diff --git a/terraform/backups-929991548720/tf_backup/main.tf b/terraform/backups-929991548720/tf_backup/main.tf index 7b59109..128d46d 100644 --- a/terraform/backups-929991548720/tf_backup/main.tf +++ b/terraform/backups-929991548720/tf_backup/main.tf @@ -10,6 +10,12 @@ terraform { } } +locals { + common_tags = { + "ManagedBy" = "terraform" + } +} + provider "aws" { version = ">= 2.63.0" region = var.aws_region @@ -26,4 +32,4 @@ data "aws_subnet_ids" "default" { vpc_id = data.aws_vpc.default.id } -data "aws_caller_identity" "current" {} \ No newline at end of file +data "aws_caller_identity" "current" {} diff --git a/terraform/backups-929991548720/tf_backup/s3.tf b/terraform/backups-929991548720/tf_backup/s3.tf index cc6e760..d9e5e40 100644 --- a/terraform/backups-929991548720/tf_backup/s3.tf +++ b/terraform/backups-929991548720/tf_backup/s3.tf @@ -1,10 +1,9 @@ resource "aws_s3_bucket" "repo_backup" { bucket = var.s3_bucket_backup_name acl = "private" - - versioning { - enabled = var.s3_bucket_versioning - } + tags = merge({ + "Name" : var.s3_bucket_backup_name + }, local.common_tags) lifecycle_rule { prefix = "" @@ -39,6 +38,13 @@ resource "aws_s3_bucket" "repo_backup" { } +resource "aws_s3_bucket_versioning" "repo_backup" { + bucket = aws_s3_bucket.repo_backup.id + versioning_configuration { + status = "Suspended" + } +} + resource "aws_s3_bucket_public_access_block" "repo_backup" { bucket = aws_s3_bucket.repo_backup.id block_public_acls = true @@ -56,4 +62,4 @@ resource "aws_vpc_endpoint" "s3" { data "aws_route_tables" "default" { vpc_id = data.aws_vpc.default.id -} \ No newline at end of file +} diff --git a/terraform/backups-929991548720/tf_backup/variables.tf b/terraform/backups-929991548720/tf_backup/variables.tf index ecc94ba..9011149 100644 --- a/terraform/backups-929991548720/tf_backup/variables.tf +++ b/terraform/backups-929991548720/tf_backup/variables.tf @@ -44,12 +44,6 @@ variable "s3_bucket_backup_name" { type = string } -variable "s3_bucket_versioning" { - description = "Enables/disables s3 bucket versioning" - type = bool - default = false -} - variable "repo_blacklist" { description = "Comma separated list of repositories to exclude from backup" type = set(string) diff --git a/terraform/root-162540680133/tf_organization/billing_alarm.tf b/terraform/root-162540680133/tf_organization/billing_alarm.tf index 79aa972..af0da39 100644 --- a/terraform/root-162540680133/tf_organization/billing_alarm.tf +++ b/terraform/root-162540680133/tf_organization/billing_alarm.tf @@ -2,7 +2,7 @@ resource "aws_budgets_budget" "default" { for_each = var.org_accounts name = "${each.key}-budget" budget_type = "COST" - limit_amount = each.value["montly_budget"] + limit_amount = each.value["monthly_budget"] limit_unit = "USD" time_unit = "MONTHLY" time_period_start = formatdate("YYYY-MM-DD_00:00", timestamp()) @@ -19,7 +19,7 @@ resource "aws_budgets_budget" "default" { comparison_operator = "GREATER_THAN" threshold = 100 threshold_type = "PERCENTAGE" - notification_type = "ACTUAL" + notification_type = "FORECASTED" subscriber_email_addresses = each.value["billing_alarm_notify_emails"] } -} \ No newline at end of file +} diff --git a/terraform/root-162540680133/tf_organization/terraform.tfvars b/terraform/root-162540680133/tf_organization/terraform.tfvars index d7ff84e..774bb9c 100644 --- a/terraform/root-162540680133/tf_organization/terraform.tfvars +++ b/terraform/root-162540680133/tf_organization/terraform.tfvars @@ -4,15 +4,15 @@ billing_alarm_notify_emails = [ "tip-alerts@opsfleet.com" ] -budget_montly_limit = { +budget_monthly_limit = { "cicd" = "100.0" "wifi" = "100.0" } org_accounts = { "cicd" = { - "email" = "cicd-admin@telecominfraproject.com" - "montly_budget" = "500.0" + "email" = "cicd-admin@telecominfraproject.com" + "monthly_budget" = "500.0" "billing_alarm_notify_emails" = [ "dorongivoni@fb.com", "jcrosby@launchcg.com", @@ -20,19 +20,18 @@ org_accounts = { } "wifi" = { - "email" = "wifi-admin@telecominfraproject.com" - "montly_budget" = "1000.0" + "email" = "wifi-admin@telecominfraproject.com" + "monthly_budget" = "5000.0" "billing_alarm_notify_emails" = [ - "dorongivoni@fb.com", - "jcrosby@launchcg.com", - "dmitry.toptygin@connectus.ai", - "chrisbusch@fb.com", + "jaspreetsachdev@meta.com", + "tip-alerts@opsfleet.com", + "chrisbusch@meta.com", ] } "openautomation" = { - "email" = "netauto-admin@telecominfraproject.com" - "montly_budget" = "500.0" + "email" = "netauto-admin@telecominfraproject.com" + "monthly_budget" = "500.0" "billing_alarm_notify_emails" = [ "dorongivoni@fb.com", "jcrosby@launchcg.com", diff --git a/terraform/root-162540680133/tf_organization/variables.tf b/terraform/root-162540680133/tf_organization/variables.tf index f4b95ea..5628621 100644 --- a/terraform/root-162540680133/tf_organization/variables.tf +++ b/terraform/root-162540680133/tf_organization/variables.tf @@ -8,11 +8,11 @@ variable "billing_alarm_notify_emails" { type = set(string) } -variable "budget_montly_limit" { - description = "Montly budget limit, USD" +variable "budget_monthly_limit" { + description = "Monthly budget limit, USD" type = map(string) } variable "org_accounts" { description = "Organization accounts" -} \ No newline at end of file +} diff --git a/terraform/wifi-289708231103/allure-reports-s3/main.tf b/terraform/wifi-289708231103/allure-reports-s3/main.tf index c66ee64..d383092 100644 --- a/terraform/wifi-289708231103/allure-reports-s3/main.tf +++ b/terraform/wifi-289708231103/allure-reports-s3/main.tf @@ -35,7 +35,9 @@ locals { resource "aws_s3_bucket" "bucket" { bucket = "openwifi-allure-reports" acl = "public-read" - tags = local.common_tags + tags = merge({ + "Name" : "openwifi-allure-reports" + }, local.common_tags) website { index_document = "index.html" diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/.terraform.lock.hcl b/terraform/wifi-289708231103/cloudsdk_cicd/.terraform.lock.hcl index aa1da8d..1b8ca3d 100644 --- a/terraform/wifi-289708231103/cloudsdk_cicd/.terraform.lock.hcl +++ b/terraform/wifi-289708231103/cloudsdk_cicd/.terraform.lock.hcl @@ -2,21 +2,22 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "3.61.0" - constraints = ">= 2.23.0, >= 2.55.0, >= 2.59.0, >= 2.68.0" + version = "4.38.0" + constraints = ">= 2.23.0, >= 2.68.0, >= 3.22.0, >= 3.35.0" hashes = [ - "h1:0WQSlLpN11nCeKu/k07BwcpypK0AfZDcbfkCxI/QbiE=", - "zh:0483ca802ddb0ae4f73144b4357ba72242c6e2641aeb460b1aa9a6f6965464b0", - "zh:274712214ebeb0c1269cbc468e5705bb5741dc45b05c05e9793ca97f22a1baa1", - "zh:3c6bd97a2ca809469ae38f6893348386c476cb3065b120b785353c1507401adf", - "zh:53dd41a9aed9860adbbeeb71a23e4f8195c656fd15a02c90fa2d302a5f577d8c", - "zh:65c639c547b97bc880fd83e65511c0f4bbfc91b63cada3b8c0d5776444221700", - "zh:a2769e19137ff480c1dd3e4f248e832df90fb6930a22c66264d9793895161714", - "zh:a5897a99332cc0071e46a71359b86a8e53ab09c1453e94cd7cf45a0b577ff590", - "zh:bdc2353642d16d8e2437a9015cd4216a1772be9736645cc17d1a197480e2b5b7", - "zh:cbeace1deae938f6c0aca3734e6088f3633ca09611aff701c15cb6d42f2b918a", - "zh:d33ca19012aabd98cc03fdeccd0bd5ce56e28f61a1dfbb2eea88e89487de7fb3", - "zh:d548b29a864b0687e85e8a993f208e25e3ecc40fcc5b671e1985754b32fdd658", + "h1:bhDPZioOF9Uz9mavezCHfYbD5YJ3fEPsixLpcWgV/kU=", + "zh:0ae61458acf7acecf47f7a02e08da1f7adeee9532e053c0d80432f16197e4799", + "zh:1ece9bcef41ffc75e0955419d7f8b1708ab7ffe4518bc9a2afe3bc5c79a9e79b", + "zh:302065a7c3ae798345b92a465b650b025d9c4e9abc3e78421ecc69a17b8c3d6a", + "zh:52d61f6a3ed6726b821a78f1fb78df818cf24a4d2378cc16afded297b37d4b7b", + "zh:6c365ed0cae031acdbcca04560997589a94629269cb456d468cbe51a3a020386", + "zh:70987a51d782f3458f124efea320157a48453864c420421051c56d41e463a948", + "zh:8b5a5f30240c67e596a89ccd76aa81133e6ae253c8a06a932b8901ef2b4a7486", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:d672167515ece7c2db4663faf180dfb6cfc6dbf5e149f868d05c39bb54b9ca03", + "zh:df1bc9926674b2e1246c9ebffd8bf8c4e380f50910a7f0b3ded957e8768ae27a", + "zh:e304b6e2bd66e7992326aa0446152547eb97e8f77d00bc1a9096022ac37e5d71", + "zh:f033690f11446af1383ad74149f429fae19e2784af5e151a22f46965dff21b29", ] } @@ -39,96 +40,101 @@ provider "registry.terraform.io/hashicorp/cloudinit" { } provider "registry.terraform.io/hashicorp/http" { - version = "2.1.0" + version = "3.2.1" hashes = [ - "h1:HmUcHqc59VeHReHD2SEhnLVQPUKHKTipJ8Jxq67GiDU=", - "zh:03d82dc0887d755b8406697b1d27506bc9f86f93b3e9b4d26e0679d96b802826", - "zh:0704d02926393ddc0cfad0b87c3d51eafeeae5f9e27cc71e193c141079244a22", - "zh:095ea350ea94973e043dad2394f10bca4a4bf41be775ba59d19961d39141d150", - "zh:0b71ac44e87d6964ace82979fc3cbb09eb876ed8f954449481bcaa969ba29cb7", - "zh:0e255a170db598bd1142c396cefc59712ad6d4e1b0e08a840356a371e7b73bc4", - "zh:67c8091cfad226218c472c04881edf236db8f2dc149dc5ada878a1cd3c1de171", - "zh:75df05e25d14b5101d4bc6624ac4a01bb17af0263c9e8a740e739f8938b86ee3", - "zh:b4e36b2c4f33fdc44bf55fa1c9bb6864b5b77822f444bd56f0be7e9476674d0e", - "zh:b9b36b01d2ec4771838743517bc5f24ea27976634987c6d5529ac4223e44365d", - "zh:ca264a916e42e221fddb98d640148b12e42116046454b39ede99a77fc52f59f4", - "zh:fe373b2fb2cc94777a91ecd7ac5372e699748c455f44f6ea27e494de9e5e6f92", + "h1:DfxMa1zM/0NCFWN5PAxivSHJMNkOAFZvDYQkO72ZQmw=", + "zh:088b3b3128034485e11dff8da16e857d316fbefeaaf5bef24cceda34c6980641", + "zh:09ed1f2462ea4590b112e048c4af556f0b6eafc7cf2c75bb2ac21cd87ca59377", + "zh:39c6b0b4d3f0f65e783c467d3f634e2394820b8aef907fcc24493f21dcf73ca3", + "zh:47aab45327daecd33158a36c1a36004180a518bf1620cdd5cfc5e1fe77d5a86f", + "zh:4d70a990aa48116ab6f194eef393082c21cf58bece933b63575c63c1d2b66818", + "zh:65470c43fda950c7e9ac89417303c470146de984201fff6ef84299ea29e02d30", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:842b4dd63e438f5cd5fdfba1c09b8fdf268e8766e6690988ee24e8b25bfd9e8d", + "zh:a167a057f7e2d80c78d4b4057538588131fceb983d5c93b07675ad9eb1aa5790", + "zh:d0ba69b62b6db788cfe3cf8f7dc6e9a0eabe2927dc119d7fe3fe6573ee559e66", + "zh:e28d24c1d5ff24b1d1cc6f0074a1f41a6974f473f4ff7a37e55c7b6dca68308a", + "zh:fde8a50554960e5366fd0e1ca330a7c1d24ae6bbb2888137a5c83d83ce14fd18", ] } provider "registry.terraform.io/hashicorp/kubernetes" { - version = "1.13.4" - constraints = "~> 1.9, >= 1.11.1" + version = "2.15.0" + constraints = ">= 1.11.1" hashes = [ - "h1:xZ0YM8/XezNWMhWKHWWVW8CQA7QzA1eJnXyYoq3R9uk=", - "zh:0658034b1b0e241f6d6fc8dac2073755dcbab8f82645c0a46cec052469c518b2", - "zh:11a08ffa9b86670711cb8f2754ac8034b0cdf3d9bad4f3c22695f749a892c630", - "zh:3e90e15a58f699f22bcbe27d3cf45064f9e1a2f1fb50992afc6ea55a59100d4c", - "zh:5e5a335655e40ceb4576af3790aead62646942972c206f49a3dc52275d925f11", - "zh:6bbf068c35380e75fbd7f5186c37175c6058bd6160d59957a023af3e4c9f43c5", - "zh:6bd839cce4ce786201b3d0d43b6ad80e3bf9642f74b1490b9cf72ca8d8c90575", - "zh:804ba2f1d03f315b071434fd7201eeb1e705fcb82f9a1dc4bec760e4231becfa", - "zh:957963a9f287589836a56be24bb9a172919f5a3f18098adb9f185f2a6699680b", - "zh:b099aea7f5213450f3b0d4e439aeb83aba965920b89474aa94f2bc0d6f698fe7", - "zh:b8d610a387f0df4b4c5c27b9319749d1bf60b01c69ea65d2d129c2a61afa0c7b", - "zh:cbf56221840b360befc00fe2336a9236d1ff0f32456453030ed6f58b49deb8df", + "h1:wAdoEHV4gXntbTcKkva3AKQKt1+BZL9Bi+Z+RZjFYyc=", + "zh:108011c33c0fc0b4d429d511bf97744b40b1ab261d51d413b3bffc8247369f26", + "zh:3ac39669fa20b7e0430753c3023d8393348213a84c69a18dc75057761478cfcf", + "zh:530d274328ce6428300dccf94e26d180c4c867b8fd0e4992ae890451c421fec5", + "zh:63245aa73e9df0c71b667ad9e2c6a3495ab3fe43bac0e18a54277ff0593fecdf", + "zh:71794ea586e3dc32091269b84734e82b3481faf2d0c359c2f4cab7495d4862f5", + "zh:74e163dee3d707ba500830360502b3290b18ed4f753d86c1b39b31ee2b937d2e", + "zh:79861de68923f6fd100b7b50a781458437f5d236aa0092005f77beb71f9c13f0", + "zh:93cbf9665675c56e045cb42dad7a3985603eaba3893c2dca114880026ddc6016", + "zh:a503259f0f4b0028e27a98e5d3a62b7bd70fee763a96ac1880ad7397e31783c8", + "zh:d861f87b9b129d60946d580a4190a3bd2aaa30f4fbb237a6a0823fc567c6209a", + "zh:e70dacf74b773326e6c618d41ad51a4220eec2caf77617bf45861af46ba2a4ab", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", ] } provider "registry.terraform.io/hashicorp/local" { - version = "2.1.0" + version = "2.2.3" constraints = ">= 1.4.0" hashes = [ - "h1:EYZdckuGU3n6APs97nS2LxZm3dDtGqyM4qaIvsmac8o=", - "zh:0f1ec65101fa35050978d483d6e8916664b7556800348456ff3d09454ac1eae2", - "zh:36e42ac19f5d68467aacf07e6adcf83c7486f2e5b5f4339e9671f68525fc87ab", - "zh:6db9db2a1819e77b1642ec3b5e95042b202aee8151a0256d289f2e141bf3ceb3", - "zh:719dfd97bb9ddce99f7d741260b8ece2682b363735c764cac83303f02386075a", - "zh:7598bb86e0378fd97eaa04638c1a4c75f960f62f69d3662e6d80ffa5a89847fe", - "zh:ad0a188b52517fec9eca393f1e2c9daea362b33ae2eb38a857b6b09949a727c1", - "zh:c46846c8df66a13fee6eff7dc5d528a7f868ae0dcf92d79deaac73cc297ed20c", - "zh:dc1a20a2eec12095d04bf6da5321f535351a594a636912361db20eb2a707ccc4", - "zh:e57ab4771a9d999401f6badd8b018558357d3cbdf3d33cc0c4f83e818ca8e94b", - "zh:ebdcde208072b4b0f8d305ebf2bfdc62c926e0717599dcf8ec2fd8c5845031c3", - "zh:ef34c52b68933bedd0868a13ccfd59ff1c820f299760b3c02e008dc95e2ece91", + "h1:aWp5iSUxBGgPv1UnV5yag9Pb0N+U1I0sZb38AXBFO8A=", + "zh:04f0978bb3e052707b8e82e46780c371ac1c66b689b4a23bbc2f58865ab7d5c0", + "zh:6484f1b3e9e3771eb7cc8e8bab8b35f939a55d550b3f4fb2ab141a24269ee6aa", + "zh:78a56d59a013cb0f7eb1c92815d6eb5cf07f8b5f0ae20b96d049e73db915b238", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:8aa9950f4c4db37239bcb62e19910c49e47043f6c8587e5b0396619923657797", + "zh:996beea85f9084a725ff0e6473a4594deb5266727c5f56e9c1c7c62ded6addbb", + "zh:9a7ef7a21f48fabfd145b2e2a4240ca57517ad155017e86a30860d7c0c109de3", + "zh:a63e70ac052aa25120113bcddd50c1f3cfe61f681a93a50cea5595a4b2cc3e1c", + "zh:a6e8d46f94108e049ad85dbed60354236dc0b9b5ec8eabe01c4580280a43d3b8", + "zh:bb112ce7efbfcfa0e65ed97fa245ef348e0fd5bfa5a7e4ab2091a9bd469f0a9e", + "zh:d7bec0da5c094c6955efed100f3fe22fca8866859f87c025be1760feb174d6d9", + "zh:fb9f271b72094d07cef8154cd3d50e9aa818a0ea39130bc193132ad7b23076fd", ] } provider "registry.terraform.io/hashicorp/null" { - version = "3.1.0" + version = "3.2.0" constraints = ">= 2.1.0" hashes = [ - "h1:vpC6bgUQoJ0znqIKVFevOdq+YQw42bRq0u+H3nto8nA=", - "zh:02a1675fd8de126a00460942aaae242e65ca3380b5bb192e8773ef3da9073fd2", - "zh:53e30545ff8926a8e30ad30648991ca8b93b6fa496272cd23b26763c8ee84515", - "zh:5f9200bf708913621d0f6514179d89700e9aa3097c77dac730e8ba6e5901d521", - "zh:9ebf4d9704faba06b3ec7242c773c0fbfe12d62db7d00356d4f55385fc69bfb2", - "zh:a6576c81adc70326e4e1c999c04ad9ca37113a6e925aefab4765e5a5198efa7e", - "zh:a8a42d13346347aff6c63a37cda9b2c6aa5cc384a55b2fe6d6adfa390e609c53", - "zh:c797744d08a5307d50210e0454f91ca4d1c7621c68740441cf4579390452321d", - "zh:cecb6a304046df34c11229f20a80b24b1603960b794d68361a67c5efe58e62b8", - "zh:e1371aa1e502000d9974cfaff5be4cfa02f47b17400005a16f14d2ef30dc2a70", - "zh:fc39cc1fe71234a0b0369d5c5c7f876c71b956d23d7d6f518289737a001ba69b", - "zh:fea4227271ebf7d9e2b61b89ce2328c7262acd9fd190e1fd6d15a591abfa848e", + "h1:pfjuwssoCoBDRbutlVLAP8wiDrkQ3G4d3rs+f7uSh2A=", + "zh:1d88ea3af09dcf91ad0aaa0d3978ca8dcb49dc866c8615202b738d73395af6b5", + "zh:3844db77bfac2aca43aaa46f3f698c8e5320a47e838ee1318408663449547e7e", + "zh:538fadbd87c576a332b7524f352e6004f94c27afdd3b5d105820d328dc49c5e3", + "zh:56def6f00fc2bc9c3c265b841ce71e80b77e319de7b0f662425b8e5e7eb26846", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:8fce56e5f1d13041d8047a1d0c93f930509704813a28f8d39c2b2082d7eebf9f", + "zh:989e909a5eca96b8bdd4a0e8609f1bd525949fd226ae870acedf2da0c55b0451", + "zh:99ddc34ad13e04e9c3477f5422fbec20fc13395ff940720c287bfa5c546d2fbc", + "zh:b546666da4b4b60c0eec23faab7f94dc900e48f66b5436fc1ac0b87c6709ef04", + "zh:d56643cb08cba6e074d70c4af37d5de2bd7c505f81d866d6d47c9e1d28ec65d1", + "zh:f39ac5ff9e9d00e6a670bce6825529eded4b0b4966abba36a387db5f0712d7ba", + "zh:fe102389facd09776502327352be99becc1ac09e80bc287db84a268172be641f", ] } provider "registry.terraform.io/hashicorp/random" { - version = "3.1.0" + version = "3.4.3" constraints = ">= 2.1.0" hashes = [ - "h1:BZMEPucF+pbu9gsPk0G0BHx7YP04+tKdq2MrRDF1EDM=", - "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", - "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", - "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", - "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", - "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", - "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", - "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", - "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", - "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", - "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", - "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", + "h1:xZGZf18JjMS06pFa4NErzANI98qi59SEcBsOcS2P2yQ=", + "zh:41c53ba47085d8261590990f8633c8906696fa0a3c4b384ff6a7ecbf84339752", + "zh:59d98081c4475f2ad77d881c4412c5129c56214892f490adf11c7e7a5a47de9b", + "zh:686ad1ee40b812b9e016317e7f34c0d63ef837e084dea4a1f578f64a6314ad53", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:84103eae7251384c0d995f5a257c72b0096605048f757b749b7b62107a5dccb3", + "zh:8ee974b110adb78c7cd18aae82b2729e5124d8f115d484215fd5199451053de5", + "zh:9dd4561e3c847e45de603f17fa0c01ae14cae8c4b7b4e6423c9ef3904b308dda", + "zh:bb07bb3c2c0296beba0beec629ebc6474c70732387477a65966483b5efabdbc6", + "zh:e891339e96c9e5a888727b45b2e1bb3fcbdfe0fd7c5b4396e4695459b38c8cb1", + "zh:ea4739860c24dfeaac6c100b2a2e357106a89d18751f7693f3c31ecf6a996f8d", + "zh:f0c76ac303fd0ab59146c39bc121c5d7d86f878e9a69294e29444d4c653786f8", + "zh:f143a9a5af42b38fed328a161279906759ff39ac428ebcfe55606e05e1518b93", ] } diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf b/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf index dbee1ae..8f4602f 100644 --- a/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf +++ b/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf @@ -16,5 +16,5 @@ data "http" "alb_ingress_policy_json" { resource "aws_iam_policy" "alb_ingress_iam_policy" { name_prefix = "alb-ingress-iam-policy-" description = "ALB ingress policy for cluster ${local.cluster_name}" - policy = data.http.alb_ingress_policy_json.body + policy = data.http.alb_ingress_policy_json.response_body } diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/ce_anomaly.tf b/terraform/wifi-289708231103/cloudsdk_cicd/ce_anomaly.tf new file mode 100644 index 0000000..6e30718 --- /dev/null +++ b/terraform/wifi-289708231103/cloudsdk_cicd/ce_anomaly.tf @@ -0,0 +1,91 @@ +resource "aws_sns_topic" "cost_anomaly_updates" { + name = "CostAnomalyUpdates" +} + +resource "aws_sns_topic_subscription" "cost_anomaly_subscription" { + for_each = toset(["tip-alerts@opsfleet.com", "jaspreetsachdev@meta.com"]) + topic_arn = aws_sns_topic.cost_anomaly_updates.arn + protocol = "email" + endpoint = each.value +} + +data "aws_iam_policy_document" "sns_topic_policy" { + policy_id = "__default_policy_ID" + + statement { + sid = "AWSAnomalyDetectionSNSPublishingPermissions" + + actions = [ + "SNS:Publish", + ] + + effect = "Allow" + + principals { + type = "Service" + identifiers = ["costalerts.amazonaws.com"] + } + + resources = [ + aws_sns_topic.cost_anomaly_updates.arn, + ] + } + + statement { + sid = "__default_statement_ID" + + actions = [ + "SNS:Subscribe", + "SNS:SetTopicAttributes", + "SNS:RemovePermission", + "SNS:Receive", + "SNS:Publish", + "SNS:ListSubscriptionsByTopic", + "SNS:GetTopicAttributes", + "SNS:DeleteTopic", + "SNS:AddPermission", + ] + + effect = "Allow" + + principals { + type = "AWS" + identifiers = ["289708231103"] + } + + resources = [ + aws_sns_topic.cost_anomaly_updates.arn, + ] + } +} + +resource "aws_sns_topic_policy" "default" { + arn = aws_sns_topic.cost_anomaly_updates.arn + + policy = data.aws_iam_policy_document.sns_topic_policy.json +} + +resource "aws_ce_anomaly_monitor" "wifi_cost_anomaly_monitor" { + name = "WiFiCostAnomalyMonitor" + monitor_type = "DIMENSIONAL" + monitor_dimension = "SERVICE" +} + +resource "aws_ce_anomaly_subscription" "realtime_subscription" { + name = "RealtimeAnomalySubscription" + threshold = 100 + frequency = "IMMEDIATE" + + monitor_arn_list = [ + aws_ce_anomaly_monitor.wifi_cost_anomaly_monitor.arn, + ] + + subscriber { + type = "SNS" + address = aws_sns_topic.cost_anomaly_updates.arn + } + + depends_on = [ + aws_sns_topic_policy.default, + ] +} diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf b/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf index d0168e9..5442519 100644 --- a/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf +++ b/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf @@ -3,20 +3,36 @@ resource "random_string" "random_suffix" { special = false upper = false lower = true - number = false + numeric = false } resource "aws_s3_bucket" "alb_logs" { bucket = "alb-logs-${var.org}-${var.project}-${var.deployment}-${random_string.random_suffix.result}" - acl = "private" - versioning { - enabled = false + tags = merge({ + "Name" : "alb-logs-${var.org}-${var.project}-${var.deployment}-${random_string.random_suffix.result}" + }, local.common_tags) + + lifecycle { + prevent_destroy = true } +} - lifecycle_rule { - prefix = "" - enabled = true +resource "aws_s3_bucket_versioning" "alb_logs" { + bucket = aws_s3_bucket.alb_logs.id + versioning_configuration { + status = "Suspended" + } +} + +resource "aws_s3_bucket_lifecycle_configuration" "alb_logs" { + bucket = aws_s3_bucket.alb_logs.id + + rule { + id = "logs_retention" + status = "Enabled" + + filter {} transition { days = 30 @@ -27,20 +43,21 @@ resource "aws_s3_bucket" "alb_logs" { days = 60 } } +} - server_side_encryption_configuration { - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "AES256" - } +resource "aws_s3_bucket_server_side_encryption_configuration" "alb_logs" { + bucket = aws_s3_bucket.alb_logs.bucket + + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" } } +} - tags = local.common_tags - - lifecycle { - prevent_destroy = true - } +resource "aws_s3_bucket_acl" "alb_logs" { + bucket = aws_s3_bucket.alb_logs.id + acl = "private" } resource "aws_s3_bucket_public_access_block" "alb_logs" { diff --git a/terraform/wifi-289708231103/core-dumps-s3/main.tf b/terraform/wifi-289708231103/core-dumps-s3/main.tf index 9e26cc7..a8f6d0c 100644 --- a/terraform/wifi-289708231103/core-dumps-s3/main.tf +++ b/terraform/wifi-289708231103/core-dumps-s3/main.tf @@ -33,7 +33,9 @@ data "sops_file" "secrets" { resource "aws_s3_bucket" "openwifi-core-dumps" { bucket = "openwifi-core-dumps" - tags = local.common_tags + tags = merge({ + "Name" : "openwifi-core-dumps" + }, local.common_tags) } resource "aws_s3_bucket_lifecycle_configuration" "openwifi-core-dumps" { diff --git a/terraform/wifi-289708231103/ucentral-ap-s3/main.tf b/terraform/wifi-289708231103/ucentral-ap-s3/main.tf index 3a97f4b..4bd48b8 100644 --- a/terraform/wifi-289708231103/ucentral-ap-s3/main.tf +++ b/terraform/wifi-289708231103/ucentral-ap-s3/main.tf @@ -35,7 +35,9 @@ locals { resource "aws_s3_bucket" "bucket" { bucket = "ucentral-ap-firmware" acl = "public-read" - tags = local.common_tags + tags = merge({ + "Name" : "ucentral-ap-firmware" + }, local.common_tags) logging { target_bucket = aws_s3_bucket.log_bucket.id @@ -70,7 +72,18 @@ resource "aws_s3_bucket" "bucket" { resource "aws_s3_bucket" "log_bucket" { bucket = "ucentral-ap-firmware-logs" acl = "log-delivery-write" - tags = local.common_tags + tags = merge({ + "Name" : "ucentral-ap-firmware-logs" + }, local.common_tags) + + lifecycle_rule { + id = "log_retention" + enabled = true + + expiration { + days = 14 + } + } } resource "aws_s3_bucket_object" "directory_listing" {