acl,aws_network_acl.landing_zone_network_acl,[id] diff --git a/components/landing_zone_network_acl/default.tfvars b/components/landing_zone_network_acl/default.tfvars new file mode 100644 index 0000000..5ebd0cd --- /dev/null +++ b/components/landing_zone_network_acl/default.tfvars @@ -0,0 +1,25 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24|172.16.0.0/24" + subnets_from_index = "0" + subnets_to_index = "2" + } + }, + landing_zone_network_acl_resource = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + } + } +} diff --git a/components/landing_zone_network_acl_rules/default.tfvars b/components/landing_zone_network_acl_rules/default.tfvars new file mode 100644 index 0000000..2baab5e --- /dev/null +++ b/components/landing_zone_network_acl_rules/default.tfvars @@ -0,0 +1,20 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_network_acl_rule_resource = { + config_0 = { + rule_number = "100" + protocol = "-1" + rule_action = "allow" + egress = "false" + cidr_block = "0.0.0.0/0" + } + } +} diff --git a/components/landing_zone_organization/default.tfimport b/components/landing_zone_organization/default.tfimport new file mode 100644 index 0000000..6013fdf --- /dev/null +++ b/components/landing_zone_organization/default.tfimport @@ -0,0 +1 @@ +landing_zone_organization,aws_organizations_organization.landing_zone_organization,[id] diff --git a/components/landing_zone_organization/default.tfvars b/components/landing_zone_organization/default.tfvars new file mode 100644 index 0000000..535df63 --- /dev/null +++ b/components/landing_zone_organization/default.tfvars @@ -0,0 +1,12 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_organization_feature_set = "ALL" +landing_zone_organization_service_access_principals = [ + "cloudtrail.amazonaws.com", + "config.amazonaws.com" +] +landing_zone_organization_enabled_policy_types = [ + "SERVICE_CONTROL_POLICY" +] diff --git a/components/landing_zone_organization_accounts/default.tfimport b/components/landing_zone_organization_accounts/default.tfimport new file mode 100644 index 0000000..bc645b5 --- /dev/null +++ b/components/landing_zone_organization_accounts/default.tfimport @@ -0,0 +1 @@ +landing_zone_organization_accounts,aws_organizations_account.landing_zone_organization_accounts,[aws_account_id] diff --git a/components/landing_zone_organization_accounts/default.tfvars b/components/landing_zone_organization_accounts/default.tfvars new file mode 100644 index 0000000..c5db11b --- /dev/null +++ b/components/landing_zone_organization_accounts/default.tfvars @@ -0,0 +1,6 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_organization_accounts_names = [] +landing_zone_organization_accounts_emails = [] diff --git a/components/landing_zone_organization_policy/default.tfvars b/components/landing_zone_organization_policy/default.tfvars new file mode 100644 index 0000000..baccfb3 --- /dev/null +++ b/components/landing_zone_organization_policy/default.tfvars @@ -0,0 +1,5 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_organization_policy_name = "LandingZoneOrganizationPolicy" diff --git a/components/landing_zone_organization_policy_attachment/default.tfvars b/components/landing_zone_organization_policy_attachment/default.tfvars new file mode 100644 index 0000000..a5856ad --- /dev/null +++ b/components/landing_zone_organization_policy_attachment/default.tfvars @@ -0,0 +1,3 @@ +landing_zone_providers = [ + "default" +] diff --git a/components/landing_zone_organization_unit/default.tfvars b/components/landing_zone_organization_unit/default.tfvars new file mode 100644 index 0000000..9c9177e --- /dev/null +++ b/components/landing_zone_organization_unit/default.tfvars @@ -0,0 +1,5 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_organization_unit_name = "LandingZone" diff --git a/components/landing_zone_pipeline_artifact_s3_bucket/default.tfvars b/components/landing_zone_pipeline_artifact_s3_bucket/default.tfvars new file mode 100644 index 0000000..54e88ef --- /dev/null +++ b/components/landing_zone_pipeline_artifact_s3_bucket/default.tfvars @@ -0,0 +1,7 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_pipeline_artifact_s3_bucket_name = "aws-landing-zone-configuration-artifact" +landing_zone_pipeline_artifact_s3_bucket_versioning = true +landing_zone_pipeline_artifact_s3_bucket_sse_algorithm = "AES256" diff --git a/components/landing_zone_pipeline_s3_bucket/default.tfvars b/components/landing_zone_pipeline_s3_bucket/default.tfvars new file mode 100644 index 0000000..ba301c4 --- /dev/null +++ b/components/landing_zone_pipeline_s3_bucket/default.tfvars @@ -0,0 +1,6 @@ +landing_zone_providers = [ + "default" +] + +landing_zone_pipeline_s3_bucket_name = "aws-landing-zone-configuration" +landing_zone_pipeline_s3_bucket_versioning = true diff --git a/components/landing_zone_route/default.tfimport b/components/landing_zone_route/default.tfimport new file mode 100644 index 0000000..e81ae28 --- /dev/null +++ b/components/landing_zone_route/default.tfimport @@ -0,0 +1 @@ +landing_zone_route,aws_route.landing_zone_route,[id]_172.16.0.0/16 diff --git a/components/landing_zone_route/default.tfvars b/components/landing_zone_route/default.tfvars new file mode 100644 index 0000000..5506ed6 --- /dev/null +++ b/components/landing_zone_route/default.tfvars @@ -0,0 +1,21 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24" + } + }, + landing_zone_route_resource = { + config_0 = { + destination_cidr_block = "172.16.0.0/16" + } + } +} diff --git a/components/landing_zone_route_igw/default.tfimport b/components/landing_zone_route_igw/default.tfimport new file mode 100644 index 0000000..13d8048 --- /dev/null +++ b/components/landing_zone_route_igw/default.tfimport @@ -0,0 +1 @@ +landing_zone_route_igw,aws_route.landing_zone_route_igw,[id]_0.0.0.0/0 diff --git a/components/landing_zone_route_igw/default.tfvars b/components/landing_zone_route_igw/default.tfvars new file mode 100644 index 0000000..0bfc775 --- /dev/null +++ b/components/landing_zone_route_igw/default.tfvars @@ -0,0 +1,21 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24" + } + }, + landing_zone_route_igw_resource = { + config_0 = { + destination_cidr_block = "0.0.0.0/0" + } + } +} diff --git a/components/landing_zone_route_ipv6/default.tfimport b/components/landing_zone_route_ipv6/default.tfimport new file mode 100644 index 0000000..7f1b910 --- /dev/null +++ b/components/landing_zone_route_ipv6/default.tfimport @@ -0,0 +1 @@ +landing_zone_route_ipv6,aws_route.landing_zone_route_ipv6,[id]_[ipv6_cidr] diff --git a/components/landing_zone_route_ipv6/default.tfvars b/components/landing_zone_route_ipv6/default.tfvars new file mode 100644 index 0000000..a5856ad --- /dev/null +++ b/components/landing_zone_route_ipv6/default.tfvars @@ -0,0 +1,3 @@ +landing_zone_providers = [ + "default" +] diff --git a/components/landing_zone_route_pcx/default.tfimport b/components/landing_zone_route_pcx/default.tfimport new file mode 100644 index 0000000..82a3eb9 --- /dev/null +++ b/components/landing_zone_route_pcx/default.tfimport @@ -0,0 +1 @@ +landing_zone_route_pcx,aws_route.landing_zone_route_pcx,[id]_[ipv4_cidr] diff --git a/components/landing_zone_route_pcx/default.tfvars b/components/landing_zone_route_pcx/default.tfvars new file mode 100644 index 0000000..a5856ad --- /dev/null +++ b/components/landing_zone_route_pcx/default.tfvars @@ -0,0 +1,3 @@ +landing_zone_providers = [ + "default" +] diff --git a/components/landing_zone_route_table/default.tfimport b/components/landing_zone_route_table/default.tfimport new file mode 100644 index 0000000..942fbc7 --- /dev/null +++ b/components/landing_zone_route_table/default.tfimport @@ -0,0 +1 @@ +landing_zone_route_table,aws_route_table.landing_zone_route_table,[id] diff --git a/components/landing_zone_route_table/default.tfvars b/components/landing_zone_route_table/default.tfvars new file mode 100644 index 0000000..617c968 --- /dev/null +++ b/components/landing_zone_route_table/default.tfvars @@ -0,0 +1,19 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_route_table_tags = { + config_0 = { + Name = "Landing Zone Route Table" + } + }, + landing_zone_route_table_resource = { + config_0 = {} + } +} diff --git a/components/landing_zone_route_table_association/default.tfimport b/components/landing_zone_route_table_association/default.tfimport new file mode 100644 index 0000000..c468bf9 --- /dev/null +++ b/components/landing_zone_route_table_association/default.tfimport @@ -0,0 +1 @@ +landing_zone_route_table_association,aws_route_table_association.landing_zone_route_table_association,[subnet_id]/[rtb_id] diff --git a/components/landing_zone_route_table_association/default.tfvars b/components/landing_zone_route_table_association/default.tfvars new file mode 100644 index 0000000..1330e9d --- /dev/null +++ b/components/landing_zone_route_table_association/default.tfvars @@ -0,0 +1,25 @@ +landing_zone_providers = [ + "default", +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24" + }, + config_1 = { + cidr_block = "172.16.0.0/24" + } + }, + landing_zone_route_table_data = { + config_0 = { + filter_tag_name = "Landing Zone Route Table" + filter_association_main = "false" + } + } +} diff --git a/components/landing_zone_route_table_association_tgw/default.tfvars b/components/landing_zone_route_table_association_tgw/default.tfvars new file mode 100644 index 0000000..c84f889 --- /dev/null +++ b/components/landing_zone_route_table_association_tgw/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + } +} diff --git a/components/landing_zone_route_table_tgw/default.tfvars b/components/landing_zone_route_table_tgw/default.tfvars new file mode 100644 index 0000000..72fc5a5 --- /dev/null +++ b/components/landing_zone_route_table_tgw/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + }, + landing_zone_route_table_tgw_tags = { + config_0 = { + Name = "Landing Zone Route Table" + } + } +} diff --git a/components/landing_zone_secretsmanager_secret/.terrahub.yml b/components/landing_zone_secretsmanager_secret/.terrahub.yml index ee84c12..d85aa38 100644 --- a/components/landing_zone_secretsmanager_secret/.terrahub.yml +++ b/components/landing_zone_secretsmanager_secret/.terrahub.yml @@ -2,22 +2,24 @@ component: name: landing_zone_secretsmanager_secret template: locals: - secretsmanager_secret_map: >- + elements_landing_zone_secretsmanager_secret_map: >- var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["secretsmanager_secret_resource"] - secretsmanager_secret_tag_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["secretsmanager_secret_tag_resource"] + elements_landing_zone_secretsmanager_secret_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["secretsmanager_secret_tags"] resource: aws_secretsmanager_secret: landing_zone_secretsmanager_secret: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["secretsmanager_secret_resource"]) - name: 'local.secretsmanager_secret_map["config_${count.index}"]["name"]' + name: >- + local.elements_landing_zone_secretsmanager_secret_map["config_${count.index}"]["name"] description: >- - local.secretsmanager_secret_map["config_${count.index}"]["description"] + local.elements_landing_zone_secretsmanager_secret_map["config_${count.index}"]["description"] recovery_window_in_days: >- - local.secretsmanager_secret_map["config_${count.index}"]["recovery_window_in_days"] - tags: 'local.secretsmanager_secret_tag_map["config_${count.index}"]' + local.elements_landing_zone_secretsmanager_secret_map["config_${count.index}"]["recovery_window_in_days"] + tags: >- + local.elements_landing_zone_secretsmanager_secret_tags_map["config_${count.index}"] output: ids: value: >- diff --git a/components/landing_zone_secretsmanager_secret/default.tfvars b/components/landing_zone_secretsmanager_secret/default.tfvars new file mode 100644 index 0000000..a5856ad --- /dev/null +++ b/components/landing_zone_secretsmanager_secret/default.tfvars @@ -0,0 +1,3 @@ +landing_zone_providers = [ + "default" +] diff --git a/components/landing_zone_security_group/default.tfimport b/components/landing_zone_security_group/default.tfimport new file mode 100644 index 0000000..52d8528 --- /dev/null +++ b/components/landing_zone_security_group/default.tfimport @@ -0,0 +1 @@ +landing_zone_security_group,aws_security_group.landing_zone_security_group,[id] diff --git a/components/landing_zone_security_group/default.tfvars b/components/landing_zone_security_group/default.tfvars new file mode 100644 index 0000000..57eeb79 --- /dev/null +++ b/components/landing_zone_security_group/default.tfvars @@ -0,0 +1,25 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_security_group_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Security Group" + } + } + landing_zone_security_group_resource = { + config_0 = { + name = "landing_zone" + description = "default VPC security group" + } + } +} diff --git a/components/landing_zone_security_group_rule_egress/default.tfimport b/components/landing_zone_security_group_rule_egress/default.tfimport new file mode 100644 index 0000000..c83712c --- /dev/null +++ b/components/landing_zone_security_group_rule_egress/default.tfimport @@ -0,0 +1 @@ +landing_zone_security_group_rule_egress,aws_security_group_rule.landing_zone_security_group_rule_egress,[sg_id]_egress_all_0_0_0.0.0.0/0 diff --git a/components/landing_zone_security_group_rule_egress/default.tfvars b/components/landing_zone_security_group_rule_egress/default.tfvars new file mode 100644 index 0000000..56fe714 --- /dev/null +++ b/components/landing_zone_security_group_rule_egress/default.tfvars @@ -0,0 +1,25 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_security_group_data = { + config_0 = { + name = "landing_zone" + } + }, + landing_zone_security_group_rule_resource = { + config_0 = { + protocol = "all" + from_port = "0" + to_port = "0" + cidr_blocks = "0.0.0.0/0" + self = "false" + } + } +} diff --git a/components/landing_zone_security_group_rule_ingress/default.tfimport b/components/landing_zone_security_group_rule_ingress/default.tfimport new file mode 100644 index 0000000..c6613a9 --- /dev/null +++ b/components/landing_zone_security_group_rule_ingress/default.tfimport @@ -0,0 +1 @@ +landing_zone_security_group_rule_ingress,aws_security_group_rule.landing_zone_security_group_rule_ingress,[sg_id]_ingress_all_0_65536_[sg_id] diff --git a/components/landing_zone_security_group_rule_ingress/default.tfvars b/components/landing_zone_security_group_rule_ingress/default.tfvars new file mode 100644 index 0000000..2ab9fae --- /dev/null +++ b/components/landing_zone_security_group_rule_ingress/default.tfvars @@ -0,0 +1,24 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_security_group_data = { + config_0 = { + name = "landing_zone" + } + }, + landing_zone_security_group_rule_resource = { + config_0 = { + protocol = "all" + from_port = "0" + to_port = "0" + self = "true" + } + } +} diff --git a/components/landing_zone_ssm_activation/.terrahub.yml b/components/landing_zone_ssm_activation/.terrahub.yml new file mode 100644 index 0000000..2c94851 --- /dev/null +++ b/components/landing_zone_ssm_activation/.terrahub.yml @@ -0,0 +1,72 @@ +component: + name: landing_zone_ssm_activation + template: + locals: + elements_landing_zone_ssm_activation_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_activation_tags"] + elements_landing_zone_ssm_activation_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_activation_resource"] + resource: + aws_ssm_activation: + landing_zone_ssm_activation: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_activation_resource"]) + name: >- + local.elements_landing_zone_ssm_activation_map["config_${count.index}"]["name"] + description: >- + local.elements_landing_zone_ssm_activation_map["config_${count.index}"]["description"] + expiration_date: >- + timeadd(timestamp(), + local.elements_landing_zone_ssm_activation_map["config_${count.index}"]["expiration_timeadd"]) + iam_role: >- + local.elements_landing_zone_ssm_activation_map["config_${count.index}"]["iam_role"] + registration_limit: >- + local.elements_landing_zone_ssm_activation_map["config_${count.index}"]["registration_limit"] + tags: >- + local.elements_landing_zone_ssm_activation_tags_map["config_${count.index}"] + output: + ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.id) + thub_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.id) + activation_codes: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.activation_code) + names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.name) + descriptions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.description) + expired: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.expired) + expiration_dates: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.expiration_date) + iam_roles: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.iam_role) + registration_limits: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.registration_limit) + registration_counts: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.registration_count) + landing_zone_ssm_activation_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_activation.landing_zone_ssm_activation.*.id) diff --git a/components/landing_zone_ssm_activation/README.md b/components/landing_zone_ssm_activation/README.md new file mode 100644 index 0000000..9842f98 --- /dev/null +++ b/components/landing_zone_ssm_activation/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_activation +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_activation/default.tfvars b/components/landing_zone_ssm_activation/default.tfvars new file mode 100644 index 0000000..56aa80c --- /dev/null +++ b/components/landing_zone_ssm_activation/default.tfvars @@ -0,0 +1,30 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_activation_resource = { + config_0 = { + name = "MyCompany SSM Activation" + description = "Landing Zone SSM Activation" + expiration_timeadd = "48h" // See [1] + iam_role = "Role_Name" + registration_limit = 1 + } + }, + landing_zone_ssm_activation_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "MyCompany SSM Activation" + } + } +} + +/* +[1] +String representation of a time difference, consisting of sequences of number and unit pairs, like "1.5h" or "1h30m". +The accepted units are "ns", "us" (or "µs"), "ms", "s", "m", and "h". +The first number may be negative to indicate a negative duration, like "-2h5m" +*/ diff --git a/components/landing_zone_ssm_association_by_instance_id/.terrahub.yml b/components/landing_zone_ssm_association_by_instance_id/.terrahub.yml new file mode 100644 index 0000000..ce00701 --- /dev/null +++ b/components/landing_zone_ssm_association_by_instance_id/.terrahub.yml @@ -0,0 +1,74 @@ +component: + name: landing_zone_ssm_association_by_instance_id + template: + locals: + elements_landing_zone_instance_data_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_instance_data"] + elements_landing_zone_ssm_association_by_instance_id_arg_parameters_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_instance_id_resource_arg_parameters"] + elements_landing_zone_ssm_association_by_instance_id_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_instance_id_resource"] + data: + aws_instance: + instance_selected: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_instance_data"]) + filter: + name: 'tag:Name' + values: + - >- + local.elements_landing_zone_instance_data_map["config_${count.index}"]["name"] + resource: + aws_ssm_association: + landing_zone_ssm_association_by_instance_id: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_instance_id_resource"]) + name: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["name"] + association_name: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["association_name"] + document_version: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["document_version"] + instance_id: 'element(data.aws_instance.instance_selected.*.id, count.index)' + output_location: + s3_bucket_name: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["ol_s3_bucket_name"] + s3_key_prefix: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["ol_s3_key_prefix"] + parameters: >- + local.elements_landing_zone_ssm_association_by_instance_id_arg_parameters_map["config_${count.index}"] + schedule_expression: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["schedule_expression"] + compliance_severity: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["compliance_severity"] + max_concurrency: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["max_concurrency"] + max_errors: >- + local.elements_landing_zone_ssm_association_by_instance_id_map["config_${count.index}"]["max_errors"] + output: + association_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.association_id) + instance_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.instance_id) + names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.name) + parameters: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.parameters) + landing_zone_ssm_association_by_instance_id_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.association_id) + landing_zone_ssm_association_by_instance_id_names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_instance_id.*.name) diff --git a/components/landing_zone_ssm_association_by_instance_id/README.md b/components/landing_zone_ssm_association_by_instance_id/README.md new file mode 100644 index 0000000..2c7dd48 --- /dev/null +++ b/components/landing_zone_ssm_association_by_instance_id/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_association_by_instance_id +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_association_by_instance_id/default.tfvars b/components/landing_zone_ssm_association_by_instance_id/default.tfvars new file mode 100644 index 0000000..16be8f1 --- /dev/null +++ b/components/landing_zone_ssm_association_by_instance_id/default.tfvars @@ -0,0 +1,30 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_instance_data = { + config_0 = { + name = "MyCompany's EC2 Instance" + } + }, + landing_zone_ssm_association_by_instance_id_resource = { + config_0 = { + name = "MyCompany SSM Document" + association_name = "" + document_version = "" + schedule_expression = "" + compliance_severity = "LOW" + max_concurrency = 10 + max_errors = 10 + ol_s3_bucket_name = "mycompany-bucket" + ol_s3_key_prefix = "" + } + }, + landing_zone_ssm_association_by_instance_id_resource_arg_parameters = { + config_0 = { + Key = "Value" + # Key = "Value" + } + } +} diff --git a/components/landing_zone_ssm_association_by_targets/.terrahub.yml b/components/landing_zone_ssm_association_by_targets/.terrahub.yml new file mode 100644 index 0000000..2a2aec2 --- /dev/null +++ b/components/landing_zone_ssm_association_by_targets/.terrahub.yml @@ -0,0 +1,66 @@ +component: + name: landing_zone_ssm_association_by_targets + template: + locals: + elements_landing_zone_ssm_association_by_targets_arg_parameters_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_targets_resource_arg_parameters"] + elements_landing_zone_ssm_association_by_targets_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_targets_resource"] + resource: + aws_ssm_association: + landing_zone_ssm_association_by_targets: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_association_by_targets_resource"]) + name: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["name"] + association_name: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["association_name"] + document_version: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["document_version"] + output_location: + s3_bucket_name: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["ol_s3_bucket_name"] + s3_key_prefix: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["ol_s3_key_prefix"] + parameters: >- + local.elements_landing_zone_ssm_association_by_targets_arg_parameters_map["config_${count.index}"] + schedule_expression: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["schedule_expression"] + compliance_severity: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["compliance_severity"] + max_concurrency: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["max_concurrency"] + max_errors: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["max_errors"] + targets: + - key: >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["targets_key_1"] + values: + - >- + local.elements_landing_zone_ssm_association_by_targets_map["config_${count.index}"]["targets_value_1"] + output: + association_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.association_id) + instance_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.instance_id) + names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.name) + parameters: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.parameters) + landing_zone_ssm_association_by_targets_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.association_id) + landing_zone_ssm_association_by_targets_names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_association.landing_zone_ssm_association_by_targets.*.name) diff --git a/components/landing_zone_ssm_association_by_targets/README.md b/components/landing_zone_ssm_association_by_targets/README.md new file mode 100644 index 0000000..682145c --- /dev/null +++ b/components/landing_zone_ssm_association_by_targets/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_association_by_targets +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_association_by_targets/default.tfvars b/components/landing_zone_ssm_association_by_targets/default.tfvars new file mode 100644 index 0000000..6125a6f --- /dev/null +++ b/components/landing_zone_ssm_association_by_targets/default.tfvars @@ -0,0 +1,26 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_association_by_targets_resource = { + config_0 = { + name = "MyCompany SSM Document" + association_name = "" + document_version = "2.2" + schedule_expression = "" + compliance_severity = "LOW" + max_concurrency = 10 + max_errors = 10 + ol_s3_bucket_name = "mycompany-bucket" + ol_s3_key_prefix = "" + targets_key_1 = "Tag:Name" + targets_value_1 = "MyCompany's EC2 Instance" + } + }, + landing_zone_ssm_association_by_targets_resource_arg_parameters = { + config_0 = { + Key = "Value" + } + } +} diff --git a/components/landing_zone_ssm_document/.terrahub.yml b/components/landing_zone_ssm_document/.terrahub.yml new file mode 100644 index 0000000..05e4480 --- /dev/null +++ b/components/landing_zone_ssm_document/.terrahub.yml @@ -0,0 +1,82 @@ +component: + name: landing_zone_ssm_document + template: + locals: + elements_landing_zone_ssm_document_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_document_tags"] + elements_landing_zone_ssm_document_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_document_resource"] + resource: + aws_ssm_document: + landing_zone_ssm_document: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_document_resource"]) + name: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["name"] + content: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["content"] + document_format: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["document_format"] + document_type: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["document_type"] + permissions: + type: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["permissions_type"] + account_ids: >- + local.elements_landing_zone_ssm_document_map["config_${count.index}"]["permissions_account_ids"] + tags: >- + local.elements_landing_zone_ssm_document_tags_map["config_${count.index}"] + output: + created_dates: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.created_date) + descriptions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.description) + schema_versions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.schema_version) + default_versions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.default_version) + hashes: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.hash) + hash_types: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.hash_type) + latest_versions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.latest_version) + owners: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.owner) + statuses: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.status) + parameters: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.parameter) + platform_types: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.platform_types) + landing_zone_ssm_document_created_dates: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.created_date) + landing_zone_ssm_document_hashes: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_document.landing_zone_ssm_document.*.hash) diff --git a/components/landing_zone_ssm_document/README.md b/components/landing_zone_ssm_document/README.md new file mode 100644 index 0000000..c06cd4b --- /dev/null +++ b/components/landing_zone_ssm_document/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_document +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_document/default.tfvars b/components/landing_zone_ssm_document/default.tfvars new file mode 100644 index 0000000..b5374ce --- /dev/null +++ b/components/landing_zone_ssm_document/default.tfvars @@ -0,0 +1,38 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_document_resource = { + config_0 = { + name = "MyCompany SSM Document" + document_format = "JSON" + document_type = "Command" + permissions_type = "" + permissions_account_ids = "" + content = <- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_maintenance_window_tags"] + elements_landing_zone_ssm_maintenance_window_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_maintenance_window_resource"] + resource: + aws_ssm_maintenance_window: + landing_zone_ssm_maintenance_window: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_maintenance_window_resource"]) + name: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["name"] + schedule: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["schedule"] + cutoff: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["cutoff"] + duration: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["duration"] + allow_unassociated_targets: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["allow_unassociated_targets"] + enabled: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["enabled"] + end_date: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["end_date"] + schedule_timezone: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["schedule_timezone"] + start_date: >- + local.elements_landing_zone_ssm_maintenance_window_map["config_${count.index}"]["start_date"] + tags: >- + local.elements_landing_zone_ssm_maintenance_window_tags_map["config_${count.index}"] + output: + ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window.landing_zone_ssm_maintenance_window.*.id) + thub_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window.landing_zone_ssm_maintenance_window.*.id) + landing_zone_ssm_maintenance_window_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window.landing_zone_ssm_maintenance_window.*.id) diff --git a/components/landing_zone_ssm_maintenance_window/README.md b/components/landing_zone_ssm_maintenance_window/README.md new file mode 100644 index 0000000..3b28b3c --- /dev/null +++ b/components/landing_zone_ssm_maintenance_window/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_maintenance_window +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_maintenance_window/default.tfvars b/components/landing_zone_ssm_maintenance_window/default.tfvars new file mode 100644 index 0000000..61a3cb2 --- /dev/null +++ b/components/landing_zone_ssm_maintenance_window/default.tfvars @@ -0,0 +1,27 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_maintenance_window_resource = { + config_0 = { + name = "mycompany-maintenance-window-application" + schedule = "cron(0 16 ? * TUE *)" + cutoff = 1 + duration = 3 + allow_unassociated_targets = false + enabled = true + end_date = "" + schedule_timezone = "" + start_date = "" + } + }, + landing_zone_ssm_maintenance_window_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "mycompany-maintenance-window-application" + } + } +} diff --git a/components/landing_zone_ssm_maintenance_window_target/.terrahub.yml b/components/landing_zone_ssm_maintenance_window_target/.terrahub.yml new file mode 100644 index 0000000..59fbd4c --- /dev/null +++ b/components/landing_zone_ssm_maintenance_window_target/.terrahub.yml @@ -0,0 +1,47 @@ +component: + name: landing_zone_ssm_maintenance_window_target + template: + locals: + elements_landing_zone_ssm_maintenance_window_target_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_maintenance_window_target_resource"] + data: + terraform_remote_state: + landing_zone_ssm_maintenance_window: + backend: local + config: + path: >- + ${tfvar.terrahub["tfstate_path"]}/landing_zone_ssm_maintenance_window/terraform.tfstate + resource: + aws_ssm_maintenance_window_target: + landing_zone_ssm_maintenance_window_target: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_maintenance_window_target_resource"]) + window_id: >- + element(data.terraform_remote_state.landing_zone_ssm_maintenance_window.outputs.ids["${tfvar.terrahub["landing_zone_providers"]["0"]}"], + count.index) + name: >- + local.elements_landing_zone_ssm_maintenance_window_target_map["config_${count.index}"]["name"] + description: >- + local.elements_landing_zone_ssm_maintenance_window_target_map["config_${count.index}"]["description"] + resource_type: >- + local.elements_landing_zone_ssm_maintenance_window_target_map["config_${count.index}"]["resource_type"] + targets: + key: >- + local.elements_landing_zone_ssm_maintenance_window_target_map["config_${count.index}"]["target_key"] + values: >- + split("|", + local.elements_landing_zone_ssm_maintenance_window_target_map["config_${count.index}"]["target_values"]) + output: + ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window_target.landing_zone_ssm_maintenance_window_target.*.id) + thub_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window_target.landing_zone_ssm_maintenance_window_target.*.id) + landing_zone_ssm_maintenance_window_target_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_maintenance_window_target.landing_zone_ssm_maintenance_window_target.*.id) diff --git a/components/landing_zone_ssm_maintenance_window_target/README.md b/components/landing_zone_ssm_maintenance_window_target/README.md new file mode 100644 index 0000000..4c31760 --- /dev/null +++ b/components/landing_zone_ssm_maintenance_window_target/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_maintenance_window_target +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_maintenance_window_target/default.tfvars b/components/landing_zone_ssm_maintenance_window_target/default.tfvars new file mode 100644 index 0000000..b4a3850 --- /dev/null +++ b/components/landing_zone_ssm_maintenance_window_target/default.tfvars @@ -0,0 +1,15 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_maintenance_window_target_resource = { + config_0 = { + name = "mycompany-maintenance-window-target" + description = "Managed by TerraHub" + resource_type = "INSTANCE" + target_key = "tag:Name" + target_values = "MyCompany's EC2 Instance" + } + } +} diff --git a/components/landing_zone_ssm_parameter/.terrahub.yml b/components/landing_zone_ssm_parameter/.terrahub.yml new file mode 100644 index 0000000..3815bd2 --- /dev/null +++ b/components/landing_zone_ssm_parameter/.terrahub.yml @@ -0,0 +1,65 @@ +component: + name: landing_zone_ssm_parameter + template: + locals: + elements_landing_zone_ssm_parameter_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_parameter_tags"] + elements_landing_zone_ssm_parameter_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_parameter_resource"] + resource: + aws_ssm_parameter: + landing_zone_ssm_parameter: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_parameter_resource"]) + name: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["name"] + type: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["type"] + value: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["value"] + description: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["description"] + tier: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["tier"] + key_id: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["key_id"] + overwrite: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["overwrite"] + allowed_pattern: >- + local.elements_landing_zone_ssm_parameter_map["config_${count.index}"]["allowed_pattern"] + tags: >- + local.elements_landing_zone_ssm_parameter_tags_map["config_${count.index}"] + output: + arns: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.arn) + names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.name) + descriptions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.description) + types: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.type) + values: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.value) + versions: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.version) + landing_zone_ssm_parameter_arns: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.arn) + landing_zone_ssm_parameter_names: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_parameter.landing_zone_ssm_parameter.*.name) diff --git a/components/landing_zone_ssm_parameter/README.md b/components/landing_zone_ssm_parameter/README.md new file mode 100644 index 0000000..7abd1a5 --- /dev/null +++ b/components/landing_zone_ssm_parameter/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_parameter +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_parameter/default.tfvars b/components/landing_zone_ssm_parameter/default.tfvars new file mode 100644 index 0000000..28c0b10 --- /dev/null +++ b/components/landing_zone_ssm_parameter/default.tfvars @@ -0,0 +1,26 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_parameter_resource = { + config_0 = { + name = "/LandingZone/mycompany/Parameter" + type = "String" + value = "value" + description = "Managed by TerraHub" + tier = "Standard" + key_id = "" + overwrite = false + allowed_pattern = "" + } + }, + landing_zone_ssm_parameter_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "/LandingZone/mycompany/Parameter" + } + } +} diff --git a/components/landing_zone_ssm_patch_baseline/.terrahub.yml b/components/landing_zone_ssm_patch_baseline/.terrahub.yml new file mode 100644 index 0000000..ab18f66 --- /dev/null +++ b/components/landing_zone_ssm_patch_baseline/.terrahub.yml @@ -0,0 +1,58 @@ +component: + name: landing_zone_ssm_patch_baseline + template: + locals: + elements_landing_zone_ssm_patch_baseline_tags_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_patch_baseline_tags"] + elements_landing_zone_ssm_patch_baseline_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_patch_baseline_resource"] + resource: + aws_ssm_patch_baseline: + landing_zone_ssm_patch_baseline: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_patch_baseline_resource"]) + name: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["name"] + description: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["description"] + operating_system: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["operating_system"] + approved_patches_compliance_level: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["approved_patches_compliance_level"] + approved_patches: >- + split("|", + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["approved_patches"]) + rejected_patches: >- + split("|", + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["rejected_patches"]) + global_filter: + - key: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["global_filter_key_1"] + values: >- + split("|", + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["global_filter_values_1"]) + approval_rule: + - approve_after_days: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["ar_approve_after_days_1"] + patch_filter: + - key: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["patch_filter_key_1"] + values: >- + split("|", + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["patch_filter_values_1"]) + compliance_level: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["compliance_level_1"] + enable_non_security: >- + local.elements_landing_zone_ssm_patch_baseline_map["config_${count.index}"]["enable_non_security_1"] + tags: >- + local.elements_landing_zone_ssm_patch_baseline_tags_map["config_${count.index}"] + output: + ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_patch_baseline.landing_zone_ssm_patch_baseline.*.id) + landing_zone_ssm_patch_baseline_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_patch_baseline.landing_zone_ssm_patch_baseline.*.id) diff --git a/components/landing_zone_ssm_patch_baseline/README.md b/components/landing_zone_ssm_patch_baseline/README.md new file mode 100644 index 0000000..c12ac5b --- /dev/null +++ b/components/landing_zone_ssm_patch_baseline/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_patch_baseline +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_patch_baseline/default.tfvars b/components/landing_zone_ssm_patch_baseline/default.tfvars new file mode 100644 index 0000000..13cbd36 --- /dev/null +++ b/components/landing_zone_ssm_patch_baseline/default.tfvars @@ -0,0 +1,33 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_patch_baseline_resource = { + config_0 = { + name = "patch-baseline" + description = "Patch Baseline Description" + operating_system = "WINDOWS" + approved_patches_compliance_level = "UNSPECIFIED" + approved_patches = "KB123456|KB456789" + rejected_patches = "KB987654" + + global_filter_key_1 = "CLASSIFICATION" + global_filter_values_1 = "ServicePacks" + + ar_approve_after_days_1 = 7 + patch_filter_key_1 = "PRODUCT" + patch_filter_values_1 = "WindowsServer2016" + compliance_level_1 = "HIGH" + enable_non_security_1 = false + } + }, + landing_zone_ssm_patch_baseline_tags = { + config_0 = { + Description = "Managed by TerraHub" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Patch Baseline" + } + } +} diff --git a/components/landing_zone_ssm_patch_group/.terrahub.yml b/components/landing_zone_ssm_patch_group/.terrahub.yml new file mode 100644 index 0000000..46ee8f1 --- /dev/null +++ b/components/landing_zone_ssm_patch_group/.terrahub.yml @@ -0,0 +1,33 @@ +component: + name: landing_zone_ssm_patch_group + template: + locals: + elements_landing_zone_ssm_patch_group_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_patch_group_resource"] + data: + terraform_remote_state: + landing_zone_ssm_patch_baseline: + backend: local + config: + path: >- + ${tfvar.terrahub["tfstate_path"]}/landing_zone_ssm_patch_group/terraform.tfstate + resource: + aws_ssm_patch_group: + landing_zone_ssm_patch_group: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_patch_group_resource"]) + patch_group: >- + local.elements_landing_zone_ssm_patch_group_map["config_${count.index}"]["patch_group"] + baseline_id: >- + element(data.terraform_remote_state.landing_zone_ssm_patch_baseline.outputs.ids["${tfvar.terrahub["landing_zone_providers"]["0"]}"], + count.index) + output: + ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_patch_baseline.landing_zone_ssm_patch_group.*.id) + landing_zone_ssm_patch_group_ids: + value: >- + map("${tfvar.terrahub["landing_zone_providers"]["0"]}", + aws_ssm_patch_baseline.landing_zone_ssm_patch_group.*.id) diff --git a/components/landing_zone_ssm_patch_group/README.md b/components/landing_zone_ssm_patch_group/README.md new file mode 100644 index 0000000..0c4cf32 --- /dev/null +++ b/components/landing_zone_ssm_patch_group/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_patch_group +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_patch_group/default.tfvars b/components/landing_zone_ssm_patch_group/default.tfvars new file mode 100644 index 0000000..0fe9a49 --- /dev/null +++ b/components/landing_zone_ssm_patch_group/default.tfvars @@ -0,0 +1,11 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_patch_group_resource = { + config_0 = { + patch_group = "patch-group-name" + } + } +} diff --git a/components/landing_zone_ssm_resource_data_sync/.terrahub.yml b/components/landing_zone_ssm_resource_data_sync/.terrahub.yml new file mode 100644 index 0000000..1f459ec --- /dev/null +++ b/components/landing_zone_ssm_resource_data_sync/.terrahub.yml @@ -0,0 +1,36 @@ +component: + name: landing_zone_ssm_resource_data_sync + template: + locals: + elements_landing_zone_kms_key_data_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_kms_key_data"] + elements_landing_zone_ssm_resource_data_sync_map: >- + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_resource_data_sync_resource"] + data: + aws_kms_key: + kms_key_selected: + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_kms_key_data"]) + key_id: >- + local.elements_landing_zone_kms_key_data_map["config_${count.index}"]["key_id"] + resource: + aws_ssm_resource_data_sync: + landing_zone_ssm_resource_data_sync: + provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' + count: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_ssm_resource_data_sync_resource"]) + name: >- + local.elements_landing_zone_ssm_resource_data_sync_map["config_${count.index}"]["name"] + s3_destination: + bucket_name: >- + local.elements_landing_zone_ssm_resource_data_sync_map["config_${count.index}"]["s3_dest_bucket"] + region: >- + local.elements_landing_zone_ssm_resource_data_sync_map["config_${count.index}"]["s3_dest_region"] + kms_key_arn: >- + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_kms_key_data"]) + > 0 ? element(data.aws_kms_key.kms_key_selected.*.arn, + count.index) : "" + prefix: >- + local.elements_landing_zone_ssm_resource_data_sync_map["config_${count.index}"]["s3_dest_prefix"] + sync_format: >- + local.elements_landing_zone_ssm_resource_data_sync_map["config_${count.index}"]["s3_dest_sync_format"] diff --git a/components/landing_zone_ssm_resource_data_sync/README.md b/components/landing_zone_ssm_resource_data_sync/README.md new file mode 100644 index 0000000..de4d684 --- /dev/null +++ b/components/landing_zone_ssm_resource_data_sync/README.md @@ -0,0 +1,2 @@ +# landing_zone_ssm_resource_data_sync +Component for AWS Landing Zone diff --git a/components/landing_zone_ssm_resource_data_sync/default.tfvars b/components/landing_zone_ssm_resource_data_sync/default.tfvars new file mode 100644 index 0000000..79a5e95 --- /dev/null +++ b/components/landing_zone_ssm_resource_data_sync/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_ssm_resource_data_sync_resource = { + config_0 = { + name = "MyCompany Data Sync" + s3_dest_bucket = "my-company-tf-test-bucket-1234" + s3_dest_region = "us-east-1" + s3_dest_prefix = "" + s3_dest_sync_format = "" + } + }, + landing_zone_kms_key_data = {} +} diff --git a/components/landing_zone_subnet/default.tfimport b/components/landing_zone_subnet/default.tfimport new file mode 100644 index 0000000..01754e8 --- /dev/null +++ b/components/landing_zone_subnet/default.tfimport @@ -0,0 +1,2 @@ +landing_zone_subnet,aws_subnet.landing_zone_subnet,[first_id] +landing_zone_subnet,aws_subnet.landing_zone_subnet,[second_id] diff --git a/components/landing_zone_subnet/default.tfvars b/components/landing_zone_subnet/default.tfvars new file mode 100644 index 0000000..fa76b62 --- /dev/null +++ b/components/landing_zone_subnet/default.tfvars @@ -0,0 +1,39 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + } + landing_zone_subnet_tags = { + config_0 = { + Description = "Managed by TerraHub" + AWSServiceAccount = "" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Subnet Private (us-east-1c)" + }, + config_1 = { + Description = "Managed by TerraHub" + AWSServiceAccount = "" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "Landing Zone Subnet Private (us-east-1a)" + } + } + landing_zone_subnet_resource = { + config_0 = { + cidr_block = "172.16.1.0/24" + availability_zone = "us-east-1c" + assign_ipv6_address_on_creation = "false" + }, + config_1 = { + cidr_block = "172.16.0.0/24" + availability_zone = "us-east-1a" + assign_ipv6_address_on_creation = "false" + } + } +} diff --git a/components/landing_zone_tgw_route/default.tfvars b/components/landing_zone_tgw_route/default.tfvars new file mode 100644 index 0000000..c09f692 --- /dev/null +++ b/components/landing_zone_tgw_route/default.tfvars @@ -0,0 +1,21 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + }, + landing_zone_tgw_route_resource = { + config_0 = { + destination_cidr_block = "0.0.0.0/0" + } + } +} diff --git a/components/landing_zone_tgw_route_table/default.tfvars b/components/landing_zone_tgw_route_table/default.tfvars new file mode 100644 index 0000000..98d2d2b --- /dev/null +++ b/components/landing_zone_tgw_route_table/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + }, + landing_zone_tgw_route_table_resource = { + config_0 = { + Name = "Landing Zone Transit Gateway" + } + } +} diff --git a/components/landing_zone_tgw_route_table_association/default.tfvars b/components/landing_zone_tgw_route_table_association/default.tfvars new file mode 100644 index 0000000..c84f889 --- /dev/null +++ b/components/landing_zone_tgw_route_table_association/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + } +} diff --git a/components/landing_zone_tgw_route_table_propagation/default.tfvars b/components/landing_zone_tgw_route_table_propagation/default.tfvars new file mode 100644 index 0000000..c84f889 --- /dev/null +++ b/components/landing_zone_tgw_route_table_propagation/default.tfvars @@ -0,0 +1,16 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + } +} diff --git a/components/landing_zone_tgw_vpc_attachment/default.tfvars b/components/landing_zone_tgw_vpc_attachment/default.tfvars new file mode 100644 index 0000000..d7a9719 --- /dev/null +++ b/components/landing_zone_tgw_vpc_attachment/default.tfvars @@ -0,0 +1,39 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_gateway_tgw_data = { + config_0 = { + amazon_side_asn = 64512 + } + }, + landing_zone_subnet_data = { + config_0 = { + cidr_block = "172.16.1.0/24" + }, + config_1 = { + cidr_block = "172.16.0.0/24" + } + }, + landing_zone_tgw_tags_element = { + config_0 = { + Name = "Landing Zone TGW VPC Attachment" + } + }, + landing_zone_tgw_element = { + config_0 = { + dns_support = "enable" + ipv6_support = "disable" + transit_gateway_default_route_table_association = true + transit_gateway_default_route_table_propagation = true + subnets_from_index = "0" + subnets_to_index = "2" + } + } +} diff --git a/components/landing_zone_tgw_vpc_attachment_accepter/.terrahub.yml b/components/landing_zone_tgw_vpc_attachment_accepter/.terrahub.yml index 6bb14ae..048beb1 100644 --- a/components/landing_zone_tgw_vpc_attachment_accepter/.terrahub.yml +++ b/components/landing_zone_tgw_vpc_attachment_accepter/.terrahub.yml @@ -9,7 +9,7 @@ component: elements_landing_zone_tgw_tags_map: >- var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_tgw_tags"] elements_landing_zone_tgw_map: >- - var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_tgw"] + var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_tgw_resource"] data: aws_vpc: vpc_selected: @@ -31,7 +31,7 @@ component: landing_zone_tgw_vpc_attachment_accepter: provider: 'aws.${tfvar.terrahub["landing_zone_providers"]["0"]}' count: >- - length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_tgw"]) + length(var.${tfvar.terrahub["landing_zone_providers"]["0"]}_provider["landing_zone_tgw_resource"]) transit_gateway_attachment_id: >- element(data.aws_ec2_transit_gateway_vpc_attachment.tgw_vpc_selected.*.id, count.index) diff --git a/components/landing_zone_tgw_vpc_attachment_accepter/default.tfvars b/components/landing_zone_tgw_vpc_attachment_accepter/default.tfvars new file mode 100644 index 0000000..02c3e54 --- /dev/null +++ b/components/landing_zone_tgw_vpc_attachment_accepter/default.tfvars @@ -0,0 +1,22 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_tgw_tags = { + config_0 = { + Name = "Landing Zone TGW VPC Attachment" + } + }, + landing_zone_tgw_resource = { + config_0 = { + transit_gateway_default_route_table_association = true + transit_gateway_default_route_table_propagation = true + } + } +} diff --git a/components/landing_zone_vpc/default.tfimport b/components/landing_zone_vpc/default.tfimport new file mode 100644 index 0000000..4e98f2f --- /dev/null +++ b/components/landing_zone_vpc/default.tfimport @@ -0,0 +1 @@ +landing_zone_vpc,aws_vpc.landing_zone_vpc,[id] diff --git a/components/landing_zone_vpc/default.tfvars b/components/landing_zone_vpc/default.tfvars new file mode 100644 index 0000000..97adad4 --- /dev/null +++ b/components/landing_zone_vpc/default.tfvars @@ -0,0 +1,26 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_tags = { + config_0 = { + Description = "Managed by TerraHub" + AWSServiceAccount = "" + ThubCode = "1234abcd" + ThubEnv = "Prod" + Name = "VPC for Landing Zone" + } + }, + landing_zone_vpc_resource = { + config_0 = { + cidr_block = "172.16.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + assign_generated_ipv6_cidr_block = "false" + enable_classiclink = "false" + enable_dns_hostnames = "false" + enable_classiclink_dns_support = "false" + } + } +} diff --git a/components/landing_zone_vpc_endpoint_gateway/default.tfimport b/components/landing_zone_vpc_endpoint_gateway/default.tfimport new file mode 100644 index 0000000..929bed4 --- /dev/null +++ b/components/landing_zone_vpc_endpoint_gateway/default.tfimport @@ -0,0 +1 @@ +landing_zone_vpc_endpoint_gateway,aws_vpc_endpoint.landing_zone_vpc_endpoint_gateway,[id] diff --git a/components/landing_zone_vpc_endpoint_gateway/default.tfvars b/components/landing_zone_vpc_endpoint_gateway/default.tfvars new file mode 100644 index 0000000..4b449c7 --- /dev/null +++ b/components/landing_zone_vpc_endpoint_gateway/default.tfvars @@ -0,0 +1,14 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_route_tables_data = {}, + landing_zone_vpc_endpoint_gateway_tags = {}, + landing_zone_vpc_endpoint_gateway_resource = {} +} diff --git a/components/landing_zone_vpc_endpoint_interface/default.tfimport b/components/landing_zone_vpc_endpoint_interface/default.tfimport new file mode 100644 index 0000000..c751040 --- /dev/null +++ b/components/landing_zone_vpc_endpoint_interface/default.tfimport @@ -0,0 +1 @@ +landing_zone_vpc_endpoint_interface,aws_vpc_endpoint.landing_zone_vpc_endpoint_interface,[id] diff --git a/components/landing_zone_vpc_endpoint_interface/default.tfvars b/components/landing_zone_vpc_endpoint_interface/default.tfvars new file mode 100644 index 0000000..e34b11c --- /dev/null +++ b/components/landing_zone_vpc_endpoint_interface/default.tfvars @@ -0,0 +1,15 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_data = { + config_0 = { + cidr_block = "172.16.0.0/16" + } + }, + landing_zone_subnets_data = {}, + landing_zone_security_groups_data = {} + landing_zone_vpc_endpoint_interface_tags = {}, + landing_zone_vpc_endpoint_interface_resource = {} +} diff --git a/components/landing_zone_vpc_peering_connection/default.tfimport b/components/landing_zone_vpc_peering_connection/default.tfimport new file mode 100644 index 0000000..fc0804d --- /dev/null +++ b/components/landing_zone_vpc_peering_connection/default.tfimport @@ -0,0 +1 @@ +landing_zone_vpc_peering_connection,aws_vpc_peering_connection.landing_zone_vpc_peering_connection,[id] diff --git a/components/landing_zone_vpc_peering_connection/default.tfvars b/components/landing_zone_vpc_peering_connection/default.tfvars new file mode 100644 index 0000000..6b1c093 --- /dev/null +++ b/components/landing_zone_vpc_peering_connection/default.tfvars @@ -0,0 +1,14 @@ +landing_zone_providers = [ + "default" +] + +default_provider = { + landing_zone_vpc_peering_connection_data = { + config_0 = { + vpc_cidr_block = "172.16.0.0/16" + peer_vpc_cidr_block = "172.16.0.0/16" + } + }, + landing_zone_vpc_peering_connection_resource = {} + landing_zone_vpc_peering_connection_tags = {}, +} diff --git a/examples/example_landing_zone_organization/README.md b/examples/example_landing_zone_organization/README.md index a482ead..692717f 100644 --- a/examples/example_landing_zone_organization/README.md +++ b/examples/example_landing_zone_organization/README.md @@ -17,7 +17,7 @@ module "example_landing_zone_organization" { } landing_zone_components = { - landing_zone_organization = "s3://terraform-aws-landing-zone/mycompany/landing_zone_organization/default.tfvars" + landing_zone_organization = "s3://terraform-aws-landing-zone/components/landing_zone_organization/default.tfvars" } } ``` diff --git a/examples/example_landing_zone_organization/main.tf b/examples/example_landing_zone_organization/main.tf index 9ffd4a8..5a7ff5c 100644 --- a/examples/example_landing_zone_organization/main.tf +++ b/examples/example_landing_zone_organization/main.tf @@ -10,7 +10,7 @@ module "example_landing_zone_organization" { } landing_zone_components = { - landing_zone_organization = "s3://terraform-aws-landing-zone/mycompany/landing_zone_organization/default.tfvars" + landing_zone_organization = "s3://terraform-aws-landing-zone/components/landing_zone_organization/default.tfvars" } terraform_backend = { diff --git a/examples/example_landing_zone_reader/main.tf b/examples/example_landing_zone_reader/main.tf index 807ef2e..c5e4897 100644 --- a/examples/example_landing_zone_reader/main.tf +++ b/examples/example_landing_zone_reader/main.tf @@ -1,5 +1,11 @@ module "example_landing_zone_reader" { - source = "../../modules/landing_zone_reader" + source = "../../modules/landing_zone_reader" + terraform_backend_type = "s3" + terraform_backend_config = { + bucket = "terraform-aws-landing-zone-mitocgroup" + key = "terraform/terrahub_load_outputs/terraform.tfstate" + region = "us-east-1" + } } resource "aws_lambda_function" "hello_world" { @@ -9,7 +15,7 @@ resource "aws_lambda_function" "hello_world" { handler = "index.handler" memory_size = "128" timeout = "30" - role = [for i in local.landing_zone_iam_role_arns["default"]: i if i != replace(i, "ServiceRoleForLambdaEdge", "")] + role = element([for i in local.landing_zone_iam_role_arns["default"] : i if i != replace(i, "ServiceRoleForLambdaEdge", "")], 0) s3_bucket = "www.terrahub.io" s3_key = "hello-world/nodejs10.x.zip" diff --git a/examples/example_landing_zone_s3_and_codepipeline/README.md b/examples/example_landing_zone_s3_and_codepipeline/README.md index 09ee096..93fa34a 100644 --- a/examples/example_landing_zone_s3_and_codepipeline/README.md +++ b/examples/example_landing_zone_s3_and_codepipeline/README.md @@ -17,14 +17,14 @@ module "example_landing_zone_s3_and_codepipeline" { } landing_zone_components = { - landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_s3_bucket/default.tfvars" - landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_artifact_s3_bucket/default.tfvars" - landing_zone_code_build_role = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build_role/default.tfvars" - landing_zone_code_build_role_policy = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build_role_policy/default.tfvars" - landing_zone_code_build = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build/default.tfvars" - landing_zone_code_pipeline_role = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline_role/default.tfvars" - landing_zone_code_pipeline_role_policy = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline_role_policy/default.tfvars" - landing_zone_code_pipeline = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline/default.tfvars" + landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_s3_bucket/default.tfvars" + landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_artifact_s3_bucket/default.tfvars" + landing_zone_code_build_role = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role/default.tfvars" + landing_zone_code_build_role_policy = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role_policy/default.tfvars" + landing_zone_code_build = "s3://terraform-aws-landing-zone/components/landing_zone_code_build/default.tfvars" + landing_zone_code_pipeline_role = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline_role/default.tfvars" + landing_zone_code_pipeline_role_policy = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline_role_policy/default.tfvars" + landing_zone_code_pipeline = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline/default.tfvars" } } diff --git a/examples/example_landing_zone_s3_and_codepipeline/main.tf b/examples/example_landing_zone_s3_and_codepipeline/main.tf index 8159dc9..596d3dd 100644 --- a/examples/example_landing_zone_s3_and_codepipeline/main.tf +++ b/examples/example_landing_zone_s3_and_codepipeline/main.tf @@ -10,21 +10,21 @@ module "example_landing_zone_s3_and_codepipeline" { } landing_zone_components = { - landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_s3_bucket/default.tfvars" - landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_artifact_s3_bucket/default.tfvars" - landing_zone_code_build_role = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build_role/default.tfvars" - landing_zone_code_build_role_policy = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build_role_policy/default.tfvars" - landing_zone_code_build = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_build/default.tfvars" - landing_zone_code_pipeline_role = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline_role/default.tfvars" - landing_zone_code_pipeline_role_policy = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline_role_policy/default.tfvars" - landing_zone_code_pipeline = "s3://terraform-aws-landing-zone/mycompany/landing_zone_code_pipeline/default.tfvars" + landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_s3_bucket/default.tfvars" + landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_artifact_s3_bucket/default.tfvars" + landing_zone_code_build_role = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role/default.tfvars" + landing_zone_code_build_role_policy = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role_policy/default.tfvars" + landing_zone_code_build = "s3://terraform-aws-landing-zone/components/landing_zone_code_build/default.tfvars" + landing_zone_code_pipeline_role = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline_role/default.tfvars" + landing_zone_code_pipeline_role_policy = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline_role_policy/default.tfvars" + landing_zone_code_pipeline = "s3://terraform-aws-landing-zone/components/landing_zone_code_pipeline/default.tfvars" } terraform_backend = { - backend = "s3" - bucket = "terraform-aws-landing-zone" - region = "us-east-1" - key = "tfstates/terraform-aws-landing-zone" + backend = "s3" + bucket = "terraform-aws-landing-zone" + region = "us-east-1" + key = "terraform" workspace_key_prefix = "tfstates_workspaces" } } diff --git a/modules/landing_zone/README.md b/modules/landing_zone/README.md index 8ac2f57..db50cf4 100644 --- a/modules/landing_zone/README.md +++ b/modules/landing_zone/README.md @@ -31,7 +31,7 @@ module "landing_zone" { } landing_zone_components = { - landing_zone_vpc = "s3://terraform-aws-landing-zone/mycompany/landing_zone_vpc/default.tfvars" + landing_zone_vpc = "s3://terraform-aws-landing-zone/components/landing_zone_vpc/default.tfvars" [...] } } diff --git a/modules/landing_zone/scripts/apply.js b/modules/landing_zone/scripts/apply.js index 805fbae..b4a4751 100644 --- a/modules/landing_zone/scripts/apply.js +++ b/modules/landing_zone/scripts/apply.js @@ -5,27 +5,26 @@ const { ROOT_PATH: rootPath, COMMAND: command, COMPONENTS: components } = proces /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!command) { - return Promise.reject(Error('ERROR: COMMAND variable is empty. Aborting...')); + throw Error('ERROR: COMMAND variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } /** * Execute - * @return {Promise} + * @return {String} */ -async function main() { +function main() { const processes = []; const include = []; const jsonComponents = JSON.parse(components); @@ -39,7 +38,7 @@ async function main() { try { Helper.executeWithErrors(rootPath, 'terrahub', processes); } catch (error) { - return Promise.reject(error); + throw error; } return Helper.output(include); @@ -47,10 +46,10 @@ async function main() { (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); - const resp = await main(); - console.log(resp); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); + + console.log(main()); } catch (error) { console.log(error); } diff --git a/modules/landing_zone/scripts/config.js b/modules/landing_zone/scripts/config.js index c34a4b2..9d1d041 100644 --- a/modules/landing_zone/scripts/config.js +++ b/modules/landing_zone/scripts/config.js @@ -6,23 +6,22 @@ const { ROOT_PATH: rootPath, PROVIDERS: providers, BACKEND: backend, COMPONENTS: /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!providers) { - return Promise.reject(Error('ERROR: PROVIDERS variable is empty. Aborting...')); + throw Error('ERROR: PROVIDERS variable is empty. Aborting...'); } if (!backend) { - return Promise.reject(Error('ERROR: BACKEND variable is empty. Aborting...')); + throw Error('ERROR: BACKEND variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } @@ -34,10 +33,10 @@ async function main() { const processes = await Helper.updateConfig(rootPath, providers, backend, components); try { - await Helper.removeConfig(rootPath, components); - await Helper.executeWithErrors(rootPath, 'terrahub', processes); + Helper.removeConfig(rootPath, components); + Helper.executeWithErrors(rootPath, 'terrahub', processes); } catch (error) { - return await Promise.reject(error); + throw error; } return 'Success'; @@ -45,9 +44,10 @@ async function main() { (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); const resp = await main(); + console.log(resp); } catch (error) { console.log(error); diff --git a/modules/landing_zone/scripts/destroy.js b/modules/landing_zone/scripts/destroy.js index fa79539..90b83b4 100644 --- a/modules/landing_zone/scripts/destroy.js +++ b/modules/landing_zone/scripts/destroy.js @@ -6,23 +6,22 @@ const { ROOT_PATH: rootPath, COMPONENTS: components } = process.env; /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } /** * Execute - * @return {Promise} + * @return {String} */ -async function main() { +function main() { const processes = []; const include = []; const jsonComponents = JSON.parse(components); @@ -32,9 +31,9 @@ async function main() { processes.push(['destroy', '--auto-approve', '--include', include.join(','), '--dependency', 'ignore']); try { - await Helper.executeWithErrors(rootPath, 'terrahub', processes); + Helper.executeWithErrors(rootPath, 'terrahub', processes); } catch (error) { - return Promise.reject(error); + throw error; } return 'Success'; @@ -42,10 +41,10 @@ async function main() { (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); - const resp = await main(); - console.log(resp); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); + + console.log(main()); } catch (error) { console.log(error); } diff --git a/modules/landing_zone/scripts/helper.js b/modules/landing_zone/scripts/helper.js index 9a85c4c..7834253 100644 --- a/modules/landing_zone/scripts/helper.js +++ b/modules/landing_zone/scripts/helper.js @@ -12,69 +12,61 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} args - * @return {Promise} + * @return {String} */ - async cli(rootPath, command, args) { + cli(rootPath, command, args) { const execute = spawnSync(command, args, { cwd: rootPath, env: process.env }); if (execute.status === 0) { return execute.stdout.toString(); } - return process.env.DEBUG - ? await Promise.reject(Error(execute.stderr.toString())) - : Promise.reject(Error(`${command} ${args.join(' ')} failed. Enable DEBUG=debug to learn more.`)); + if (process.env.DEBUG) { + throw Error(execute.stderr.toString()); + } + throw Error(`${command} ${args.join(' ')} failed. Enable DEBUG=debug to learn more.`); } /** * Execute * @param {String} rootPath - * @param {Array} components - * @return {Promise} + * @param {String} components + * @return {String} */ - async removeConfig(rootPath, components) { + removeConfig(rootPath, components) { const jsonComponents = JSON.parse(components); const terrahubConfig = ['configure', '--config']; - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.terraform', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0]={}']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0].aws={}']]); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[0].aws.region=var.region']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[0].aws.allowed_account_ids[]=var.account_id']] - ); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1]={}']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws={}']]); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.alias=default']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.region=var.region']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.allowed_account_ids[]=var.account_id']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.tfvars.account_id=123456789012']] - ); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars.region=us-east-1']]); - - for (const key of Object.keys(jsonComponents)) { - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['terraform', '--include', key, '--delete', '--auto-approve']] - ); - } + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.terraform', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0]={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0].aws={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[0].aws.region=var.region'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[0].aws.allowed_account_ids[]=var.account_id'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1]={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws.alias=default']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[1].aws.region=var.region'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[1].aws.allowed_account_ids[]=var.account_id'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.tfvars.account_id=123456789012'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars.region=us-east-1']]); + + Object.keys(jsonComponents).forEach(key => { + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['terraform', '--include', key, '--delete', '--auto-approve'] + ]); + }); return 'Success'; } @@ -93,20 +85,20 @@ class Helper { const jsonProviders = JSON.parse(providers); const jsonBackends = JSON.parse(backends); const jsonComponents = JSON.parse(components); - - const jsonBackendKeysArray = Object.keys(jsonBackends); const { backend } = jsonBackends; - jsonBackendKeysArray.filter(elem => elem !== 'backend').forEach(backendKey => { - let backendValue = jsonBackends[backendKey]; - if (['key', 'path', 'prefix'].indexOf(backendKey) > -1) { - backendValue += `/\${tfvar.terrahub["component"]["name"]}` + - (backend === 'prefix' ? '' : '/terraform.tfstate'); - } - processes.push([ - ...terrahubConfig, - ...[`template.terraform.backend.${backend}.${backendKey}=${backendValue}`] - ]); - }); + + Object.keys(jsonBackends) + .filter(elem => elem !== 'backend') + .forEach(backendKey => { + let backendValue = jsonBackends[backendKey]; + + if (['key', 'path', 'prefix'].indexOf(backendKey) > -1) { + backendValue += + `/\${tfvar.terrahub["component"]["name"]}` + (backend === 'prefix' ? '' : '/terraform.tfstate'); + } + + processes.push([...terrahubConfig, ...[`template.terraform.backend.${backend}.${backendKey}=${backendValue}`]]); + }); Object.keys(jsonProviders).forEach(key => { if (key !== 'default') { @@ -148,55 +140,67 @@ class Helper { * @return {Promise} */ async updateConfigByComponent(jsonComponents, processes, terrahubConfig, rootPath) { - await Promise.all(Object.keys(jsonComponents).map(async key => { - const re = /\s*\/\*\s*/; - const linkList = jsonComponents[key].split(re); - if (linkList.length === 1) { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${jsonComponents[key].toString()}`, '-i', key]]); - } - else { - const res = jsonComponents[key].substring(0, 2); - switch (res) { - case 's3': - const reLinks = /\s*\/\s*/; - const links = jsonComponents[key].split(reLinks); - const prefix = linkList[0].replace('s3:\/\/' + links[2] + '/', "") + '/'; - - const data = await Helper.s3Helper.getObject(links[2], prefix); - data.Contents.forEach(item => { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${'s3:\/\/' + path.join(links[2], item.Key)}`, '-i', key]]); - }); - break; - case 'gs': - // @todo ls gs - break; - case '..': - fs.readdirSync(path.join(__dirname, '..', linkList[0])).forEach(function (name) { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key]]); - }); - break; - default: - fs.readdirSync(path.join(linkList[0])).forEach(function (name) { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key]]); - }); - break; + await Promise.all( + Object.keys(jsonComponents).map(async key => { + const re = /\s*\/\*\s*/; + const linkList = jsonComponents[key].split(re); + if (linkList.length === 1) { + processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${jsonComponents[key].toString()}`, '-i', key]]); + } else { + const res = jsonComponents[key].substring(0, 2); + switch (res) { + case 's3': + const reLinks = /\s*\/\s*/; + const links = jsonComponents[key].split(reLinks); + const prefix = linkList[0].replace('s3://' + links[2] + '/', '') + '/'; + const data = await Helper.s3Helper.getObject(links[2], prefix); + + data.Contents.forEach(item => { + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${'s3://' + path.join(links[2], item.Key)}`, '-i', key] + ]); + }); + break; + case 'gs': + // @todo ls gs + break; + case '..': + fs.readdirSync(path.join(__dirname, '..', linkList[0])).forEach(name => { + if (path.extname(name) === '.tfvars') { + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key] + ]); + } + }); + break; + default: + fs.readdirSync(path.join(__dirname, '..', '..', '..', 'components', key, linkList[0])).forEach(name => { + if (path.extname(name) === '.tfvars') { + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key] + ]); + } + }); + break; + } } - } - return this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['terraform', '--delete', '--auto-approve', '--include', key]]); - })); + return this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['terraform', '--delete', '--auto-approve', '--include', key] + ]); + }) + ); } /** * Check if terrahub cli is installed - * @return {Promise} */ - async checkIfTerrahubIsInstalled() { + checkIfTerrahubIsInstalled() { const where = os.platform() === 'win32' ? 'where' : 'which'; try { execSync(`${where} terrahub`, { encoding: 'utf8', shell: true, cwd: process.cwd(), stdio: 'ignore' }); } catch (error) { - return Promise.reject(Error('terrahub is missing. aborting...')); + throw Error('terrahub is missing. aborting...'); } } @@ -205,21 +209,19 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} argsList - * @return {Promise} */ executeWithErrors(rootPath, command, argsList) { - argsList.forEach(async args => { + for (const args of argsList) { try { - const result = await this.cli( - rootPath, command, args - ); + const result = this.cli(rootPath, command, args); + console.log(result); } catch (error) { console.log('Error: failed to execute command:'); - return Promise.reject(error); + + throw error; } - }); - return Promise.resolve(); + } } /** @@ -227,11 +229,10 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} args - * @return {Promise} */ - async executeWithoutErrors(rootPath, command, args) { + executeWithoutErrors(rootPath, command, args) { try { - const result = await this.cli(rootPath, command, args); + const result = this.cli(rootPath, command, args); console.log(result); } catch (error) { @@ -259,10 +260,7 @@ class Helper { let result = ''; try { - result = await this.cli( - rootPath, 'terrahub', - ['output', '--format', 'json', '--include', item, '--auto-approve'] - ); + result = this.cli(rootPath, 'terrahub', ['output', '--format', 'json', '--include', item, '--auto-approve']); response = { ...response, ...this.extractOutputValues(result) }; diff --git a/modules/landing_zone/scripts/remove-config.js b/modules/landing_zone/scripts/remove-config.js index f2b18a0..db47749 100644 --- a/modules/landing_zone/scripts/remove-config.js +++ b/modules/landing_zone/scripts/remove-config.js @@ -6,24 +6,23 @@ const { ROOT_PATH: rootPath, COMPONENTS: components } = process.env; /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); - const resp = await Helper.removeConfig(rootPath, components); - console.log(resp); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); + + console.log(Helper.removeConfig(rootPath, components)); } catch (error) { console.log(error); } diff --git a/modules/landing_zone/scripts/s3-helper.js b/modules/landing_zone/scripts/s3-helper.js index 075a708..af2257f 100644 --- a/modules/landing_zone/scripts/s3-helper.js +++ b/modules/landing_zone/scripts/s3-helper.js @@ -17,8 +17,7 @@ class S3Helper { * @returns {Promise} */ async getObject(bucketName, objectKey) { - const objs = await this._s3.listObjects({ Bucket: bucketName, Delimiter: '/', Prefix: objectKey }).promise(); - return objs; + return this._s3.listObjects({ Bucket: bucketName, Delimiter: '/', Prefix: objectKey }).promise(); } } diff --git a/modules/landing_zone/variable.tf b/modules/landing_zone/variable.tf index 18d514c..0196d52 100644 --- a/modules/landing_zone/variable.tf +++ b/modules/landing_zone/variable.tf @@ -23,7 +23,7 @@ variable "landing_zone_command" { variable "terraform_backend" { type = map(string) description = "This is the backend configure for all components." - default = { + default = { backend = "local" path = "/tmp/.terrahub/landing_zone" } diff --git a/modules/landing_zone_reader/variables.tf b/modules/landing_zone_reader/variables.tf new file mode 100644 index 0000000..4fd055e --- /dev/null +++ b/modules/landing_zone_reader/variables.tf @@ -0,0 +1,9 @@ +variable "terraform_backend_type" { + type = string + description = "The list of AWS providers." +} + +variable "terraform_backend_config" { + type = map(string) + description = "The list of AWS providers." +} diff --git a/modules/landing_zone_reader_config/README.md b/modules/landing_zone_reader_config/README.md index 3388a5e..a075eb4 100644 --- a/modules/landing_zone_reader_config/README.md +++ b/modules/landing_zone_reader_config/README.md @@ -31,7 +31,7 @@ module "landing_zone" { } landing_zone_components = { - landing_zone_vpc = "s3://terraform-aws-landing-zone/mycompany/landing_zone_vpc/default.tfvars" + landing_zone_vpc = "s3://terraform-aws-landing-zone/components/landing_zone_vpc/default.tfvars" [...] } } diff --git a/modules/landing_zone_reader_config/scripts/apply.js b/modules/landing_zone_reader_config/scripts/apply.js index b9bbbdf..c44887f 100644 --- a/modules/landing_zone_reader_config/scripts/apply.js +++ b/modules/landing_zone_reader_config/scripts/apply.js @@ -6,19 +6,18 @@ const { ROOT_PATH: rootPath, BACKEND: backend, COMPONENTS: components } = proces /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!backend) { - return Promise.reject(Error('ERROR: BACKEND variable is empty. Aborting...')); + throw Error('ERROR: BACKEND variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } @@ -30,7 +29,7 @@ async function checkEnvironmentVars() { async function terrahubOutput(include, jsonBackend) { let outputMap = []; - await Helper.executeWithoutErrors( + Helper.executeWithoutErrors( rootPath, 'terrahub', [ 'configure', '--config', 'component.template.data', '--delete', @@ -40,18 +39,18 @@ async function terrahubOutput(include, jsonBackend) { await Promise.all( include.map(async item => { - await Helper.cli( + Helper.cli( rootPath, 'terrahub', ['init', '--include', item] ); - const result = await Helper.cli( + const result = Helper.cli( rootPath, 'terrahub', ['output', '--format', 'json', '--include', item, '--auto-approve'] ); if (!result.length) { - throw new Error('No terraform outputs found. Before using `landing_zone_reader` module, '+ + throw new Error('No terraform outputs found. Before using `landing_zone_reader` module, ' + 'make sure that `landing_zone` module generates output. Learn more: https://github.com/TerraHubCorp/terraform-aws-landing-zone/'); } @@ -61,22 +60,19 @@ async function terrahubOutput(include, jsonBackend) { outputMap = [...outputMap, ...[prepareOutput]]; }) ); - - await Promise.all( - await Helper.cli( - rootPath, 'terrahub', - [ - 'configure', '--include', 'terrahub_load_outputs', '--config', - `component.template.output.terrahub_reader.value=merge(${outputMap.join(',')})` - ] - ) - ); - await Promise.all( - await Helper.cli( - rootPath, 'terrahub', - ['run', '--include', 'terrahub_load_outputs', '--apply', '--auto-approve'] - ) + + Helper.cli( + rootPath, 'terrahub', + [ + 'configure', '--include', 'terrahub_load_outputs', '--config', + `component.template.output.terrahub_reader.value=merge(${outputMap.join(',')})` + ]); + + + Helper.cli( + rootPath, 'terrahub', + ['run', '--include', 'terrahub_load_outputs', '--apply', '--auto-approve'] ); return 'Success'; @@ -102,14 +98,14 @@ async function extractOutputValues(result, jsonBackend) { ...terrahubConfig, ...[ `component.template.data.terraform_remote_state.${key}` + - `.backend=${backend}` + `.backend=${backend}` ] ]); processes.push([ ...terrahubConfig, ...[ `component.template.data.terraform_remote_state.${key}` + - `.config={}` + `.config={}` ] ]); jsonBackendKeysArray.filter(elem => elem !== 'backend').forEach(backendKey => { @@ -122,7 +118,7 @@ async function extractOutputValues(result, jsonBackend) { ...terrahubConfig, ...[ `component.template.data.terraform_remote_state.${key}` + - `.config.${backendKey}=${backendValue}` + `.config.${backendKey}=${backendValue}` ] ]); }); @@ -133,9 +129,9 @@ async function extractOutputValues(result, jsonBackend) { }); try { - await Helper.executeWithErrors(rootPath, 'terrahub', processes); + Helper.executeWithErrors(rootPath, 'terrahub', processes); } catch (error) { - return Promise.reject(error); + throw error; } return outputMap; @@ -157,9 +153,10 @@ async function main() { (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); const resp = await main(); + console.log(resp); } catch (error) { console.log(error); diff --git a/modules/landing_zone_reader_config/scripts/config.js b/modules/landing_zone_reader_config/scripts/config.js index c34a4b2..9d1d041 100644 --- a/modules/landing_zone_reader_config/scripts/config.js +++ b/modules/landing_zone_reader_config/scripts/config.js @@ -6,23 +6,22 @@ const { ROOT_PATH: rootPath, PROVIDERS: providers, BACKEND: backend, COMPONENTS: /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!providers) { - return Promise.reject(Error('ERROR: PROVIDERS variable is empty. Aborting...')); + throw Error('ERROR: PROVIDERS variable is empty. Aborting...'); } if (!backend) { - return Promise.reject(Error('ERROR: BACKEND variable is empty. Aborting...')); + throw Error('ERROR: BACKEND variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } @@ -34,10 +33,10 @@ async function main() { const processes = await Helper.updateConfig(rootPath, providers, backend, components); try { - await Helper.removeConfig(rootPath, components); - await Helper.executeWithErrors(rootPath, 'terrahub', processes); + Helper.removeConfig(rootPath, components); + Helper.executeWithErrors(rootPath, 'terrahub', processes); } catch (error) { - return await Promise.reject(error); + throw error; } return 'Success'; @@ -45,9 +44,10 @@ async function main() { (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); const resp = await main(); + console.log(resp); } catch (error) { console.log(error); diff --git a/modules/landing_zone_reader_config/scripts/helper.js b/modules/landing_zone_reader_config/scripts/helper.js index c708bca..ca80355 100644 --- a/modules/landing_zone_reader_config/scripts/helper.js +++ b/modules/landing_zone_reader_config/scripts/helper.js @@ -12,68 +12,61 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} args - * @return {Promise} + * @return {String} */ - async cli(rootPath, command, args) { + cli(rootPath, command, args) { const execute = spawnSync(command, args, { cwd: rootPath, env: process.env }); if (execute.status === 0) { return execute.stdout.toString(); } - return process.env.DEBUG - ? await Promise.reject(Error(execute.stderr.toString())) - : Promise.reject(Error(`${command} ${args.join(' ')} failed. Enable DEBUG=debug to learn more.`)); + if (process.env.DEBUG) { + throw Error(execute.stderr.toString()); + } + throw Error(`${command} ${args.join(' ')} failed. Enable DEBUG=debug to learn more.`); } /** - * @param {string} rootPath - * @param {Object} components - * @return {Promise} + * Execute + * @param {String} rootPath + * @param {String} components + * @return {String} */ - async removeConfig(rootPath, components) { + removeConfig(rootPath, components) { const jsonComponents = JSON.parse(components); const terrahubConfig = ['configure', '--config']; - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.terraform', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider', '-D', '-y']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0]={}']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0].aws={}']]); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[0].aws.region=var.region']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[0].aws.allowed_account_ids[]=var.account_id']] - ); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1]={}']]); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws={}']]); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.alias=default']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.region=var.region']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.provider[1].aws.allowed_account_ids[]=var.account_id']] - ); - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['template.tfvars.account_id=123456789012']] - ); - await this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars.region=us-east-1']]); - - for (const key of Object.keys(jsonComponents)) { - await this.executeWithoutErrors( - rootPath, 'terrahub', - [...terrahubConfig, ...['terraform', '--include', key, '--delete', '--auto-approve']] - ); - } + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.terraform', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider', '-D', '-y']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0]={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[0].aws={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[0].aws.region=var.region'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[0].aws.allowed_account_ids[]=var.account_id'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1]={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws={}']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.provider[1].aws.alias=default']]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[1].aws.region=var.region'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.provider[1].aws.allowed_account_ids[]=var.account_id'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['template.tfvars.account_id=123456789012'] + ]); + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['template.tfvars.region=us-east-1']]); + + Object.keys(jsonComponents).forEach(key => { + this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['terraform', '--include', key, '--delete', '--auto-approve'] + ]); + }); return 'Success'; } @@ -101,8 +94,7 @@ class Helper { backendValue += `/\${tfvar.terrahub["component"]["name"]}` + (backend === 'prefix' ? '' : '/terraform.tfstate'); } - processes.push([ - ...terrahubConfig, + processes.push([...terrahubConfig, ...[`template.terraform.backend.${backend}.${backendKey}=${backendValue}`] ]); }); @@ -163,39 +155,50 @@ class Helper { const data = await Helper.s3Helper.getObject(links[2], prefix); data.Contents.forEach(item => { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${'s3:\/\/' + path.join(links[2], item.Key)}`, '-i', key]]); + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${'s3:\/\/' + path.join(links[2], item.Key)}`, '-i', key] + ]); }); break; case 'gs': // @todo ls gs break; case '..': - fs.readdirSync(path.join(__dirname, '..', linkList[0])).forEach(function (name) { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key]]); + fs.readdirSync(path.join(__dirname, '..', linkList[0])).forEach(name => { + if (path.extname(name) === '.tfvars') { + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key] + ]); + } }); break; default: - fs.readdirSync(path.join(linkList[0])).forEach(function (name) { - processes.push([...terrahubConfig, ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key]]); + fs.readdirSync(path.join(__dirname, '..', '..', '..', 'components', key, linkList[0])).forEach(name => { + if (path.extname(name) === '.tfvars') { + processes.push([...terrahubConfig, + ...[`terraform.varFile[0]=${path.join(linkList[0], name)}`, '-i', key] + ]); + } }); break; } } - return this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, ...['terraform', '--delete', '--auto-approve', '--include', key]]); + return this.executeWithoutErrors(rootPath, 'terrahub', [...terrahubConfig, + ...['terraform', '--delete', '--auto-approve', '--include', key] + ]); })); } /** * Check if terrahub cli is installed - * @return {Promise} */ - async checkIfTerrahubIsInstalled() { + checkIfTerrahubIsInstalled() { const where = os.platform() === 'win32' ? 'where' : 'which'; try { execSync(`${where} terrahub`, { encoding: 'utf8', shell: true, cwd: process.cwd(), stdio: 'ignore' }); } catch (error) { - return Promise.reject(Error('terrahub is missing. aborting...')); + throw Error('terrahub is missing. aborting...'); } } @@ -204,18 +207,18 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} argsList - * @return {Promise} */ - async executeWithErrors(rootPath, command, argsList) { - try { - argsList.reduce(async (accumulator, args) => { - await accumulator; - return this.cli(rootPath, command, args); - }, Promise.resolve()); - } catch (error) { - console.log('Error: failed to execute command:'); + executeWithErrors(rootPath, command, argsList) { + for (const args of argsList) { + try { + const result = this.cli(rootPath, command, args); + + console.log(result); + } catch (error) { + console.log('Error: failed to execute command:'); - return Promise.reject(error); + throw error; + } } } @@ -224,11 +227,10 @@ class Helper { * @param {String} rootPath * @param {String} command * @param {Array} args - * @return {Promise} */ - async executeWithoutErrors(rootPath, command, args) { + executeWithoutErrors(rootPath, command, args) { try { - const result = await this.cli(rootPath, command, args); + const result = this.cli(rootPath, command, args); console.log(result); } catch (error) { diff --git a/modules/landing_zone_reader_config/scripts/remove-config.js b/modules/landing_zone_reader_config/scripts/remove-config.js index f2b18a0..db47749 100644 --- a/modules/landing_zone_reader_config/scripts/remove-config.js +++ b/modules/landing_zone_reader_config/scripts/remove-config.js @@ -6,24 +6,23 @@ const { ROOT_PATH: rootPath, COMPONENTS: components } = process.env; /** * Check if required env variables are defined - * @return {Promise} */ -async function checkEnvironmentVars() { +function checkEnvironmentVars() { if (!rootPath) { - return Promise.reject(Error('ERROR: ROOT_PATH variable is empty. Aborting...')); + throw Error('ERROR: ROOT_PATH variable is empty. Aborting...'); } if (!components) { - return Promise.reject(Error('ERROR: COMPONENTS variable is empty. Aborting...')); + throw Error('ERROR: COMPONENTS variable is empty. Aborting...'); } } (async () => { try { - await checkEnvironmentVars(); - await Helper.checkIfTerrahubIsInstalled(); - const resp = await Helper.removeConfig(rootPath, components); - console.log(resp); + checkEnvironmentVars(); + Helper.checkIfTerrahubIsInstalled(); + + console.log(Helper.removeConfig(rootPath, components)); } catch (error) { console.log(error); } diff --git a/modules/landing_zone_reader_config/scripts/s3-helper.js b/modules/landing_zone_reader_config/scripts/s3-helper.js index 075a708..af2257f 100644 --- a/modules/landing_zone_reader_config/scripts/s3-helper.js +++ b/modules/landing_zone_reader_config/scripts/s3-helper.js @@ -17,8 +17,7 @@ class S3Helper { * @returns {Promise} */ async getObject(bucketName, objectKey) { - const objs = await this._s3.listObjects({ Bucket: bucketName, Delimiter: '/', Prefix: objectKey }).promise(); - return objs; + return this._s3.listObjects({ Bucket: bucketName, Delimiter: '/', Prefix: objectKey }).promise(); } } diff --git a/modules/landing_zone_reader_config/variable.tf b/modules/landing_zone_reader_config/variable.tf index e7fee5b..11a9b3c 100644 --- a/modules/landing_zone_reader_config/variable.tf +++ b/modules/landing_zone_reader_config/variable.tf @@ -17,7 +17,7 @@ variable "landing_zone_components" { variable "terraform_backend" { type = map(string) description = "This is the backend configure for all components." - default = { + default = { backend = "local" path = "/tmp/.terrahub/landing_zone" } diff --git a/outputs.tf b/outputs.tf index 94bf230..60a63be 100644 --- a/outputs.tf +++ b/outputs.tf @@ -328,6 +328,16 @@ output "landing_zone_iam_instance_profile_roles" { description = "The role's assigned to the instance profile's." } +output "landing_zone_vpc_endpoint_gateway_ids" { + value = module.landing_zone.landing_zone["landing_zone_vpc_endpoint_gateway_ids"] + description = "The ID's of the VPC Endpoint Gateway." +} + +output "landing_zone_vpc_endpoint_interface_ids" { + value = module.landing_zone.landing_zone["landing_zone_vpc_endpoint_interface_ids"] + description = "The ID's of the VPC Endpoint Interface." +} + output "landing_zone_vpc_peering_connection_ids" { value = module.landing_zone.landing_zone["landing_zone_vpc_peering_connection_ids"] description = "The ID's of the VPC Peering Connection." @@ -412,3 +422,69 @@ output "landing_zone_secretsmanager_secret_arns" { value = module.landing_zone.landing_zone["landing_zone_secretsmanager_secret_arns"] description = "Amazon Resource Name (ARN's) of the secret." } + +output "landing_zone_ssm_activation_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_activation_ids"] + description = "The ID's of the SSM Activation." +} + +output "landing_zone_ssm_association_by_instance_id_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_association_by_instance_id_ids"] + description = "The ID's of the SSM Associaton by Instance ID." +} + +output "landing_zone_ssm_association_by_instance_id_names" { + value = module.landing_zone.landing_zone["landing_zone_ssm_association_by_instance_id_names"] + description = "The name of the SSM Associaton by Instance ID." +} + +output "landing_zone_ssm_association_by_targets_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_association_by_targets_ids"] + description = "The ID's of the SSM Associaton by targets." +} + +output "landing_zone_ssm_association_by_targets_names" { + value = module.landing_zone.landing_zone["landing_zone_ssm_association_by_targets_names"] + description = "The name of the SSM Associaton by targets." +} + +output "landing_zone_ssm_document_created_dates" { + value = module.landing_zone.landing_zone["landing_zone_ssm_document_created_dates"] + description = "The created date of the SSM Document." +} + +output "landing_zone_ssm_document_hashes" { + value = module.landing_zone.landing_zone["landing_zone_ssm_document_hashes"] + description = "The hash of the SSM Documents" +} + +output "landing_zone_ssm_maintenance_window_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_maintenance_window_ids"] + description = "The ID's of the SSM Maintenance Window." +} + +output "landing_zone_ssm_maintenance_window_target_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_maintenance_window_target_ids"] + description = "The ID's of the SSM Maintenance Window Target." + +} + +output "landing_zone_ssm_parameter_arns" { + value = module.landing_zone.landing_zone["landing_zone_ssm_parameter_arns"] + description = "Amazon Resource Name (ARN's) of the SSM Parameter." +} + +output "landing_zone_ssm_parameter_names" { + value = module.landing_zone.landing_zone["landing_zone_ssm_parameter_names"] + description = "The name of the SSM Parameter." +} + +output "landing_zone_ssm_patch_baseline_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_patch_baseline_ids"] + description = "The ID's of the SSM Patch Baseline." +} + +output "landing_zone_ssm_patch_group_ids" { + value = module.landing_zone.landing_zone["landing_zone_ssm_patch_group_ids"] + description = "The ID's of the SSM Patch Group." +} diff --git a/package.json b/package.json index 82cb931..d62835c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "terraform-aws-landing-zone", - "version": "0.1.10", + "version": "0.1.11", "author": "Mitoc Group Team", "license": "MPL-2.0", "private": true, diff --git a/terraform.local.tfvars b/terraform.local.tfvars index 463c625..65a674e 100644 --- a/terraform.local.tfvars +++ b/terraform.local.tfvars @@ -1,66 +1,73 @@ landing_zone_components = { - landing_zone_pipeline_s3_bucket = "default.tfvars" - landing_zone_pipeline_artifact_s3_bucket = "default.tfvars" - landing_zone_code_build = "default.tfvars" - landing_zone_code_build_role = "default.tfvars" - landing_zone_code_build_role_policy = "default.tfvars" - landing_zone_code_pipeline = "default.tfvars" - landing_zone_code_pipeline_role = "default.tfvars" - landing_zone_code_pipeline_role_policy = "default.tfvars" - landing_zone_config_aggregate_authorization = "default.tfvars" - landing_zone_config_config_rule = "default.tfvars" - landing_zone_config_configuration_aggregator = "default.tfvars" - landing_zone_config_configuration_recorder = "default.tfvars" - landing_zone_config_configuration_recorder_status = "default.tfvars" - landing_zone_config_delivery_channel = "default.tfvars" - landing_zone_config_organization_custom_rule = "default.tfvars" - landing_zone_config_organization_managed_rule = "default.tfvars" - landing_zone_organization = "default.tfvars" - landing_zone_organization_accounts = "default.tfvars" - landing_zone_organization_unit = "default.tfvars" - landing_zone_organization_policy = "default.tfvars" - landing_zone_organization_policy_attachment = "default.tfvars" - landing_zone_vpc = "default.tfvars" - landing_zone_vpc_endpoint_gateway = "default.tfvars" - landing_zone_vpc_endpoint_interface = "default.tfvars" - landing_zone_vpc_peering_connection = "default.tfvars" - landing_zone_subnet = "default.tfvars" - landing_zone_eip = "default.tfvars" - landing_zone_gateway_cgw = "default.tfvars" - landing_zone_gateway_nat = "default.tfvars" - landing_zone_gateway_igw = "default.tfvars" - landing_zone_gateway_tgw = "default.tfvars" - landing_zone_gateway_vgw = "default.tfvars" - landing_zone_route_table = "default.tfvars" - landing_zone_route_table_association = "default.tfvars" - landing_zone_route_table_association_tgw = "default.tfvars" - landing_zone_route_table_tgw = "default.tfvars" - landing_zone_route_tgw = "default.tfvars" - landing_zone_route = "default.tfvars" - landing_zone_route_igw = "default.tfvars" - landing_zone_route_ipv6 = "default.tfvars" - landing_zone_route_pcx = "default.tfvars" - landing_zone_tgw_route = "default.tfvars" - landing_zone_tgw_route_table = "default.tfvars" - landing_zone_tgw_route_table_association = "default.tfvars" - landing_zone_tgw_route_table_propagation = "default.tfvars" - landing_zone_tgw_vpc_attachment = "default.tfvars" - landing_zone_tgw_vpc_attachment_accepter = "default.tfvars" - landing_zone_network_acl = "default.tfvars" - landing_zone_network_acl_rules = "default.tfvars" - landing_zone_security_group = "default.tfvars" - landing_zone_security_group_rule_ingress = "default.tfvars" - landing_zone_security_group_rule_egress = "default.tfvars" - landing_zone_secretsmanager_secret = "default.tfvars" - landing_zone_cloudtrail_s3_bucket = "default.tfvars" - landing_zone_cloudtrail_s3_bucket_policy = "default.tfvars" - landing_zone_cloudtrail = "default.tfvars" - landing_zone_directory_service_directory = "default.tfvars" - landing_zone_iam_role = "default.tfvars" - landing_zone_iam_policy = "default.tfvars" - landing_zone_iam_role_policy_attachment = "default.tfvars" - landing_zone_iam_instance_profile = "default.tfvars" - landing_zone_iam_saml_provider = "default.tfvars" + landing_zone_cloudtrail = "./*.tfvars" + landing_zone_cloudtrail_s3_bucket = "./*.tfvars" + landing_zone_cloudtrail_s3_bucket_policy = "./*.tfvars" + landing_zone_code_build = "./*.tfvars" + landing_zone_code_build_role = "./*.tfvars" + landing_zone_code_build_role_policy = "./*.tfvars" + landing_zone_code_pipeline = "./*.tfvars" + landing_zone_code_pipeline_role = "./*.tfvars" + landing_zone_code_pipeline_role_policy = "./*.tfvars" + landing_zone_config_aggregate_authorization = "./*.tfvars" + landing_zone_config_config_rule = "./*.tfvars" + landing_zone_config_configuration_aggregator = "./*.tfvars" + landing_zone_config_configuration_recorder = "./*.tfvars" + landing_zone_config_configuration_recorder_status = "./*.tfvars" + landing_zone_config_delivery_channel = "./*.tfvars" + landing_zone_config_organization_custom_rule = "./*.tfvars" + landing_zone_config_organization_managed_rule = "./*.tfvars" + landing_zone_directory_service_directory = "./*.tfvars" + landing_zone_eip = "./*.tfvars" + landing_zone_gateway_cgw = "./*.tfvars" + landing_zone_gateway_igw = "./*.tfvars" + landing_zone_gateway_nat = "./*.tfvars" + landing_zone_gateway_tgw = "./*.tfvars" + landing_zone_gateway_vgw = "./*.tfvars" + landing_zone_iam_instance_profile = "./*.tfvars" + landing_zone_iam_policy = "./*.tfvars" + landing_zone_iam_role = "./*.tfvars" + landing_zone_iam_role_policy_attachment = "./*.tfvars" + landing_zone_iam_saml_provider = "./*.tfvars" + landing_zone_network_acl = "./*.tfvars" + landing_zone_network_acl_rules = "./*.tfvars" + landing_zone_organization = "./*.tfvars" + landing_zone_organization_accounts = "./*.tfvars" + landing_zone_organization_policy = "./*.tfvars" + landing_zone_organization_policy_attachment = "./*.tfvars" + landing_zone_organization_unit = "./*.tfvars" + landing_zone_pipeline_artifact_s3_bucket = "./*.tfvars" + landing_zone_pipeline_s3_bucket = "./*.tfvars" + landing_zone_route = "./*.tfvars" + landing_zone_route_igw = "./*.tfvars" + landing_zone_route_ipv6 = "./*.tfvars" + landing_zone_route_pcx = "./*.tfvars" + landing_zone_route_table = "./*.tfvars" + landing_zone_route_table_association = "./*.tfvars" + landing_zone_route_table_association_tgw = "./*.tfvars" + landing_zone_route_table_tgw = "./*.tfvars" + landing_zone_secretsmanager_secret = "./*.tfvars" + landing_zone_security_group = "./*.tfvars" + landing_zone_security_group_rule_egress = "./*.tfvars" + landing_zone_security_group_rule_ingress = "./*.tfvars" + landing_zone_ssm_activation = "./*.tfvars" + landing_zone_ssm_association_by_instance_id = "./*.tfvars" + landing_zone_ssm_association_by_targets = "./*.tfvars" + landing_zone_ssm_document = "./*.tfvars" + landing_zone_ssm_maintenance_window = "./*.tfvars" + landing_zone_ssm_maintenance_window_target = "./*.tfvars" + landing_zone_ssm_parameter = "./*.tfvars" + landing_zone_sso = "./*.tfvars" + landing_zone_subnet = "./*.tfvars" + landing_zone_tgw_route = "./*.tfvars" + landing_zone_tgw_route_table = "./*.tfvars" + landing_zone_tgw_route_table_association = "./*.tfvars" + landing_zone_tgw_route_table_propagation = "./*.tfvars" + landing_zone_tgw_vpc_attachment = "./*.tfvars" + landing_zone_tgw_vpc_attachment_accepter = "./*.tfvars" + landing_zone_vpc = "./*.tfvars" + landing_zone_vpc_endpoint_gateway = "./*.tfvars" + landing_zone_vpc_endpoint_interface = "./*.tfvars" + landing_zone_vpc_peering_connection = "./*.tfvars" } landing_zone_providers = { diff --git a/terraform.remote.tfvars b/terraform.remote.tfvars index 0e7da99..1cb7e17 100644 --- a/terraform.remote.tfvars +++ b/terraform.remote.tfvars @@ -1,6 +1,7 @@ landing_zone_components = { - landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_s3_bucket/*.tfvars" - landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_artifact_s3_bucket/*.tfvars" + landing_zone_cloudtrail = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail/*.tfvars" + landing_zone_cloudtrail_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail_s3_bucket/*.tfvars" + landing_zone_cloudtrail_s3_bucket_policy = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail_s3_bucket_policy/*.tfvars" landing_zone_code_build = "s3://terraform-aws-landing-zone/components/landing_zone_code_build/*.tfvars" landing_zone_code_build_role = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role/*.tfvars" landing_zone_code_build_role_policy = "s3://terraform-aws-landing-zone/components/landing_zone_code_build_role_policy/*.tfvars" @@ -15,52 +16,58 @@ landing_zone_components = { landing_zone_config_delivery_channel = "s3://terraform-aws-landing-zone/components/landing_zone_config_delivery_channel/*.tfvars" landing_zone_config_organization_custom_rule = "s3://terraform-aws-landing-zone/components/landing_zone_config_organization_custom_rule/*.tfvars" landing_zone_config_organization_managed_rule = "s3://terraform-aws-landing-zone/components/landing_zone_config_organization_managed_rule/*.tfvars" - landing_zone_organization = "s3://terraform-aws-landing-zone/components/landing_zone_organization/*.tfvars" - landing_zone_organization_accounts = "s3://terraform-aws-landing-zone/components/landing_zone_organization_accounts/*.tfvars" - landing_zone_organization_unit = "s3://terraform-aws-landing-zone/components/landing_zone_organization_unit/*.tfvars" - landing_zone_organization_policy = "s3://terraform-aws-landing-zone/components/landing_zone_organization_policy/*.tfvars" - landing_zone_organization_policy_attachment = "s3://terraform-aws-landing-zone/components/landing_zone_organization_policy_attachment/*.tfvars" - landing_zone_vpc = "s3://terraform-aws-landing-zone/components/landing_zone_vpc/*.tfvars" - landing_zone_vpc_endpoint_gateway = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_endpoint_gateway/*.tfvars" - landing_zone_vpc_endpoint_interface = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_endpoint_interface/*.tfvars" - landing_zone_vpc_peering_connection = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_peering_connection/*.tfvars" - landing_zone_subnet = "s3://terraform-aws-landing-zone/components/landing_zone_subnet/*.tfvars" + landing_zone_directory_service_directory = "s3://terraform-aws-landing-zone/components/landing_zone_directory_service_directory/*.tfvars" landing_zone_eip = "s3://terraform-aws-landing-zone/components/landing_zone_eip/*.tfvars" landing_zone_gateway_cgw = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_cgw/*.tfvars" - landing_zone_gateway_nat = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_nat/*.tfvars" landing_zone_gateway_igw = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_igw/*.tfvars" + landing_zone_gateway_nat = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_nat/*.tfvars" landing_zone_gateway_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_tgw/*.tfvars" landing_zone_gateway_vgw = "s3://terraform-aws-landing-zone/components/landing_zone_gateway_vgw/*.tfvars" - landing_zone_route_table = "s3://terraform-aws-landing-zone/components/landing_zone_route_table/*.tfvars" - landing_zone_route_table_association = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_association/*.tfvars" - landing_zone_route_table_association_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_association_tgw/*.tfvars" - landing_zone_route_table_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_tgw/*.tfvars" - landing_zone_route_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_route_tgw/*.tfvars" + landing_zone_iam_instance_profile = "s3://terraform-aws-landing-zone/components/landing_zone_iam_instance_profile/*.tfvars" + landing_zone_iam_policy = "s3://terraform-aws-landing-zone/components/landing_zone_iam_policy/*.tfvars" + landing_zone_iam_role = "s3://terraform-aws-landing-zone/components/landing_zone_iam_role/*.tfvars" + landing_zone_iam_role_policy_attachment = "s3://terraform-aws-landing-zone/components/landing_zone_iam_role_policy_attachment/*.tfvars" + landing_zone_iam_saml_provider = "s3://terraform-aws-landing-zone/components/landing_zone_iam_saml_provider/*.tfvars" + landing_zone_network_acl = "s3://terraform-aws-landing-zone/components/landing_zone_network_acl/*.tfvars" + landing_zone_network_acl_rules = "s3://terraform-aws-landing-zone/components/landing_zone_network_acl_rules/*.tfvars" + landing_zone_organization = "s3://terraform-aws-landing-zone/components/landing_zone_organization/*.tfvars" + landing_zone_organization_accounts = "s3://terraform-aws-landing-zone/components/landing_zone_organization_accounts/*.tfvars" + landing_zone_organization_policy = "s3://terraform-aws-landing-zone/components/landing_zone_organization_policy/*.tfvars" + landing_zone_organization_policy_attachment = "s3://terraform-aws-landing-zone/components/landing_zone_organization_policy_attachment/*.tfvars" + landing_zone_organization_unit = "s3://terraform-aws-landing-zone/components/landing_zone_organization_unit/*.tfvars" + landing_zone_pipeline_artifact_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_artifact_s3_bucket/*.tfvars" + landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_pipeline_s3_bucket/*.tfvars" landing_zone_route = "s3://terraform-aws-landing-zone/components/landing_zone_route/*.tfvars" landing_zone_route_igw = "s3://terraform-aws-landing-zone/components/landing_zone_route_igw/*.tfvars" landing_zone_route_ipv6 = "s3://terraform-aws-landing-zone/components/landing_zone_route_ipv6/*.tfvars" landing_zone_route_pcx = "s3://terraform-aws-landing-zone/components/landing_zone_route_pcx/*.tfvars" + landing_zone_route_table = "s3://terraform-aws-landing-zone/components/landing_zone_route_table/*.tfvars" + landing_zone_route_table_association = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_association/*.tfvars" + landing_zone_route_table_association_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_association_tgw/*.tfvars" + landing_zone_route_table_tgw = "s3://terraform-aws-landing-zone/components/landing_zone_route_table_tgw/*.tfvars" + landing_zone_secretsmanager_secret = "s3://terraform-aws-landing-zone/components/landing_zone_secretsmanager_secret/*.tfvars" + landing_zone_security_group = "s3://terraform-aws-landing-zone/components/landing_zone_security_group/*.tfvars" + landing_zone_security_group_rule_egress = "s3://terraform-aws-landing-zone/components/landing_zone_security_group_rule_egress/*.tfvars" + landing_zone_security_group_rule_ingress = "s3://terraform-aws-landing-zone/components/landing_zone_security_group_rule_ingress/*.tfvars" + landing_zone_ssm_activation = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_activation/*.tfvars" + landing_zone_ssm_association_by_instance_id = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_association_by_instance_id/*.tfvars" + landing_zone_ssm_association_by_targets = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_association_by_targets/*.tfvars" + landing_zone_ssm_document = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_document/*.tfvars" + landing_zone_ssm_maintenance_window = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_maintenance_window/*.tfvars" + landing_zone_ssm_maintenance_window_target = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_maintenance_window_target/*.tfvars" + landing_zone_ssm_parameter = "s3://terraform-aws-landing-zone/components/landing_zone_ssm_parameter/*.tfvars" + landing_zone_sso = "s3://terraform-aws-landing-zone/components/landing_zone_sso/*.tfvars" + landing_zone_subnet = "s3://terraform-aws-landing-zone/components/landing_zone_subnet/*.tfvars" landing_zone_tgw_route = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_route/*.tfvars" landing_zone_tgw_route_table = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_route_table/*.tfvars" landing_zone_tgw_route_table_association = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_route_table_association/*.tfvars" landing_zone_tgw_route_table_propagation = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_route_table_propagation/*.tfvars" landing_zone_tgw_vpc_attachment = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_vpc_attachment/*.tfvars" landing_zone_tgw_vpc_attachment_accepter = "s3://terraform-aws-landing-zone/components/landing_zone_tgw_vpc_attachment_accepter/*.tfvars" - landing_zone_network_acl = "s3://terraform-aws-landing-zone/components/landing_zone_network_acl/*.tfvars" - landing_zone_network_acl_rules = "s3://terraform-aws-landing-zone/components/landing_zone_network_acl_rules/*.tfvars" - landing_zone_security_group = "s3://terraform-aws-landing-zone/components/landing_zone_security_group/*.tfvars" - landing_zone_security_group_rule_ingress = "s3://terraform-aws-landing-zone/components/landing_zone_security_group_rule_ingress/*.tfvars" - landing_zone_security_group_rule_egress = "s3://terraform-aws-landing-zone/components/landing_zone_security_group_rule_egress/*.tfvars" - landing_zone_secretsmanager_secret = "s3://terraform-aws-landing-zone/components/landing_zone_secretsmanager_secret/*.tfvars" - landing_zone_cloudtrail_s3_bucket = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail_s3_bucket/*.tfvars" - landing_zone_cloudtrail_s3_bucket_policy = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail_s3_bucket_policy/*.tfvars" - landing_zone_cloudtrail = "s3://terraform-aws-landing-zone/components/landing_zone_cloudtrail/*.tfvars" - landing_zone_directory_service_directory = "s3://terraform-aws-landing-zone/components/landing_zone_directory_service_directory/*.tfvars" - landing_zone_iam_role = "s3://terraform-aws-landing-zone/components/landing_zone_iam_role/*.tfvars" - landing_zone_iam_policy = "s3://terraform-aws-landing-zone/components/landing_zone_iam_policy/*.tfvars" - landing_zone_iam_role_policy_attachment = "s3://terraform-aws-landing-zone/components/landing_zone_iam_role_policy_attachment/*.tfvars" - landing_zone_iam_instance_profile = "s3://terraform-aws-landing-zone/components/landing_zone_iam_instance_profile/*.tfvars" - landing_zone_iam_saml_provider = "s3://terraform-aws-landing-zone/components/landing_zone_iam_saml_provider/*.tfvars" + landing_zone_vpc = "s3://terraform-aws-landing-zone/components/landing_zone_vpc/*.tfvars" + landing_zone_vpc_endpoint_gateway = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_endpoint_gateway/*.tfvars" + landing_zone_vpc_endpoint_interface = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_endpoint_interface/*.tfvars" + landing_zone_vpc_peering_connection = "s3://terraform-aws-landing-zone/components/landing_zone_vpc_peering_connection/*.tfvars" } landing_zone_providers = {