This module provides a layer of abstraction to accessing shared resources. It does not itself create any resources or maintain any state, it simply reads the state files of various shared resources. The goal is to hide some of the uglier, repetitive config blocks behind a clean interface.
When you add a new shared resource, you will also need to update this module with whatever outputs you want to provide access to.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| Name | Version |
|---|---|
| terraform | n/a |
No modules.
| Name | Type |
|---|---|
| terraform_remote_state.bastion | data source |
| terraform_remote_state.deploy | data source |
| terraform_remote_state.es | data source |
| terraform_remote_state.global | data source |
| terraform_remote_state.network | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| workspace | TF workspace | string |
"" |
no |
| Name | Description |
|---|---|
| SES_bucket_admin_arn | SES bucket policy which allows full admin |
| SES_bucket_arn | SES bucket ARN |
| SES_bucket_name | SES bucket name |
| SES_bucket_ro_arn | SES bucket policy which allows Read Only access |
| SES_bucket_rw_arn | SES bucket policy which allows Read Only access |
| SES_policy_noreply_libraries_arn | SES policy which allows sending as noreply@libraries.mit.edu |
| SES_policy_noreply_stage_mitlib_arn | SES policy which allows sending as noreply-stage@mitlib.net |
| alb_public_all_ingress_sgid | Public ALB security group ID allowing all ingress traffic from ALB |
| alb_public_arn | Public ALB arn |
| alb_public_arn_suffix | The ARN suffix of the ALB |
| alb_public_default_target_group_arn | Public ALB default target group arn |
| alb_public_dnsname | DNS name of ALB |
| alb_public_http_listener_arn | Public ALB HTTP listener ARN |
| alb_public_https_listener_arn | Public ALB HTTPS listener ARN |
| alb_public_name | Public ALB name |
| alb_public_sgid | Public ALB security group ID |
| alb_public_zone_id | Zone ID for public ALB |
| alb_restricted_all_ingress_sgid | Restricted ALB security group ID allowing all ingress traffic from ALB |
| alb_restricted_arn | Restricted ALB arn |
| alb_restricted_arn_suffix | The ARN suffix of the ALB |
| alb_restricted_default_target_group_arn | Restricted ALB default target group arn |
| alb_restricted_dnsname | DNS name of ALB |
| alb_restricted_http_listener_arn | Restricted ALB HTTP listener ARN |
| alb_restricted_https_listener_arn | Restricted ALB HTTPS listener ARN |
| alb_restricted_name | Restricted ALB name |
| alb_restricted_sgid | Restricted ALB security group ID |
| alb_restricted_zone_id | Zone ID for restricted ALB |
| bastion_ingress_sgid | Security Group ID for access from Bastion host |
| deploy_bucket | Name of S3 bucket |
| deploy_rw_arn | Read/write policy for S3 bucket |
| docsvcs_app_name | Name of Docsvcs Elastic Beanstalk application |
| es_arn | ARN of the Elasticsearch domain |
| es_domain_name | Domain name of cluster |
| es_endpoint | Domain-specific endpoint used to submit index, search, and data upload requests |
| es_read_policy_arn | Default domain read only policy ARN |
| es_write_policy_arn | Default domain write policy ARN |
| logging_bucket_arn | The ARN of the bucket for receiving all logging output |
| logging_bucket_name | The name of the consolidated logging bucket. |
| logzio_role_arn | The ARN of the IAM Role for Logzio to pull logs |
| mit_saml_arn | MIT Identity provider arn (SAML Federated login) |
| mitlib_cert | *.mitlib.net wildcard certificate |
| nat_public_ips | List of public Elastic IPs created for AWS NAT Gateway |
| private_subnets | List of private subnet IDs |
| private_zoneid | Route53 Private Zone ID |
| private_zonename | Route53 Private Zone name |
| public_subnets | List of public subnet IDs |
| public_zoneid | Route53 Public Zone ID |
| public_zonename | Route53 Public Zone name |
| ssm_profile_name | Name of the SSM profile for the GLOBAL environment |
| vpc_id | VPC ID |