From 1d7b84f82ba8bb6efb96ad3996a08853aa258e22 Mon Sep 17 00:00:00 2001
From: kmobl <moblkourosh@gmail.com>
Date: Tue, 30 Jan 2024 13:08:19 -0600
Subject: [PATCH 1/3] updated READMEs and added/updated references of subnets

---
 .../management-account/bastion/README.md      |  2 +-
 .../management-account/bastion/bastion.tf     |  2 +-
 .../management-account/day0/main.tf           |  8 +++----
 .../management-account/day0/outputs.tf        |  7 ++++++
 .../us-gov-west-1/networking/README.md        |  9 +++++++
 .../us-gov-west-1/networking/subnets.tf       | 24 +++++++++----------
 6 files changed, 34 insertions(+), 18 deletions(-)

diff --git a/aws/terraform/us-gov-west-1/management-account/bastion/README.md b/aws/terraform/us-gov-west-1/management-account/bastion/README.md
index 83845b5..90ff025 100644
--- a/aws/terraform/us-gov-west-1/management-account/bastion/README.md
+++ b/aws/terraform/us-gov-west-1/management-account/bastion/README.md
@@ -122,7 +122,7 @@ module "win_bastion" {
   associate_eip     = var.associate_eip
 
   vpc_id          = data.terraform_remote_state.networking.outputs.mgmt_vpc_id
-  subnet_ids      = [ data.terraform_remote_state.networking.outputs.public_subnets[0]]
+  subnet_ids      = [ data.terraform_remote_state.networking.outputs.public_subnets["${var.resource_prefix}-public-1a"]]
   ec2_key_pair    = var.key_name
   ebs_kms_key_arn = data.terraform_remote_state.day0.outputs.ebs_kms_key_arn
 
diff --git a/aws/terraform/us-gov-west-1/management-account/bastion/bastion.tf b/aws/terraform/us-gov-west-1/management-account/bastion/bastion.tf
index b03c8e4..79b2c14 100644
--- a/aws/terraform/us-gov-west-1/management-account/bastion/bastion.tf
+++ b/aws/terraform/us-gov-west-1/management-account/bastion/bastion.tf
@@ -26,7 +26,7 @@ module "win_bastion" {
   associate_eip     = var.associate_eip
 
   vpc_id          = data.terraform_remote_state.networking.outputs.mgmt_vpc_id
-  subnet_ids      = [data.terraform_remote_state.networking.outputs.public_subnets[0]]
+  subnet_ids      = [data.terraform_remote_state.networking.outputs.public_subnets["pak-mgmt-public-us-gov-west-1a"]]
   ec2_key_pair    = var.key_name
   ebs_kms_key_arn = data.terraform_remote_state.day0.outputs.ebs_kms_key_arn
 
diff --git a/aws/terraform/us-gov-west-1/management-account/day0/main.tf b/aws/terraform/us-gov-west-1/management-account/day0/main.tf
index c01b7fb..1e63f96 100644
--- a/aws/terraform/us-gov-west-1/management-account/day0/main.tf
+++ b/aws/terraform/us-gov-west-1/management-account/day0/main.tf
@@ -4,10 +4,10 @@ module "account-setup" {
     aws = aws.mgmt
   }
 
-  resource_prefix             = var.resource_prefix
-  account_number              = data.aws_caller_identity.current.account_id
-  aws_region                  = var.aws_region
-  default_aws_region          = var.aws_region
+  resource_prefix = var.resource_prefix
+  account_number = "${data.aws_caller_identity.current.account_id}"
+  aws_region = var.aws_region
+  default_aws_region = var.aws_region
   application_account_numbers = ["${data.aws_caller_identity.current.account_id}"]
   additional_kms_keys = [
     {
diff --git a/aws/terraform/us-gov-west-1/management-account/day0/outputs.tf b/aws/terraform/us-gov-west-1/management-account/day0/outputs.tf
index 0f11468..9018d2c 100644
--- a/aws/terraform/us-gov-west-1/management-account/day0/outputs.tf
+++ b/aws/terraform/us-gov-west-1/management-account/day0/outputs.tf
@@ -98,6 +98,13 @@ output "s3_installs_id" {
   value = module.account-setup.s3_installs_id
 }
 
+output "s3_elb_access_logs_arn" {
+  value = module.account-setup.s3_elb_access_logs_arn
+}
+
+output "s3_elb_access_logs_id" {
+  value = module.account-setup.s3_elb_access_logs_id
+}
 
 output "dynamodb_table_name" {
   value = module.account-setup.dynamodb_table_name
diff --git a/aws/terraform/us-gov-west-1/networking/README.md b/aws/terraform/us-gov-west-1/networking/README.md
index 75c05c5..96363ba 100644
--- a/aws/terraform/us-gov-west-1/networking/README.md
+++ b/aws/terraform/us-gov-west-1/networking/README.md
@@ -60,6 +60,15 @@ cidrs_for_remote_access = ["<Customer-IP>"]
 mgmt_vpc_cidr = "<Customer-Custom-CIDR-Range"
 profile = "<customer-prefix>-mgmt"
 ```
+## Assumptions
+
+* Networking resources, including VPCs, Transit Gateways and Network Firewalls, are designed to be deployed under a single state.
+* Outputs of this module can be referenced via terraform state in the following manner:
+  * `module.mgmt_vpc.private_subnets["mvp-mgmt-compute-us-gov-west-1a"]`
+  * `data.terraform_remote_state.network.outputs.public_subnets["mvp-mgmt-dmz-us-gov-west-1a"]`
+* This is designed to automatically reference the firewall subnets when opted to be created.
+* Automatically adds AWS region to the subnet name upon creation
+
 
 ## Deployment Steps
 1. Change the working directory the `networking` folder
diff --git a/aws/terraform/us-gov-west-1/networking/subnets.tf b/aws/terraform/us-gov-west-1/networking/subnets.tf
index b584b35..4eb8f15 100644
--- a/aws/terraform/us-gov-west-1/networking/subnets.tf
+++ b/aws/terraform/us-gov-west-1/networking/subnets.tf
@@ -5,51 +5,51 @@ module "mgmt_subnet_addrs" {
   base_cidr_block = var.mgmt_vpc_cidr
   networks = [
     {
-      name     = "pak-firewall-1a"
+      name     = "${var.resource_prefix}-firewall-1a"
       new_bits = 8
     },
     {
-      name     = "pak-firewall-1b"
+      name     = "${var.resource_prefix}-firewall-1b"
       new_bits = 8
     },
     {
-      name     = "pak-firewall-1c"
+      name     = "${var.resource_prefix}-firewall-1c"
       new_bits = 8
     },
     {
-      name     = "pak-public-1a"
+      name     = "${var.resource_prefix}-public-1a"
       new_bits = 8
     },
     {
-      name     = "pak-public-1b"
+      name     = "${var.resource_prefix}-public-1b"
       new_bits = 8
     },
     {
-      name     = "pak-public-1c"
+      name     = "${var.resource_prefix}-public-1c"
       new_bits = 8
     },
     {
-      name     = "pak-compute-1a"
+      name     = "${var.resource_prefix}-compute-1a"
       new_bits = 8
     },
     {
-      name     = "pak-compute-1b"
+      name     = "${var.resource_prefix}-compute-1b"
       new_bits = 8
     },
     {
-      name     = "pak-compute-1c"
+      name     = "${var.resource_prefix}-compute-1c"
       new_bits = 8
     },
     {
-      name     = "pak-private-1a"
+      name     = "${var.resource_prefix}-private-1a"
       new_bits = 8
     },
     {
-      name     = "pak-private-1b"
+      name     = "${var.resource_prefix}-private-1b"
       new_bits = 8
     },
     {
-      name     = "pak-private-1c"
+      name     = "${var.resource_prefix}-private-1c"
       new_bits = 8
     }
   ]

From 029881249aeff1166047507cec4723b730b11550 Mon Sep 17 00:00:00 2001
From: kmobl <moblkourosh@gmail.com>
Date: Tue, 30 Jan 2024 13:10:31 -0600
Subject: [PATCH 2/3] updated READMEs and added/updated references of subnets

---
 .../us-gov-west-1/management-account/bastion/README.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aws/terraform/us-gov-west-1/management-account/bastion/README.md b/aws/terraform/us-gov-west-1/management-account/bastion/README.md
index 90ff025..6adb8e2 100644
--- a/aws/terraform/us-gov-west-1/management-account/bastion/README.md
+++ b/aws/terraform/us-gov-west-1/management-account/bastion/README.md
@@ -122,7 +122,7 @@ module "win_bastion" {
   associate_eip     = var.associate_eip
 
   vpc_id          = data.terraform_remote_state.networking.outputs.mgmt_vpc_id
-  subnet_ids      = [ data.terraform_remote_state.networking.outputs.public_subnets["${var.resource_prefix}-public-1a"]]
+  subnet_ids      = [ data.terraform_remote_state.networking.outputs.public_subnets["pak-mgmt-public-us-gov-west-1a"]]
   ec2_key_pair    = var.key_name
   ebs_kms_key_arn = data.terraform_remote_state.day0.outputs.ebs_kms_key_arn
 

From 86d7c250490643be93be7d8ca0252dc3446a441f Mon Sep 17 00:00:00 2001
From: kmobl <moblkourosh@gmail.com>
Date: Tue, 30 Jan 2024 13:11:42 -0600
Subject: [PATCH 3/3] updated READMEs and added/updated references of subnets

---
 .../us-gov-west-1/management-account/day0/main.tf         | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/aws/terraform/us-gov-west-1/management-account/day0/main.tf b/aws/terraform/us-gov-west-1/management-account/day0/main.tf
index 1e63f96..c01b7fb 100644
--- a/aws/terraform/us-gov-west-1/management-account/day0/main.tf
+++ b/aws/terraform/us-gov-west-1/management-account/day0/main.tf
@@ -4,10 +4,10 @@ module "account-setup" {
     aws = aws.mgmt
   }
 
-  resource_prefix = var.resource_prefix
-  account_number = "${data.aws_caller_identity.current.account_id}"
-  aws_region = var.aws_region
-  default_aws_region = var.aws_region
+  resource_prefix             = var.resource_prefix
+  account_number              = data.aws_caller_identity.current.account_id
+  aws_region                  = var.aws_region
+  default_aws_region          = var.aws_region
   application_account_numbers = ["${data.aws_caller_identity.current.account_id}"]
   additional_kms_keys = [
     {