scottk/wlan-toolsmith
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-toolsmith.git synced 2025-11-01 19:37:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

add common tag ManagedBy: terraform (#73)

Browse Source
This commit is contained in:
Max
2021-01-11 14:47:56 +01:00
committed by GitHub
parent e4e27ff99e
commit ec5c7a6a49
22 changed files with 80 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf
View File

@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
aws_iam_policy.alb_ingress_iam_policy.arn, aws_iam_policy.alb_ingress_iam_policy.arn,
] ]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "alb_ingress_iam_policy" { resource "aws_iam_policy" "alb_ingress_iam_policy" {

3
terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf
View File

@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
} }
} }
tags = local.tags tags = local.common_tags
lifecycle { lifecycle {
prevent_destroy = true prevent_destroy = true
@@ -83,6 +83,7 @@ resource "aws_acm_certificate" "cloudsdk" {
format("*.%s.%s", var.deployment, var.base_domain) format("*.%s.%s", var.deployment, var.base_domain)
] ]
validation_method = "DNS" validation_method = "DNS"
tags = local.common_tags
lifecycle { lifecycle {
create_before_destroy = true create_before_destroy = true

17
terraform/wifi-289708231103/cloudsdk_cicd/efs.tf
View File

@@ -3,11 +3,9 @@ resource "aws_security_group" "efs" {
description = "${var.org}-${var.project}-${var.env}-efs" description = "${var.org}-${var.project}-${var.env}-efs"
vpc_id = module.vpc_main.vpc_id vpc_id = module.vpc_main.vpc_id
tags = { tags = merge({
Name = "${var.org}-${var.project}-${var.env}" Name = "${var.org}-${var.project}-${var.env}"
Project = var.project }, local.common_tags)
Environment = var.env
}
} }
resource "aws_security_group_rule" "efs_ingress" { resource "aws_security_group_rule" "efs_ingress" {
@@ -21,12 +19,9 @@ resource "aws_security_group_rule" "efs_ingress" {
resource "aws_efs_file_system" "default" { resource "aws_efs_file_system" "default" {
creation_token = "${var.org}-${var.project}-${var.env}-default" creation_token = "${var.org}-${var.project}-${var.env}-default"
tags = merge({
tags = { Name = "${var.org}-${var.project}-${var.env}"
Name = "${var.org}-${var.project}-${var.env}-default" }, local.common_tags)
Project = var.project
Environment = var.env
}
} }
resource "aws_efs_mount_target" "default" { resource "aws_efs_mount_target" "default" {

11
terraform/wifi-289708231103/cloudsdk_cicd/eks.tf
View File

@@ -24,7 +24,7 @@ module "eks" {
cluster_name = local.cluster_name cluster_name = local.cluster_name
subnets = module.vpc_main.private_subnets subnets = module.vpc_main.private_subnets
vpc_id = module.vpc_main.vpc_id vpc_id = module.vpc_main.vpc_id
tags = merge({ "Name" = local.cluster_name }, local.tags) tags = merge({ "Name" = local.cluster_name }, local.common_tags)
workers_group_defaults = { workers_group_defaults = {
ami_type = "AL2_x86_64" ami_type = "AL2_x86_64"
@@ -83,9 +83,10 @@ locals {
public_subnets_merged = join(" ", module.vpc_main.public_subnets) public_subnets_merged = join(" ", module.vpc_main.public_subnets)
private_subnets_merged = join(" ", module.vpc_main.private_subnets) private_subnets_merged = join(" ", module.vpc_main.private_subnets)
cluster_name = "${var.org}-${var.project}-${var.env}" cluster_name = "${var.org}-${var.project}-${var.env}"
tags = { common_tags = {
"Env" = var.env "Env" = var.env
"Project" = var.project "Project" = var.project
"ManagedBy" = "terraform"
} }
user_roles = [ user_roles = [
{ {
@@ -124,6 +125,7 @@ module "external_dns_cluster_role" {
provider_url = local.oidc_provider_url provider_url = local.oidc_provider_url
role_policy_arns = [aws_iam_policy.external_dns.arn] role_policy_arns = [aws_iam_policy.external_dns.arn]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "external_dns" { resource "aws_iam_policy" "external_dns" {
@@ -182,6 +184,7 @@ module "cluster_autoscaler_cluster_role" {
provider_url = local.oidc_provider_url provider_url = local.oidc_provider_url
role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn] role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "cluster_autoscaler" { resource "aws_iam_policy" "cluster_autoscaler" {

5
terraform/wifi-289708231103/cloudsdk_cicd/instance_candelatech_test_results.tf
View File

@@ -33,14 +33,15 @@ resource "aws_instance" "wlan_candelatech_test_results" {
delete_on_termination = true delete_on_termination = true
} }
tags = { tags = merge({
"Name" : "${var.org}-${var.project}-${var.env} CandelaTech Test Results" "Name" : "${var.org}-${var.project}-${var.env} CandelaTech Test Results"
} }, local.common_tags)
} }
resource "aws_eip" "wlan_candelatech_test_results" { resource "aws_eip" "wlan_candelatech_test_results" {
vpc = true vpc = true
instance = aws_instance.wlan_candelatech_test_results.id instance = aws_instance.wlan_candelatech_test_results.id
tags = local.common_tags
} }
output "wlan_candelatech_test_results_instance" { output "wlan_candelatech_test_results_instance" {

5
terraform/wifi-289708231103/cloudsdk_cicd/instance_ctf.tf
View File

@@ -34,14 +34,15 @@ resource "aws_instance" "wlan_ctf" {
delete_on_termination = true delete_on_termination = true
} }
tags = { tags = merge({
"Name" : "${var.org}-${var.project}-${var.env}-CTF" "Name" : "${var.org}-${var.project}-${var.env}-CTF"
} }, local.common_tags)
} }
resource "aws_eip" "wlan_ctf" { resource "aws_eip" "wlan_ctf" {
vpc = true vpc = true
instance = aws_instance.wlan_ctf.id instance = aws_instance.wlan_ctf.id
tags = local.common_tags
} }
output "wlan_ctf_instance" { output "wlan_ctf_instance" {

1
terraform/wifi-289708231103/cloudsdk_cicd/main.tf
View File

@@ -18,6 +18,7 @@ terraform {
resource "aws_key_pair" "wlan" { resource "aws_key_pair" "wlan" {
key_name = "wlan" key_name = "wlan"
public_key = var.ssh_key public_key = var.ssh_key
tags = local.common_tags
} }
data "aws_caller_identity" "current" {} data "aws_caller_identity" "current" {}

2
terraform/wifi-289708231103/cloudsdk_cicd/sg.tf
View File

@@ -1,7 +1,7 @@
resource "aws_security_group" "wlan" { resource "aws_security_group" "wlan" {
name_prefix = "wlan-tmp-" name_prefix = "wlan-tmp-"
vpc_id = module.vpc_main.vpc_id vpc_id = module.vpc_main.vpc_id
tags = { "Name" : "${var.env} instance" } tags = merge({ "Name" : "${var.env} instance" }, local.common_tags)
} }
resource "aws_security_group_rule" "wlan_ingress_ssh" { resource "aws_security_group_rule" "wlan_ingress_ssh" {

1
terraform/wifi-289708231103/cloudsdk_cicd/users.tf
View File

@@ -1,6 +1,7 @@
resource "aws_iam_user" "gh-actions-user" { resource "aws_iam_user" "gh-actions-user" {
name = "gh-actions-user" name = "gh-actions-user"
path = "/" path = "/"
tags = local.common_tags
} }
resource "aws_iam_user_policy" "lb_ro" { resource "aws_iam_user_policy" "lb_ro" {

2
terraform/wifi-289708231103/cloudsdk_cicd/vpc.tf
View File

@@ -18,4 +18,6 @@ module "vpc_main" {
"kubernetes.io/cluster/${local.cluster_name}" = "shared" "kubernetes.io/cluster/${local.cluster_name}" = "shared"
"kubernetes.io/role/internal-elb" = "1" "kubernetes.io/role/internal-elb" = "1"
} }
tags = local.common_tags
} }

1
terraform/wifi-289708231103/cloudsdk_qa/alb_ingress_controller.tf
View File

@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
aws_iam_policy.alb_ingress_iam_policy.arn, aws_iam_policy.alb_ingress_iam_policy.arn,
] ]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "alb_ingress_iam_policy" { resource "aws_iam_policy" "alb_ingress_iam_policy" {

2
terraform/wifi-289708231103/cloudsdk_qa/cloudsdk_lb_shared_resources.tf
View File

@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
} }
} }
tags = local.tags tags = local.common_tags
lifecycle { lifecycle {
prevent_destroy = true prevent_destroy = true

14
terraform/wifi-289708231103/cloudsdk_qa/efs.tf
View File

@@ -2,12 +2,7 @@ resource "aws_security_group" "efs" {
name = "${var.org}-${var.project}-${var.env}-efs" name = "${var.org}-${var.project}-${var.env}-efs"
description = "${var.org}-${var.project}-${var.env}-efs" description = "${var.org}-${var.project}-${var.env}-efs"
vpc_id = module.vpc_main.vpc_id vpc_id = module.vpc_main.vpc_id
tags = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
tags = {
Name = "${var.org}-${var.project}-${var.env}"
Project = var.project
Environment = var.env
}
} }
resource "aws_security_group_rule" "efs_ingress" { resource "aws_security_group_rule" "efs_ingress" {
@@ -21,12 +16,7 @@ resource "aws_security_group_rule" "efs_ingress" {
resource "aws_efs_file_system" "default" { resource "aws_efs_file_system" "default" {
creation_token = "${var.org}-${var.project}-${var.env}-default" creation_token = "${var.org}-${var.project}-${var.env}-default"
tags = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
tags = {
Name = "${var.org}-${var.project}-${var.env}-default"
Project = var.project
Environment = var.env
}
} }
resource "aws_efs_mount_target" "default" { resource "aws_efs_mount_target" "default" {

11
terraform/wifi-289708231103/cloudsdk_qa/eks.tf
View File

@@ -24,7 +24,7 @@ module "eks" {
cluster_name = local.cluster_name cluster_name = local.cluster_name
subnets = module.vpc_main.private_subnets subnets = module.vpc_main.private_subnets
vpc_id = module.vpc_main.vpc_id vpc_id = module.vpc_main.vpc_id
tags = merge({ "Name" = local.cluster_name }, local.tags) tags = merge({ "Name" = local.cluster_name }, local.common_tags)
workers_group_defaults = { workers_group_defaults = {
ami_type = "AL2_x86_64" ami_type = "AL2_x86_64"
@@ -82,9 +82,10 @@ locals {
public_subnets_merged = join(" ", module.vpc_main.public_subnets) public_subnets_merged = join(" ", module.vpc_main.public_subnets)
private_subnets_merged = join(" ", module.vpc_main.private_subnets) private_subnets_merged = join(" ", module.vpc_main.private_subnets)
cluster_name = "${var.org}-${var.project}-${var.env}" cluster_name = "${var.org}-${var.project}-${var.env}"
tags = { common_tags = {
"Env" = var.env "Env" = var.env
"Project" = var.project "Project" = var.project
"ManagedBy" = "terraform"
} }
admin_roles = [for role in var.eks_admin_roles : { admin_roles = [for role in var.eks_admin_roles : {
rolearn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${role}" rolearn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${role}"
@@ -116,6 +117,7 @@ module "external_dns_cluster_role" {
provider_url = local.oidc_provider_url provider_url = local.oidc_provider_url
role_policy_arns = [aws_iam_policy.external_dns.arn] role_policy_arns = [aws_iam_policy.external_dns.arn]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "external_dns" { resource "aws_iam_policy" "external_dns" {
@@ -174,6 +176,7 @@ module "cluster_autoscaler_cluster_role" {
provider_url = local.oidc_provider_url provider_url = local.oidc_provider_url
role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn] role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
create_role = true create_role = true
tags = local.common_tags
} }
resource "aws_iam_policy" "cluster_autoscaler" { resource "aws_iam_policy" "cluster_autoscaler" {

2
terraform/wifi-289708231103/cloudsdk_qa/vpc.tf
View File

@@ -18,4 +18,6 @@ module "vpc_main" {
"kubernetes.io/cluster/${local.cluster_name}" = "shared" "kubernetes.io/cluster/${local.cluster_name}" = "shared"
"kubernetes.io/role/internal-elb" = "1" "kubernetes.io/role/internal-elb" = "1"
} }
tags = local.common_tags
} }

11
terraform/wifi-289708231103/dns/main.tf
View File

@@ -21,8 +21,15 @@ terraform {
} }
} }
locals {
common_tags = {
"ManagedBy" = "terraform"
}
}
resource "aws_route53_zone" "main" { resource "aws_route53_zone" "main" {
name = var.main_zone_name name = var.main_zone_name
tags = local.common_tags
} }
module "acm" { module "acm" {
@@ -38,10 +45,10 @@ module "acm" {
"*.${var.main_zone_name}" "*.${var.main_zone_name}"
] ]
tags = { tags = merge({
eks = true eks = true
cloudsdk = true cloudsdk = true
} }, local.common_tags)
} }
output "zone_id" { output "zone_id" {

7
terraform/wifi-289708231103/tf_remote_state/main.tf
View File

@@ -3,12 +3,19 @@ provider "aws" {
region = var.aws_region region = var.aws_region
} }
locals {
common_tags = {
"ManagedBy" = "terraform"
}
}
module "terraform_state_backend" { module "terraform_state_backend" {
source = "git::https://github.com/cloudposse/terraform-aws-tfstate-backend.git?ref=0.18.0" source = "git::https://github.com/cloudposse/terraform-aws-tfstate-backend.git?ref=0.18.0"
region = "us-east-1" region = "us-east-1"
name = "terraform" name = "terraform"
s3_bucket_name = "tip-wifi-tfstate" s3_bucket_name = "tip-wifi-tfstate"
attributes = ["state"] attributes = ["state"]
tags = local.common_tags
} }
output "remote_state_config" { output "remote_state_config" {

7
terraform/wifi-289708231103/tip-wifi-vpn/alerts.tf
View File

@@ -14,6 +14,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_state" {
alarm_description = "VPN Tunnel State" alarm_description = "VPN Tunnel State"
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
tags = local.common_tags
} }
resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" { resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
@@ -33,6 +34,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
alarm_description = "VPN Outgoing Data" alarm_description = "VPN Outgoing Data"
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
tags = local.common_tags
} }
resource "aws_cloudwatch_metric_alarm" "tgw_incoming" { resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
@@ -50,6 +52,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
alarm_description = "Transit Gateway Incoming Data" alarm_description = "Transit Gateway Incoming Data"
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
tags = local.common_tags
} }
resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" { resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
@@ -67,6 +70,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
alarm_description = "Transit Gateway Outgoing Data" alarm_description = "Transit Gateway Outgoing Data"
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
tags = local.common_tags
} }
resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" { resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
@@ -77,6 +81,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
alarm_description = "Transit Gateway Packet Drops" alarm_description = "Transit Gateway Packet Drops"
alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] alarm_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn] ok_actions = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
tags = local.common_tags
metric_query { metric_query {
id = "total_drops" id = "total_drops"
@@ -114,10 +119,12 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
resource "aws_sns_topic" "vpn_cloudwatch_alarms" { resource "aws_sns_topic" "vpn_cloudwatch_alarms" {
name = "vpn_cloudwatch_alarms" name = "vpn_cloudwatch_alarms"
tags = local.common_tags
} }
resource "aws_cloudformation_stack" "atlassian_cloud_backup_email_notification" { resource "aws_cloudformation_stack" "atlassian_cloud_backup_email_notification" {
name = "atlassian-cloud-backup" name = "atlassian-cloud-backup"
tags = local.common_tags
template_body = <<EOT template_body = <<EOT
AWSTemplateFormatVersion: 2010-09-09 AWSTemplateFormatVersion: 2010-09-09
Resources: Resources:

6
terraform/wifi-289708231103/tip-wifi-vpn/main.tf
View File

@@ -26,3 +26,9 @@ data "terraform_remote_state" "wlan_main" {
encrypt = true encrypt = true
} }
} }
locals {
common_tags = {
"ManagedBy" = "terraform"
}
}

9
terraform/wifi-289708231103/tip-wifi-vpn/perfecto-vpn.tf
View File

@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_perfecto" {
bgp_asn = 65000 bgp_asn = 65000
ip_address = "23.21.201.213" ip_address = "23.21.201.213"
type = "ipsec.1" type = "ipsec.1"
tags = merge({ Name = "tunnel-perfecto" }, local.common_tags)
tags = {
Name = "tunnel-perfecto"
}
} }
resource "aws_vpn_connection" "tunnel-perfecto" { resource "aws_vpn_connection" "tunnel-perfecto" {
@@ -13,9 +10,7 @@ resource "aws_vpn_connection" "tunnel-perfecto" {
transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id
type = "ipsec.1" type = "ipsec.1"
static_routes_only = true static_routes_only = true
tags = { tags = merge({ Name = "tunnel-perfecto" }, local.common_tags)
Name = "tunnel-perfecto"
}
} }
resource "aws_ec2_transit_gateway_route" "tunnel-perfecto" { resource "aws_ec2_transit_gateway_route" "tunnel-perfecto" {

4
terraform/wifi-289708231103/tip-wifi-vpn/transit_gateway.tf
View File

@@ -13,9 +13,7 @@ module "tgw_main" {
} }
} }
tags = { tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
Name = "tip-wifi-nrg"
}
} }
resource "aws_route" "private" { resource "aws_route" "private" {

9
terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf
View File

@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_tip_wifi_nrg" {
bgp_asn = 65000 bgp_asn = 65000
ip_address = var.nrg_vpn_endpoint_ip ip_address = var.nrg_vpn_endpoint_ip
type = "ipsec.1" type = "ipsec.1"
tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
tags = {
Name = "tip-wifi-nrg"
}
} }
resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" { resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
@@ -13,7 +10,5 @@ resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id transit_gateway_id = module.tgw_main.this_ec2_transit_gateway_id
type = "ipsec.1" type = "ipsec.1"
static_routes_only = true static_routes_only = true
tags = { tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
Name = "tunnel-tip-wifi-nrg"
}
} }