mirror of
https://github.com/Telecominfraproject/wlan-toolsmith.git
synced 2025-10-29 18:12:20 +00:00
add common tag ManagedBy: terraform (#73)
This commit is contained in:
Max
@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
|
||||
aws_iam_policy.alb_ingress_iam_policy.arn,
|
||||
]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "alb_ingress_iam_policy" {
|
||||
|
||||
@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
|
||||
}
|
||||
}
|
||||
|
||||
tags = local.tags
|
||||
tags = local.common_tags
|
||||
|
||||
lifecycle {
|
||||
prevent_destroy = true
|
||||
@@ -83,6 +83,7 @@ resource "aws_acm_certificate" "cloudsdk" {
|
||||
format("*.%s.%s", var.deployment, var.base_domain)
|
||||
]
|
||||
validation_method = "DNS"
|
||||
tags = local.common_tags
|
||||
|
||||
lifecycle {
|
||||
create_before_destroy = true
|
||||
|
||||
@@ -3,11 +3,9 @@ resource "aws_security_group" "efs" {
|
||||
description = "${var.org}-${var.project}-${var.env}-efs"
|
||||
vpc_id = module.vpc_main.vpc_id
|
||||
|
||||
tags = {
|
||||
Name = "${var.org}-${var.project}-${var.env}"
|
||||
Project = var.project
|
||||
Environment = var.env
|
||||
}
|
||||
tags = merge({
|
||||
Name = "${var.org}-${var.project}-${var.env}"
|
||||
}, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_security_group_rule" "efs_ingress" {
|
||||
@@ -21,12 +19,9 @@ resource "aws_security_group_rule" "efs_ingress" {
|
||||
|
||||
resource "aws_efs_file_system" "default" {
|
||||
creation_token = "${var.org}-${var.project}-${var.env}-default"
|
||||
|
||||
tags = {
|
||||
Name = "${var.org}-${var.project}-${var.env}-default"
|
||||
Project = var.project
|
||||
Environment = var.env
|
||||
}
|
||||
tags = merge({
|
||||
Name = "${var.org}-${var.project}-${var.env}"
|
||||
}, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_efs_mount_target" "default" {
|
||||
|
||||
@@ -24,7 +24,7 @@ module "eks" {
|
||||
cluster_name = local.cluster_name
|
||||
subnets = module.vpc_main.private_subnets
|
||||
vpc_id = module.vpc_main.vpc_id
|
||||
tags = merge({ "Name" = local.cluster_name }, local.tags)
|
||||
tags = merge({ "Name" = local.cluster_name }, local.common_tags)
|
||||
|
||||
workers_group_defaults = {
|
||||
ami_type = "AL2_x86_64"
|
||||
@@ -83,9 +83,10 @@ locals {
|
||||
public_subnets_merged = join(" ", module.vpc_main.public_subnets)
|
||||
private_subnets_merged = join(" ", module.vpc_main.private_subnets)
|
||||
cluster_name = "${var.org}-${var.project}-${var.env}"
|
||||
tags = {
|
||||
"Env" = var.env
|
||||
"Project" = var.project
|
||||
common_tags = {
|
||||
"Env" = var.env
|
||||
"Project" = var.project
|
||||
"ManagedBy" = "terraform"
|
||||
}
|
||||
user_roles = [
|
||||
{
|
||||
@@ -124,6 +125,7 @@ module "external_dns_cluster_role" {
|
||||
provider_url = local.oidc_provider_url
|
||||
role_policy_arns = [aws_iam_policy.external_dns.arn]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "external_dns" {
|
||||
@@ -182,6 +184,7 @@ module "cluster_autoscaler_cluster_role" {
|
||||
provider_url = local.oidc_provider_url
|
||||
role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "cluster_autoscaler" {
|
||||
|
||||
@@ -33,16 +33,17 @@ resource "aws_instance" "wlan_candelatech_test_results" {
|
||||
delete_on_termination = true
|
||||
}
|
||||
|
||||
tags = {
|
||||
tags = merge({
|
||||
"Name" : "${var.org}-${var.project}-${var.env} CandelaTech Test Results"
|
||||
}
|
||||
}, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_eip" "wlan_candelatech_test_results" {
|
||||
vpc = true
|
||||
instance = aws_instance.wlan_candelatech_test_results.id
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
output "wlan_candelatech_test_results_instance" {
|
||||
value = aws_eip.wlan_candelatech_test_results.public_ip
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,16 +34,17 @@ resource "aws_instance" "wlan_ctf" {
|
||||
delete_on_termination = true
|
||||
}
|
||||
|
||||
tags = {
|
||||
tags = merge({
|
||||
"Name" : "${var.org}-${var.project}-${var.env}-CTF"
|
||||
}
|
||||
}, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_eip" "wlan_ctf" {
|
||||
vpc = true
|
||||
instance = aws_instance.wlan_ctf.id
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
output "wlan_ctf_instance" {
|
||||
value = aws_eip.wlan_ctf.public_ip
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,6 +18,7 @@ terraform {
|
||||
resource "aws_key_pair" "wlan" {
|
||||
key_name = "wlan"
|
||||
public_key = var.ssh_key
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
data "aws_caller_identity" "current" {}
|
||||
data "aws_caller_identity" "current" {}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
resource "aws_security_group" "wlan" {
|
||||
name_prefix = "wlan-tmp-"
|
||||
vpc_id = module.vpc_main.vpc_id
|
||||
tags = { "Name" : "${var.env} instance" }
|
||||
tags = merge({ "Name" : "${var.env} instance" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_security_group_rule" "wlan_ingress_ssh" {
|
||||
@@ -41,4 +41,4 @@ resource "aws_security_group_rule" "wlan_egress_all" {
|
||||
security_group_id = aws_security_group.wlan.id
|
||||
type = "egress"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
resource "aws_iam_user" "gh-actions-user" {
|
||||
name = "gh-actions-user"
|
||||
path = "/"
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_user_policy" "lb_ro" {
|
||||
|
||||
@@ -18,4 +18,6 @@ module "vpc_main" {
|
||||
"kubernetes.io/cluster/${local.cluster_name}" = "shared"
|
||||
"kubernetes.io/role/internal-elb" = "1"
|
||||
}
|
||||
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
|
||||
aws_iam_policy.alb_ingress_iam_policy.arn,
|
||||
]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "alb_ingress_iam_policy" {
|
||||
|
||||
@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
|
||||
}
|
||||
}
|
||||
|
||||
tags = local.tags
|
||||
tags = local.common_tags
|
||||
|
||||
lifecycle {
|
||||
prevent_destroy = true
|
||||
|
||||
@@ -2,12 +2,7 @@ resource "aws_security_group" "efs" {
|
||||
name = "${var.org}-${var.project}-${var.env}-efs"
|
||||
description = "${var.org}-${var.project}-${var.env}-efs"
|
||||
vpc_id = module.vpc_main.vpc_id
|
||||
|
||||
tags = {
|
||||
Name = "${var.org}-${var.project}-${var.env}"
|
||||
Project = var.project
|
||||
Environment = var.env
|
||||
}
|
||||
tags = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_security_group_rule" "efs_ingress" {
|
||||
@@ -21,12 +16,7 @@ resource "aws_security_group_rule" "efs_ingress" {
|
||||
|
||||
resource "aws_efs_file_system" "default" {
|
||||
creation_token = "${var.org}-${var.project}-${var.env}-default"
|
||||
|
||||
tags = {
|
||||
Name = "${var.org}-${var.project}-${var.env}-default"
|
||||
Project = var.project
|
||||
Environment = var.env
|
||||
}
|
||||
tags = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_efs_mount_target" "default" {
|
||||
|
||||
@@ -24,7 +24,7 @@ module "eks" {
|
||||
cluster_name = local.cluster_name
|
||||
subnets = module.vpc_main.private_subnets
|
||||
vpc_id = module.vpc_main.vpc_id
|
||||
tags = merge({ "Name" = local.cluster_name }, local.tags)
|
||||
tags = merge({ "Name" = local.cluster_name }, local.common_tags)
|
||||
|
||||
workers_group_defaults = {
|
||||
ami_type = "AL2_x86_64"
|
||||
@@ -82,9 +82,10 @@ locals {
|
||||
public_subnets_merged = join(" ", module.vpc_main.public_subnets)
|
||||
private_subnets_merged = join(" ", module.vpc_main.private_subnets)
|
||||
cluster_name = "${var.org}-${var.project}-${var.env}"
|
||||
tags = {
|
||||
"Env" = var.env
|
||||
"Project" = var.project
|
||||
common_tags = {
|
||||
"Env" = var.env
|
||||
"Project" = var.project
|
||||
"ManagedBy" = "terraform"
|
||||
}
|
||||
admin_roles = [for role in var.eks_admin_roles : {
|
||||
rolearn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${role}"
|
||||
@@ -116,6 +117,7 @@ module "external_dns_cluster_role" {
|
||||
provider_url = local.oidc_provider_url
|
||||
role_policy_arns = [aws_iam_policy.external_dns.arn]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "external_dns" {
|
||||
@@ -174,6 +176,7 @@ module "cluster_autoscaler_cluster_role" {
|
||||
provider_url = local.oidc_provider_url
|
||||
role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
|
||||
create_role = true
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_iam_policy" "cluster_autoscaler" {
|
||||
|
||||
@@ -18,4 +18,6 @@ module "vpc_main" {
|
||||
"kubernetes.io/cluster/${local.cluster_name}" = "shared"
|
||||
"kubernetes.io/role/internal-elb" = "1"
|
||||
}
|
||||
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
@@ -21,8 +21,15 @@ terraform {
|
||||
}
|
||||
}
|
||||
|
||||
locals {
|
||||
common_tags = {
|
||||
"ManagedBy" = "terraform"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_route53_zone" "main" {
|
||||
name = var.main_zone_name
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
module "acm" {
|
||||
@@ -38,10 +45,10 @@ module "acm" {
|
||||
"*.${var.main_zone_name}"
|
||||
]
|
||||
|
||||
tags = {
|
||||
tags = merge({
|
||||
eks = true
|
||||
cloudsdk = true
|
||||
}
|
||||
}, local.common_tags)
|
||||
}
|
||||
|
||||
output "zone_id" {
|
||||
@@ -50,4 +57,4 @@ output "zone_id" {
|
||||
|
||||
output "certificate_arn" {
|
||||
value = module.acm.this_acm_certificate_arn
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,12 +3,19 @@ provider "aws" {
|
||||
region = var.aws_region
|
||||
}
|
||||
|
||||
locals {
|
||||
common_tags = {
|
||||
"ManagedBy" = "terraform"
|
||||
}
|
||||
}
|
||||
|
||||
module "terraform_state_backend" {
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-tfstate-backend.git?ref=0.18.0"
|
||||
region = "us-east-1"
|
||||
name = "terraform"
|
||||
s3_bucket_name = "tip-wifi-tfstate"
|
||||
attributes = ["state"]
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
output "remote_state_config" {
|
||||
|
||||
@@ -14,6 +14,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_state" {
|
||||
alarm_description = "VPN Tunnel State"
|
||||
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
|
||||
@@ -33,6 +34,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
|
||||
alarm_description = "VPN Outgoing Data"
|
||||
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
|
||||
@@ -50,6 +52,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
|
||||
alarm_description = "Transit Gateway Incoming Data"
|
||||
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
|
||||
@@ -67,6 +70,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
|
||||
alarm_description = "Transit Gateway Outgoing Data"
|
||||
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
|
||||
@@ -77,6 +81,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
|
||||
alarm_description = "Transit Gateway Packet Drops"
|
||||
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
|
||||
tags = local.common_tags
|
||||
|
||||
metric_query {
|
||||
id = "total_drops"
|
||||
@@ -114,10 +119,12 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
|
||||
|
||||
resource "aws_sns_topic" "vpn_cloudwatch_alarms" {
|
||||
name = "vpn_cloudwatch_alarms"
|
||||
tags = local.common_tags
|
||||
}
|
||||
|
||||
resource "aws_cloudformation_stack" "atlassian_cloud_backup_email_notification" {
|
||||
name = "atlassian-cloud-backup"
|
||||
tags = local.common_tags
|
||||
template_body = <<EOT
|
||||
AWSTemplateFormatVersion: 2010-09-09
|
||||
Resources:
|
||||
|
||||
@@ -25,4 +25,10 @@ data "terraform_remote_state" "wlan_main" {
|
||||
dynamodb_table = "terraform-state-lock"
|
||||
encrypt = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
locals {
|
||||
common_tags = {
|
||||
"ManagedBy" = "terraform"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_perfecto" {
|
||||
bgp_asn = 65000
|
||||
ip_address = "23.21.201.213"
|
||||
type = "ipsec.1"
|
||||
|
||||
tags = {
|
||||
Name = "tunnel-perfecto"
|
||||
}
|
||||
tags = merge({ Name = "tunnel-perfecto" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_vpn_connection" "tunnel-perfecto" {
|
||||
@@ -13,9 +10,7 @@ resource "aws_vpn_connection" "tunnel-perfecto" {
|
||||
transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id
|
||||
type = "ipsec.1"
|
||||
static_routes_only = true
|
||||
tags = {
|
||||
Name = "tunnel-perfecto"
|
||||
}
|
||||
tags = merge({ Name = "tunnel-perfecto" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_ec2_transit_gateway_route" "tunnel-perfecto" {
|
||||
|
||||
@@ -13,9 +13,7 @@ module "tgw_main" {
|
||||
}
|
||||
}
|
||||
|
||||
tags = {
|
||||
Name = "tip-wifi-nrg"
|
||||
}
|
||||
tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_route" "private" {
|
||||
|
||||
@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_tip_wifi_nrg" {
|
||||
bgp_asn = 65000
|
||||
ip_address = var.nrg_vpn_endpoint_ip
|
||||
type = "ipsec.1"
|
||||
|
||||
tags = {
|
||||
Name = "tip-wifi-nrg"
|
||||
}
|
||||
tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
|
||||
}
|
||||
|
||||
resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
|
||||
@@ -13,7 +10,5 @@ resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
|
||||
transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id
|
||||
type = "ipsec.1"
|
||||
static_routes_only = true
|
||||
tags = {
|
||||
Name = "tunnel-tip-wifi-nrg"
|
||||
}
|
||||
tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user