From 763d715a4316bb9fd64407c69fec18750f00e960 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 13:53:33 +0530 Subject: [PATCH 01/15] feat: added new github-action and updated versions --- .github/CODEOWNERS | 2 + .github/PULL_REQUEST_TEMPLATE.md | 12 ++++ .github/workflows/auto_assignee.yml | 12 ++++ .github/workflows/changelog.yml | 4 +- .github/workflows/readme.yml | 17 +++-- .github/workflows/terraform.yml | 85 ------------------------- .github/workflows/terratest.yml | 40 ------------ .github/workflows/tf-checks.yml | 19 ++++++ .github/workflows/tflint.yml | 11 ++++ .github/workflows/tfsec.yml | 4 +- README.yaml | 6 +- _example/anomaly_example/example.tf | 4 +- _example/anomaly_example/outputs.tf | 2 +- _example/anomaly_example/versions.tf | 11 ++++ _example/basic_example/example.tf | 4 +- _example/basic_example/outputs.tf | 2 +- _example/basic_example/versions.tf | 11 ++++ _example/expression_example/example.tf | 4 +- _example/expression_example/outputs.tf | 2 +- _example/expression_example/versions.tf | 11 ++++ _test/anomaly_example/watch_test.go | 31 --------- _test/basic_example/watch_test.go | 31 --------- _test/expression_example/watch_test.go | 31 --------- outputs.tf | 4 +- variables.tf | 10 +-- versions.tf | 6 +- 26 files changed, 121 insertions(+), 255 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/workflows/auto_assignee.yml delete mode 100644 .github/workflows/terraform.yml delete mode 100644 .github/workflows/terratest.yml create mode 100644 .github/workflows/tf-checks.yml create mode 100644 .github/workflows/tflint.yml create mode 100644 _example/anomaly_example/versions.tf create mode 100644 _example/basic_example/versions.tf create mode 100644 _example/expression_example/versions.tf delete mode 100644 _test/anomaly_example/watch_test.go delete mode 100644 _test/basic_example/watch_test.go delete mode 100644 _test/expression_example/watch_test.go diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..7aa8ed5 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,2 @@ +# These owners will be the default owners for everything in the repo. +* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..e414e28 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,12 @@ +## what +* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) +* Use bullet points to be concise and to the point. + +## why +* Provide the justifications for the changes (e.g. business case). +* Describe why these changes were made (e.g. why do these commits fix the problem?) +* Use bullet points to be concise and to the point. + +## references +* Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow). +* Use `closes #123`, if this PR closes a Jira issue `#123` diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml new file mode 100644 index 0000000..3dbedbd --- /dev/null +++ b/.github/workflows/auto_assignee.yml @@ -0,0 +1,12 @@ +name: Auto Assign PRs +on: + pull_request: + types: [opened, reopened] + workflow_dispatch: +jobs: + assignee: + uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.5 + secrets: + GITHUB: ${{ secrets.GITHUB }} + with: + assignees: 'clouddrove-ci' diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 4b735f5..af14ff7 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -7,7 +7,7 @@ on: workflow_dispatch: jobs: changelog: - uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master + uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.5 secrets: inherit with: - branch: 'master' \ No newline at end of file + branch: 'master' diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 9d83b2b..2ff513e 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -3,17 +3,16 @@ on: push: branches: - master - jobs: - readme-create: + readme: name: 'readme-create' runs-on: ubuntu-latest steps: - name: 'Checkout' uses: actions/checkout@master - - name: Set up Python 3.7. - uses: actions/setup-python@v2 + - name: 'Set up Python 3.7' + uses: actions/setup-python@v4 with: python-version: '3.x' @@ -21,17 +20,17 @@ jobs: uses: 'clouddrove/github-actions@v9.0.2' with: actions_subcommand: 'readme' - github_token: '${{ secrets.GITHUB}}' + github_token: '${{ secrets.GITHUB }}' env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: 'pre-commit check errors' - uses: pre-commit/action@v2.0.0 + uses: pre-commit/action@v3.0.0 continue-on-error: true - name: 'pre-commit fix erros' - uses: pre-commit/action@v2.0.0 + uses: pre-commit/action@v3.0.0 continue-on-error: true - name: 'push readme' @@ -40,7 +39,7 @@ jobs: with: actions_subcommand: 'push' env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: 'Slack Notification' uses: clouddrove/action-slack@v2 diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml deleted file mode 100644 index 85a0002..0000000 --- a/.github/workflows/terraform.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: static-checks - -on: - pull_request: - -jobs: - versionExtract: - name: Get min/max versions - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Terraform min/max versions - id: minMax - uses: clowdhaus/terraform-min-max@main - outputs: - minVersion: ${{ steps.minMax.outputs.minVersion }} - maxVersion: ${{ steps.minMax.outputs.maxVersion }} - - - versionEvaluate: - name: Evaluate Terraform versions - runs-on: ubuntu-latest - needs: versionExtract - strategy: - fail-fast: false - matrix: - version: - - ${{ needs.versionExtract.outputs.minVersion }} - - ${{ needs.versionExtract.outputs.maxVersion }} - directory: - - _example/anomaly_example/ - - _example/basic_example/ - - _example/expression_example/ - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ matrix.version }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ matrix.version }} - - - name: 'Configure AWS Credentials' - uses: clouddrove/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} - aws-region: us-east-2 - - - name: Init & validate v${{ matrix.version }} - run: | - cd ${{ matrix.directory }} - terraform init - terraform validate - - - name: tflint - uses: reviewdog/action-tflint@master - with: - tflint_version: v0.29.0 - github_token: ${{ secrets.GITHUB }} - working_directory: ${{ matrix.directory }} - fail_on_error: 'true' - filter_mode: 'nofilter' - flags: '--module' - - format: - name: Check code format - runs-on: ubuntu-latest - needs: versionExtract - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - - - name: Check Terraform format changes - run: terraform fmt --recursive \ No newline at end of file diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml deleted file mode 100644 index a043a42..0000000 --- a/.github/workflows/terratest.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: 'Terratest GitHub Actions' -on: - pull_request: - branches: - - master - types: [labeled] - -jobs: - Terratest: - name: 'terratest' - runs-on: ubuntu-latest - steps: - - - name: 'Checkout' - uses: actions/checkout@v2.3.4 - - - name: 'Configure AWS Credentials' - uses: clouddrove/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} - aws-region: us-east-2 - - - name: 'terratest' - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - if: ${{ github.event.label.name == 'terratest' }} - tf_actions_working_dir: '_test' - - - name: 'Slack Notification' - uses: clouddrove/action-slack@v2 - with: - status: ${{ job.status }} - fields: repo,author - author_name: 'CloudDrove' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml new file mode 100644 index 0000000..92183e5 --- /dev/null +++ b/.github/workflows/tf-checks.yml @@ -0,0 +1,19 @@ +name: tf-checks +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + tf-checks-anomaly-example: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.5 + with: + working_directory: './_example/anomaly_example/' + tf-checks-basic-example: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.5 + with: + working_directory: './_example/basic_example/' + tf-checks-expression-example: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.5 + with: + working_directory: './_example/expression_example/' diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml new file mode 100644 index 0000000..a92aebb --- /dev/null +++ b/.github/workflows/tflint.yml @@ -0,0 +1,11 @@ +name: tf-lint +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + tf-lint: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.5 + secrets: + GITHUB: ${{ secrets.GITHUB }} diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 9aaf588..5c27fb9 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -5,7 +5,7 @@ on: workflow_dispatch: jobs: tfsec: - uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master + uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.5 secrets: inherit with: - working_directory: '.' \ No newline at end of file + working_directory: '.' diff --git a/README.yaml b/README.yaml index 82b1310..c88c294 100644 --- a/README.yaml +++ b/README.yaml @@ -44,7 +44,7 @@ usage: |- ```hcl module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" - version = "1.3.0" + version = "2.0.0" name = "alarm" environment = "test" label_order = ["name", "environment"] @@ -75,7 +75,7 @@ usage: |- ```hcl module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" - version = "1.3.0" + version = "2.0.0" name = "alarm" environment = "test" label_order = ["name", "environment"] @@ -115,7 +115,7 @@ usage: |- ```hcl module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" - version = "1.3.0" + version = "2.0.0" name = "alarm" environment = "test" label_order = ["name", "environment"] diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index f9c134d..09c8bef 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -24,7 +24,7 @@ module "vpc" { ##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" - version = "1.3.0" + version = "2.0.0" name = "public-subnet" environment = "test" @@ -76,7 +76,7 @@ module "ssh" { ##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" - version = "1.3.0" + version = "2.0.0" name = "alarm" environment = "test" diff --git a/_example/anomaly_example/outputs.tf b/_example/anomaly_example/outputs.tf index 5501408..28b0480 100644 --- a/_example/anomaly_example/outputs.tf +++ b/_example/anomaly_example/outputs.tf @@ -1,5 +1,5 @@ output "arn" { - value = module.alarm.*.arn + value = module.alarm[*].arn description = "The ARN of the cloudwatch metric alarm." } diff --git a/_example/anomaly_example/versions.tf b/_example/anomaly_example/versions.tf new file mode 100644 index 0000000..5b25067 --- /dev/null +++ b/_example/anomaly_example/versions.tf @@ -0,0 +1,11 @@ +# Terraform version +terraform { + required_version = ">= 1.5.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.13.1" + } + } +} \ No newline at end of file diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index 6e08e1e..b0bc973 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -25,7 +25,7 @@ module "vpc" { ##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" - version = "1.3.0" + version = "2.0.0" name = "public-subnet" environment = "test" @@ -79,7 +79,7 @@ module "ssh" { ##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" - version = "1.3.0" + version = "2.0.0" name = "ec2-instance" environment = "test" label_order = ["name", "environment"] diff --git a/_example/basic_example/outputs.tf b/_example/basic_example/outputs.tf index 5501408..28b0480 100644 --- a/_example/basic_example/outputs.tf +++ b/_example/basic_example/outputs.tf @@ -1,5 +1,5 @@ output "arn" { - value = module.alarm.*.arn + value = module.alarm[*].arn description = "The ARN of the cloudwatch metric alarm." } diff --git a/_example/basic_example/versions.tf b/_example/basic_example/versions.tf new file mode 100644 index 0000000..5b25067 --- /dev/null +++ b/_example/basic_example/versions.tf @@ -0,0 +1,11 @@ +# Terraform version +terraform { + required_version = ">= 1.5.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.13.1" + } + } +} \ No newline at end of file diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index 497644e..9f7c27d 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -24,7 +24,7 @@ module "vpc" { ##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" - version = "1.3.0" + version = "2.0.0" name = "public-subnet" environment = "test" @@ -78,7 +78,7 @@ module "ssh" { ##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" - version = "1.3.0" + version = "2.0.0" name = "ec2-instance" environment = "test" diff --git a/_example/expression_example/outputs.tf b/_example/expression_example/outputs.tf index 5501408..28b0480 100644 --- a/_example/expression_example/outputs.tf +++ b/_example/expression_example/outputs.tf @@ -1,5 +1,5 @@ output "arn" { - value = module.alarm.*.arn + value = module.alarm[*].arn description = "The ARN of the cloudwatch metric alarm." } diff --git a/_example/expression_example/versions.tf b/_example/expression_example/versions.tf new file mode 100644 index 0000000..5b25067 --- /dev/null +++ b/_example/expression_example/versions.tf @@ -0,0 +1,11 @@ +# Terraform version +terraform { + required_version = ">= 1.5.5" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.13.1" + } + } +} \ No newline at end of file diff --git a/_test/anomaly_example/watch_test.go b/_test/anomaly_example/watch_test.go deleted file mode 100644 index dae2ad7..0000000 --- a/_test/anomaly_example/watch_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Managed By : CloudDrove -// Description : This Terratest is used to test the Terraform cloudwatch-alarm module. -// Copyright @ CloudDrove. All Right Reserved. -package test - -import ( - "testing" - "github.com/gruntwork-io/terratest/modules/terraform" - "github.com/stretchr/testify/assert" -) - -func TestCloudWatch(t *testing.T) { - t.Parallel() - - terraformOptions := &terraform.Options{ - // Source path of Terraform directory. - TerraformDir: "../../_example/anomaly_example", - } - - // This will run `terraform init` and `terraform apply` and fail the test if there are any errors - terraform.InitAndApply(t, terraformOptions) - - // To clean up any resources that have been created, run 'terraform destroy' towards the end of the test - defer terraform.Destroy(t, terraformOptions) - - // To get the value of an output variable, run 'terraform output' - Tags := terraform.OutputMap(t, terraformOptions, "tags") - - // Check that we get back the outputs that we expect - assert.Equal(t, "alarm-test", Tags["Name"]) -} \ No newline at end of file diff --git a/_test/basic_example/watch_test.go b/_test/basic_example/watch_test.go deleted file mode 100644 index d4e5439..0000000 --- a/_test/basic_example/watch_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Managed By : CloudDrove -// Description : This Terratest is used to test the Terraform cloudwatch-alarm module. -// Copyright @ CloudDrove. All Right Reserved. -package test - -import ( - "testing" - "github.com/gruntwork-io/terratest/modules/terraform" - "github.com/stretchr/testify/assert" -) - -func TestCloudWatch(t *testing.T) { - t.Parallel() - - terraformOptions := &terraform.Options{ - // Source path of Terraform directory. - TerraformDir: "../../_example/basic_example", - } - - // This will run `terraform init` and `terraform apply` and fail the test if there are any errors - terraform.InitAndApply(t, terraformOptions) - - // To clean up any resources that have been created, run 'terraform destroy' towards the end of the test - defer terraform.Destroy(t, terraformOptions) - - // To get the value of an output variable, run 'terraform output' - Tags := terraform.OutputMap(t, terraformOptions, "tags") - - // Check that we get back the outputs that we expect - assert.Equal(t, "alarm-test", Tags["Name"]) -} \ No newline at end of file diff --git a/_test/expression_example/watch_test.go b/_test/expression_example/watch_test.go deleted file mode 100644 index fd0d8f6..0000000 --- a/_test/expression_example/watch_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Managed By : CloudDrove -// Description : This Terratest is used to test the Terraform cloudwatch-alarm module. -// Copyright @ CloudDrove. All Right Reserved. -package test - -import ( - "testing" - "github.com/gruntwork-io/terratest/modules/terraform" - "github.com/stretchr/testify/assert" -) - -func TestCloudWatch(t *testing.T) { - t.Parallel() - - terraformOptions := &terraform.Options{ - // Source path of Terraform directory. - TerraformDir: "../../_example/expression_example", - } - - // This will run `terraform init` and `terraform apply` and fail the test if there are any errors - terraform.InitAndApply(t, terraformOptions) - - // To clean up any resources that have been created, run 'terraform destroy' towards the end of the test - defer terraform.Destroy(t, terraformOptions) - - // To get the value of an output variable, run 'terraform output' - Tags := terraform.OutputMap(t, terraformOptions, "tags") - - // Check that we get back the outputs that we expect - assert.Equal(t, "alarm-test", Tags["Name"]) -} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 16bec2d..46a1882 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,12 +1,12 @@ #Module : CLOUDWATCH METRIC ALARM #Description : Terraform module creates Cloudwatch Alarm on AWS for monitoriing AWS services. output "id" { - value = var.threshold_metric_id == "" ? (var.expression_enabled ? aws_cloudwatch_metric_alarm.expression.*.id : aws_cloudwatch_metric_alarm.default.*.id) : aws_cloudwatch_metric_alarm.anomaly.*.id + value = var.threshold_metric_id == "" ? (var.expression_enabled ? aws_cloudwatch_metric_alarm.expression[*].id : aws_cloudwatch_metric_alarm.default[*].id) : aws_cloudwatch_metric_alarm.anomaly[*].id description = "The ID of the health check." } output "arn" { - value = var.threshold_metric_id == "" ? (var.expression_enabled ? aws_cloudwatch_metric_alarm.expression.*.arn : aws_cloudwatch_metric_alarm.default.*.arn) : aws_cloudwatch_metric_alarm.anomaly.*.arn + value = var.threshold_metric_id == "" ? (var.expression_enabled ? aws_cloudwatch_metric_alarm.expression[*].arn : aws_cloudwatch_metric_alarm.default[*].arn) : aws_cloudwatch_metric_alarm.anomaly[*].arn description = "The ARN of the cloudwatch metric alarm." } diff --git a/variables.tf b/variables.tf index 390f3bb..d4aa742 100644 --- a/variables.tf +++ b/variables.tf @@ -133,19 +133,14 @@ variable "ok_actions" { description = "The list of actions to execute when this alarm transitions into an OK state from any other state." } -variable "instance_id" { - type = string - default = "" - description = "The instance ID." - sensitive = true -} - variable "dimensions" { + type = map(any) default = {} description = "Dimensions for metrics." } variable "query_expressions" { + type = list(any) default = [{ id = "e1" expression = "ANOMALY_DETECTION_BAND(m1)" @@ -156,6 +151,7 @@ variable "query_expressions" { } variable "query_metrics" { + type = list(any) default = [{ id = "m1" return_data = "true" diff --git a/versions.tf b/versions.tf index c3cde87..5b25067 100644 --- a/versions.tf +++ b/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.4.6" + required_version = ">= 1.5.5" required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.1.0" + version = ">= 5.13.1" } } -} +} \ No newline at end of file From 14549e880ef33cd963700f61b1effaceb5150c65 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 14:09:00 +0530 Subject: [PATCH 02/15] feat: remove security group argument --- _example/anomaly_example/example.tf | 1 - _example/basic_example/example.tf | 1 - _example/expression_example/example.tf | 1 - 3 files changed, 3 deletions(-) diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index 09c8bef..d8cc3d4 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -90,7 +90,6 @@ module "ec2" { monitoring = true associate_public_ip_address = true tenancy = "default" - vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids] subnet_ids = tolist(module.public_subnets.public_subnet_id) assign_eip_address = "true" diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index b0bc973..9345afd 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -92,7 +92,6 @@ module "ec2" { monitoring = true associate_public_ip_address = true tenancy = "default" - vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids] subnet_ids = tolist(module.public_subnets.public_subnet_id) assign_eip_address = "true" diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index 9f7c27d..13945af 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -91,7 +91,6 @@ module "ec2" { monitoring = true associate_public_ip_address = true tenancy = "default" - vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids] subnet_ids = tolist(module.public_subnets.public_subnet_id) assign_eip_address = "true" From 97245b810ee71e69a4430e5271067bb2e69942ed Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 14:11:00 +0530 Subject: [PATCH 03/15] feat: remove security group argument --- _example/anomaly_example/example.tf | 2 -- _example/basic_example/example.tf | 2 -- _example/expression_example/example.tf | 2 -- 3 files changed, 6 deletions(-) diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index d8cc3d4..c6ba005 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -51,8 +51,6 @@ module "http-https" { label_order = ["name", "environment"] vpc_id = module.vpc.vpc_id - allowed_ip = ["0.0.0.0/0"] - allowed_ports = [80, 443] } ##----------------------------------------------------- diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index 9345afd..ada70a4 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -53,8 +53,6 @@ module "http-https" { label_order = ["name", "environment"] vpc_id = module.vpc.vpc_id - allowed_ip = ["0.0.0.0/0"] - allowed_ports = [80, 443] } ##----------------------------------------------------- diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index 13945af..225da47 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -52,8 +52,6 @@ module "http-https" { label_order = ["name", "environment"] vpc_id = module.vpc.vpc_id - allowed_ip = ["0.0.0.0/0"] - allowed_ports = [80, 443] } ##----------------------------------------------------- From 88466352096eb9db648b2c6eff73bf11708a39a6 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 14:12:06 +0530 Subject: [PATCH 04/15] feat: remove security group argument --- _example/anomaly_example/example.tf | 2 +- _example/basic_example/example.tf | 2 +- _example/expression_example/example.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index c6ba005..00f5bb5 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -50,7 +50,7 @@ module "http-https" { environment = "test" label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index ada70a4..688ff2b 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -52,7 +52,7 @@ module "http-https" { environment = "test" label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index 225da47..e5e65fd 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -51,7 +51,7 @@ module "http-https" { environment = "test" label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- From 4b96a73332973dfd1ad8b5c0af251549722c058a Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 14:18:01 +0530 Subject: [PATCH 05/15] feat: remove security group argument --- _example/anomaly_example/example.tf | 30 ++++++---------- _example/basic_example/example.tf | 50 ++++++++++---------------- _example/expression_example/example.tf | 32 ++++++----------- 3 files changed, 38 insertions(+), 74 deletions(-) diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index 00f5bb5..fa0535e 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -15,8 +15,7 @@ module "vpc" { name = "vpc" environment = "test" label_order = ["name", "environment"] - - cidr_block = "172.16.0.0/16" + cidr_block = "172.16.0.0/16" } ##----------------------------------------------------- @@ -30,7 +29,6 @@ module "public_subnets" { environment = "test" label_order = ["name", "environment"] - availability_zones = ["eu-west-1b", "eu-west-1c"] vpc_id = module.vpc.vpc_id cidr_block = module.vpc.vpc_cidr_block @@ -49,8 +47,7 @@ module "http-https" { name = "alarm" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -63,10 +60,7 @@ module "ssh" { name = "alarmsg" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id - allowed_ip = [module.vpc.vpc_cidr_block] - allowed_ports = [22] + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -80,7 +74,6 @@ module "ec2" { environment = "test" label_order = ["name", "environment"] - instance_count = 1 ami = "ami-08d658f84a6d84a80" ebs_optimized = "false" @@ -89,13 +82,11 @@ module "ec2" { associate_public_ip_address = true tenancy = "default" subnet_ids = tolist(module.public_subnets.public_subnet_id) - - assign_eip_address = "true" - - ebs_volume_enabled = "true" - ebs_volume_type = "gp2" - ebs_volume_size = 30 - user_data = "./_bin/user_data.sh" + assign_eip_address = "true" + ebs_volume_enabled = "true" + ebs_volume_type = "gp2" + ebs_volume_size = 30 + user_data = "./_bin/user_data.sh" } ##----------------------------------------------------------------------------- @@ -130,9 +121,8 @@ module "alarm" { InstanceId = module.ec2.instance_id[0] } }] - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = [] - + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] actions_enabled = true insufficient_data_actions = [] ok_actions = [] diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index 688ff2b..c916ff2 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -15,9 +15,7 @@ module "vpc" { name = "vpc" environment = "test" label_order = ["name", "environment"] - - - cidr_block = "172.16.0.0/16" + cidr_block = "172.16.0.0/16" } ##----------------------------------------------------- @@ -31,7 +29,6 @@ module "public_subnets" { environment = "test" label_order = ["name", "environment"] - availability_zones = ["eu-west-1b", "eu-west-1c"] vpc_id = module.vpc.vpc_id cidr_block = module.vpc.vpc_cidr_block @@ -47,12 +44,10 @@ module "http-https" { source = "clouddrove/security-group/aws" version = "2.0.0" - name = "http-https" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -62,14 +57,10 @@ module "ssh" { source = "clouddrove/security-group/aws" version = "2.0.0" - name = "ssh" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id - allowed_ip = [module.vpc.vpc_cidr_block] - allowed_ports = [22] + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -82,7 +73,6 @@ module "ec2" { environment = "test" label_order = ["name", "environment"] - instance_count = 1 ami = "ami-08d658f84a6d84a80" ebs_optimized = "false" @@ -91,13 +81,11 @@ module "ec2" { associate_public_ip_address = true tenancy = "default" subnet_ids = tolist(module.public_subnets.public_subnet_id) - - assign_eip_address = "true" - - ebs_volume_enabled = "true" - ebs_volume_type = "gp2" - ebs_volume_size = 30 - user_data = "./_bin/user_data.sh" + assign_eip_address = "true" + ebs_volume_enabled = "true" + ebs_volume_type = "gp2" + ebs_volume_size = 30 + user_data = "./_bin/user_data.sh" } ##----------------------------------------------------------------------------- @@ -110,18 +98,16 @@ module "alarm" { environment = "test" label_order = ["name", "environment"] - - alarm_name = "cpu-alarm" - comparison_operator = "GreaterThanOrEqualToThreshold" - evaluation_periods = 2 - metric_name = "CPUUtilization" - namespace = "AWS/EC2" - period = 60 - statistic = "Average" - threshold = 40 - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = [] - + alarm_name = "cpu-alarm" + comparison_operator = "GreaterThanOrEqualToThreshold" + evaluation_periods = 2 + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = 60 + statistic = "Average" + threshold = 40 + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] actions_enabled = true insufficient_data_actions = [] ok_actions = [] diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index e5e65fd..f1764bf 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -15,8 +15,7 @@ module "vpc" { name = "vpc" environment = "test" label_order = ["name", "environment"] - - cidr_block = "172.16.0.0/16" + cidr_block = "172.16.0.0/16" } ##----------------------------------------------------- @@ -30,7 +29,6 @@ module "public_subnets" { environment = "test" label_order = ["name", "environment"] - availability_zones = ["eu-west-1b", "eu-west-1c"] vpc_id = module.vpc.vpc_id cidr_block = module.vpc.vpc_cidr_block @@ -46,12 +44,10 @@ module "http-https" { source = "clouddrove/security-group/aws" version = "2.0.0" - name = "http-https" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -61,14 +57,10 @@ module "ssh" { source = "clouddrove/security-group/aws" version = "2.0.0" - name = "ssh" environment = "test" label_order = ["name", "environment"] - - vpc_id = module.vpc.vpc_id - allowed_ip = [module.vpc.vpc_cidr_block] - allowed_ports = [22] + vpc_id = module.vpc.vpc_id } ##----------------------------------------------------- @@ -90,13 +82,11 @@ module "ec2" { associate_public_ip_address = true tenancy = "default" subnet_ids = tolist(module.public_subnets.public_subnet_id) - - assign_eip_address = "true" - - ebs_volume_enabled = "true" - ebs_volume_type = "gp2" - ebs_volume_size = 30 - user_data = "./_bin/user_data.sh" + assign_eip_address = "true" + ebs_volume_enabled = "true" + ebs_volume_type = "gp2" + ebs_volume_size = 30 + user_data = "./_bin/user_data.sh" } ##----------------------------------------------------------------------------- @@ -109,7 +99,6 @@ module "alarm" { environment = "test" label_order = ["name", "environment"] - expression_enabled = true alarm_name = "cpu-alarm" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -145,9 +134,8 @@ module "alarm" { LoadBalancer = "app/web" } }] - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = [] - + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] actions_enabled = true insufficient_data_actions = [] ok_actions = [] From ac366cd6d163846d49c05a070c62ae23dc1c23c0 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 15:15:51 +0530 Subject: [PATCH 06/15] feat: fix code owners file error --- _example/anomaly_example/example.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index fa0535e..efc9fd0 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -1,5 +1,5 @@ ##--------------------------------------------------------------------------------------------------------------------------- -## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +## Provider block added, Use6 the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. ##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" From 27abdeaec69983e259f597afbfc28cc58bd90a95 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 15:18:23 +0530 Subject: [PATCH 07/15] feat: fix code owners file error --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 7aa8ed5..5e797e3 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1,2 @@ # These owners will be the default owners for everything in the repo. -* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file +* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file From 263cc3e8621f23ee6863276657b19cc5c9a2fb1f Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 27 Sep 2023 15:23:03 +0530 Subject: [PATCH 08/15] feat: fix code owners file error --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5e797e3..7aa8ed5 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1,2 @@ # These owners will be the default owners for everything in the repo. -* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file +* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file From b5026d87fab6c5d8f08bbbb89fa4c800e823032f Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 15:26:52 +0530 Subject: [PATCH 09/15] feat: fix code owners file error --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 7aa8ed5..57bdcfa 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1,2 @@ # These owners will be the default owners for everything in the repo. -* @anmolnagpal @clouddrove/approvers @clouddrove-ci \ No newline at end of file +* @anmolnagpal @clouddrove/approvers @clouddrove-ci From 9a00cf9b4c54f29b5ce2e6dcfa622ac8a0948d92 Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 15:30:58 +0530 Subject: [PATCH 10/15] feat: fix code owners file error --- .github/CODEOWNERS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 57bdcfa..5320939 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,2 +1,3 @@ # These owners will be the default owners for everything in the repo. -* @anmolnagpal @clouddrove/approvers @clouddrove-ci +* @anmolnagpal @clouddrove/approvers @clouddrove-ci + From 0b76406d532ac80b91a05ecba86a268018f4870c Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 16:01:27 +0530 Subject: [PATCH 11/15] feat: fix code owners file error --- .github/CODEOWNERS | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5320939..231c9a6 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,2 @@ # These owners will be the default owners for everything in the repo. * @anmolnagpal @clouddrove/approvers @clouddrove-ci - From d1f82366b6a30a64cb78d28fa381e0382ff207be Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 17:55:46 +0530 Subject: [PATCH 12/15] feat: added security-group-rule in ec2 module --- .../.terraform.tfstate.lock.info | 1 + _example/anomaly_example/example.tf | 33 ++------- _example/basic_example/example.tf | 33 ++------- _example/expression_example/example.tf | 33 ++------- variables.tf | 73 +++++++++++++++++++ 5 files changed, 95 insertions(+), 78 deletions(-) create mode 100644 _example/anomaly_example/.terraform.tfstate.lock.info diff --git a/_example/anomaly_example/.terraform.tfstate.lock.info b/_example/anomaly_example/.terraform.tfstate.lock.info new file mode 100644 index 0000000..26498b6 --- /dev/null +++ b/_example/anomaly_example/.terraform.tfstate.lock.info @@ -0,0 +1 @@ +{"ID":"ff25a4a8-5c64-35ad-0d25-970e35a6e032","Operation":"OperationTypeApply","Info":"","Who":"prashant@prashant","Version":"1.5.7","Created":"2023-09-27T12:24:29.546335369Z","Path":"terraform.tfstate"} \ No newline at end of file diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index efc9fd0..e0d5dfe 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -37,32 +37,6 @@ module "public_subnets" { igw_id = module.vpc.igw_id } -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. -##----------------------------------------------------- -module "http-https" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "alarm" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. -##----------------------------------------------------- -module "ssh" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "alarmsg" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - ##----------------------------------------------------- ## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. ##----------------------------------------------------- @@ -74,6 +48,13 @@ module "ec2" { environment = "test" label_order = ["name", "environment"] + ####---------------------------------------------------------------------------------- + ## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with. + ####---------------------------------------------------------------------------------- + vpc_id = module.vpc.vpc_id + allowed_ip = [module.vpc.vpc_cidr_block] + allowed_ports = [22, 80, 443] + instance_count = 1 ami = "ami-08d658f84a6d84a80" ebs_optimized = "false" diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index c916ff2..39ac25b 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -37,32 +37,6 @@ module "public_subnets" { igw_id = module.vpc.igw_id } -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. -##----------------------------------------------------- -module "http-https" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "http-https" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. -##----------------------------------------------------- -module "ssh" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "ssh" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - ##----------------------------------------------------- ## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. ##----------------------------------------------------- @@ -73,6 +47,13 @@ module "ec2" { environment = "test" label_order = ["name", "environment"] + ####---------------------------------------------------------------------------------- + ## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with. + ####---------------------------------------------------------------------------------- + vpc_id = module.vpc.vpc_id + allowed_ip = [module.vpc.vpc_cidr_block] + allowed_ports = [22, 80, 443] + instance_count = 1 ami = "ami-08d658f84a6d84a80" ebs_optimized = "false" diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index f1764bf..01c54d6 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -37,32 +37,6 @@ module "public_subnets" { igw_id = module.vpc.igw_id } -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. -##----------------------------------------------------- -module "http-https" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "http-https" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - -##----------------------------------------------------- -## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. -##----------------------------------------------------- -module "ssh" { - source = "clouddrove/security-group/aws" - version = "2.0.0" - - name = "ssh" - environment = "test" - label_order = ["name", "environment"] - vpc_id = module.vpc.vpc_id -} - ##----------------------------------------------------- ## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. ##----------------------------------------------------- @@ -74,6 +48,13 @@ module "ec2" { environment = "test" label_order = ["name", "environment"] + ####---------------------------------------------------------------------------------- + ## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with. + ####---------------------------------------------------------------------------------- + vpc_id = module.vpc.vpc_id + allowed_ip = [module.vpc.vpc_cidr_block] + allowed_ports = [22, 80, 443] + instance_count = 1 ami = "ami-08d658f84a6d84a80" ebs_optimized = "false" diff --git a/variables.tf b/variables.tf index d4aa742..26c7d96 100644 --- a/variables.tf +++ b/variables.tf @@ -165,4 +165,77 @@ variable "query_metrics" { } }] description = "values for metric query metrics." +} + +variable "enable_security_group" { + type = bool + default = true + description = "Enable default Security Group with only Egress traffic allowed." +} + +variable "sg_ids" { + type = list(any) + default = [] + description = "of the security group id." +} + +variable "vpc_id" { + type = string + default = "" + description = "The ID of the VPC that the instance security group belongs to." + sensitive = true +} + +variable "sg_description" { + type = string + default = "Instance default security group (only egress access is allowed)." + description = "The security group description." +} + +variable "is_external" { + type = bool + default = false + description = "enable to udated existing security Group" +} + +variable "egress_rule" { + type = bool + default = true + description = "Enable to create egress rule" +} + +variable "sg_egress_description" { + type = string + default = "Description of the rule." + description = "Description of the egress and ingress rule" +} + +variable "sg_egress_ipv6_description" { + type = string + default = "Description of the rule." + description = "Description of the egress_ipv6 rule" +} + +variable "allowed_ip" { + type = list(any) + default = [] + description = "List of allowed ip." +} + +variable "allowed_ports" { + type = list(any) + default = [] + description = "List of allowed ingress ports" +} + +variable "sg_ingress_description" { + type = string + default = "Description of the ingress rule use elasticache." + description = "Description of the ingress rule" +} + +variable "protocol" { + type = string + default = "tcp" + description = "The protocol. If not icmp, tcp, udp, or all use the." } \ No newline at end of file From 2c9fb80d28b34ac6128d7e9023233578068e4dd0 Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 18:04:58 +0530 Subject: [PATCH 13/15] feat: added security-group-rule in ec2 module --- .../.terraform.tfstate.lock.info | 1 - variables.tf | 73 ------------------- 2 files changed, 74 deletions(-) delete mode 100644 _example/anomaly_example/.terraform.tfstate.lock.info diff --git a/_example/anomaly_example/.terraform.tfstate.lock.info b/_example/anomaly_example/.terraform.tfstate.lock.info deleted file mode 100644 index 26498b6..0000000 --- a/_example/anomaly_example/.terraform.tfstate.lock.info +++ /dev/null @@ -1 +0,0 @@ -{"ID":"ff25a4a8-5c64-35ad-0d25-970e35a6e032","Operation":"OperationTypeApply","Info":"","Who":"prashant@prashant","Version":"1.5.7","Created":"2023-09-27T12:24:29.546335369Z","Path":"terraform.tfstate"} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 26c7d96..d4aa742 100644 --- a/variables.tf +++ b/variables.tf @@ -165,77 +165,4 @@ variable "query_metrics" { } }] description = "values for metric query metrics." -} - -variable "enable_security_group" { - type = bool - default = true - description = "Enable default Security Group with only Egress traffic allowed." -} - -variable "sg_ids" { - type = list(any) - default = [] - description = "of the security group id." -} - -variable "vpc_id" { - type = string - default = "" - description = "The ID of the VPC that the instance security group belongs to." - sensitive = true -} - -variable "sg_description" { - type = string - default = "Instance default security group (only egress access is allowed)." - description = "The security group description." -} - -variable "is_external" { - type = bool - default = false - description = "enable to udated existing security Group" -} - -variable "egress_rule" { - type = bool - default = true - description = "Enable to create egress rule" -} - -variable "sg_egress_description" { - type = string - default = "Description of the rule." - description = "Description of the egress and ingress rule" -} - -variable "sg_egress_ipv6_description" { - type = string - default = "Description of the rule." - description = "Description of the egress_ipv6 rule" -} - -variable "allowed_ip" { - type = list(any) - default = [] - description = "List of allowed ip." -} - -variable "allowed_ports" { - type = list(any) - default = [] - description = "List of allowed ingress ports" -} - -variable "sg_ingress_description" { - type = string - default = "Description of the ingress rule use elasticache." - description = "Description of the ingress rule" -} - -variable "protocol" { - type = string - default = "tcp" - description = "The protocol. If not icmp, tcp, udp, or all use the." } \ No newline at end of file From de8639f1d95761771db37469b4006066c63b82f8 Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 18:07:02 +0530 Subject: [PATCH 14/15] feat: added security-group-rule in ec2 module --- versions.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/versions.tf b/versions.tf index 5b25067..d32a33a 100644 --- a/versions.tf +++ b/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.5.5" + required_version = ">= 1.5.7" required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.13.1" + version = ">= 5.18.1" } } } \ No newline at end of file From 5c68a44edce3afc73d4924102fa2c32d502e022b Mon Sep 17 00:00:00 2001 From: theprashantyadav Date: Wed, 27 Sep 2023 21:47:41 +0530 Subject: [PATCH 15/15] feat: update version,tf --- _example/anomaly_example/versions.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_example/anomaly_example/versions.tf b/_example/anomaly_example/versions.tf index 5b25067..d32a33a 100644 --- a/_example/anomaly_example/versions.tf +++ b/_example/anomaly_example/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.5.5" + required_version = ">= 1.5.7" required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.13.1" + version = ">= 5.18.1" } } } \ No newline at end of file