From 9fd29a6001270a675abf059f6b4e6c1583bd072d Mon Sep 17 00:00:00 2001 From: Andriy Knysh Date: Mon, 4 Jun 2018 21:35:30 -0400 Subject: [PATCH] Remove dependencies on `terraform-aws-account-metadata`. Use Terraform vars instead (#8) --- README.md | 2 +- aws/acm-cloudfront/main.tf | 2 +- aws/acm-cloudfront/terraform.tfvars.example | 1 + aws/acm/main.tf | 2 +- aws/acm/terraform.tfvars.example | 2 +- aws/backing-services/aurora-postgres.tf | 8 ++-- aws/backing-services/elasticache-redis.tf | 8 ++-- aws/backing-services/main.tf | 37 +++++++++++++--- aws/backing-services/terraform.tfvars.example | 5 +++ aws/backing-services/vpc.tf | 12 ++--- aws/chamber/chamber-kops.sh | 26 +++++------ aws/chamber/kms-key.tf | 4 +- aws/chamber/main.tf | 28 +++++++++--- aws/chamber/terraform.tfvars.example | 4 ++ aws/chamber/user.tf | 6 +-- aws/dns/terraform.tfvars.example | 2 +- aws/docs/main.tf | 40 ++++++++++++----- aws/docs/terraform.tfvars.example | 4 ++ aws/kops-aws-platform/chart-repo.tf | 8 ++-- aws/kops-aws-platform/external-dns.tf | 8 ++-- aws/kops-aws-platform/main.tf | 28 +++++++++--- .../terraform.tfvars.example | 4 ++ aws/kops-aws-platform/vpc-peering.tf | 8 ++-- aws/kops/main.tf | 44 +++++++++++++------ aws/kops/terraform.tfvars.example | 4 ++ 25 files changed, 207 insertions(+), 90 deletions(-) create mode 100644 aws/acm-cloudfront/terraform.tfvars.example create mode 100644 aws/backing-services/terraform.tfvars.example create mode 100644 aws/chamber/terraform.tfvars.example create mode 100644 aws/docs/terraform.tfvars.example create mode 100644 aws/kops-aws-platform/terraform.tfvars.example create mode 100644 aws/kops/terraform.tfvars.example diff --git a/README.md b/README.md index c823c47b0..ae622b6e3 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ This is a collection of reusable root modules for CloudPosse AWS accounts. Use the `terraform-root-modules` Docker image as the base image in the application `Dockerfile`, and copy the modules from `/aws` folder into `/conf` folder ```dockerfile -FROM cloudposse/terraform-root-modules:0.1.4 as terraform-root-modules +FROM cloudposse/terraform-root-modules:0.1.6 as terraform-root-modules FROM cloudposse/geodesic:0.9.16 diff --git a/aws/acm-cloudfront/main.tf b/aws/acm-cloudfront/main.tf index 3e813b84f..c50eae7b5 100644 --- a/aws/acm-cloudfront/main.tf +++ b/aws/acm-cloudfront/main.tf @@ -20,7 +20,7 @@ provider "aws" { } variable "domain_name" { - description = "Domain name (E.g. staging.cloudposse.org)" + description = "Domain name (E.g. staging.cloudposse.co)" } module "certificate" { diff --git a/aws/acm-cloudfront/terraform.tfvars.example b/aws/acm-cloudfront/terraform.tfvars.example new file mode 100644 index 000000000..0c7e52f63 --- /dev/null +++ b/aws/acm-cloudfront/terraform.tfvars.example @@ -0,0 +1 @@ +domain_name="staging.cloudposse.co" diff --git a/aws/acm/main.tf b/aws/acm/main.tf index 9c21418b7..1009baabb 100644 --- a/aws/acm/main.tf +++ b/aws/acm/main.tf @@ -13,7 +13,7 @@ provider "aws" { } variable "domain_name" { - description = "Domain name (E.g. staging.cloudposse.org)" + description = "Domain name (E.g. staging.cloudposse.co)" } module "certificate" { diff --git a/aws/acm/terraform.tfvars.example b/aws/acm/terraform.tfvars.example index 5b46460b6..0c7e52f63 100644 --- a/aws/acm/terraform.tfvars.example +++ b/aws/acm/terraform.tfvars.example @@ -1 +1 @@ -domain_name="foobar.domain.com" +domain_name="staging.cloudposse.co" diff --git a/aws/backing-services/aurora-postgres.tf b/aws/backing-services/aurora-postgres.tf index 6030074ee..cbe4e6a8e 100644 --- a/aws/backing-services/aurora-postgres.tf +++ b/aws/backing-services/aurora-postgres.tf @@ -39,8 +39,8 @@ variable "POSTGRES_CLUSTER_ENABLED" { module "aurora_postgres" { source = "git::https://github.com/cloudposse/terraform-aws-rds-cluster.git?ref=tags/0.3.5" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "postgres" engine = "aurora-postgresql" cluster_family = "aurora-postgresql9.6" @@ -51,9 +51,9 @@ module "aurora_postgres" { db_name = "${var.POSTGRES_DB_NAME}" db_port = "5432" vpc_id = "${module.vpc.vpc_id}" - availability_zones = ["${module.identity.availability_zones}"] + availability_zones = ["${data.aws_availability_zones.available}"] subnets = ["${module.subnets.private_subnet_ids}"] - zone_id = "${module.identity.zone_id}" + zone_id = "${var.zone_id}" security_groups = ["${module.kops_metadata.nodes_security_group_id}"] enabled = "${var.POSTGRES_CLUSTER_ENABLED}" } diff --git a/aws/backing-services/elasticache-redis.tf b/aws/backing-services/elasticache-redis.tf index 66c9523ba..a32c18fcb 100644 --- a/aws/backing-services/elasticache-redis.tf +++ b/aws/backing-services/elasticache-redis.tf @@ -18,10 +18,10 @@ variable "REDIS_CLUSTER_ENABLED" { module "elasticache_redis" { source = "git::https://github.com/cloudposse/terraform-aws-elasticache-redis.git?ref=tags/0.4.3" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "redis" - zone_id = "${module.identity.zone_id}" + zone_id = "${var.zone_id}" security_groups = ["${module.kops_metadata.nodes_security_group_id}"] vpc_id = "${module.vpc.vpc_id}" subnets = ["${module.subnets.private_subnet_ids}"] @@ -34,7 +34,7 @@ module "elasticache_redis" { alarm_cpu_threshold_percent = "75" alarm_memory_threshold_bytes = "10000000" apply_immediately = "true" - availability_zones = ["${module.identity.availability_zones}"] + availability_zones = ["${data.aws_availability_zones.available}"] automatic_failover = "false" enabled = "${var.REDIS_CLUSTER_ENABLED}" } diff --git a/aws/backing-services/main.tf b/aws/backing-services/main.tf index 8ad6d37d7..33f0d2113 100644 --- a/aws/backing-services/main.tf +++ b/aws/backing-services/main.tf @@ -4,7 +4,36 @@ terraform { backend "s3" {} } -variable "aws_assume_role_arn" {} +variable "aws_assume_role_arn" { + type = "string" +} + +variable "namespace" { + type = "string" + description = "Namespace (e.g. `cp` or `cloudposse`)" +} + +variable "stage" { + type = "string" + description = "Stage (e.g. `prod`, `dev`, `staging`)" +} + +variable "region" { + type = "string" + description = "AWS region" +} + +variable "zone_name" { + type = "string" + description = "DNS zone name" +} + +variable "zone_id" { + type = "string" + description = "DNS zone ID" +} + +data "aws_availability_zones" "available" {} provider "aws" { assume_role { @@ -12,11 +41,7 @@ provider "aws" { } } -module "identity" { - source = "git::git@github.com:cloudposse/terraform-aws-account-metadata.git?ref=init" -} - module "kops_metadata" { source = "git::https://github.com/cloudposse/terraform-aws-kops-metadata.git?ref=tags/0.1.1" - dns_zone = "${module.identity.aws_region}.${module.identity.zone_name}" + dns_zone = "${var.region}.${var.zone_name}" } diff --git a/aws/backing-services/terraform.tfvars.example b/aws/backing-services/terraform.tfvars.example new file mode 100644 index 000000000..677332ee3 --- /dev/null +++ b/aws/backing-services/terraform.tfvars.example @@ -0,0 +1,5 @@ +namespace="cp" +stage="staging" +region="us-west-2" +zone_name="us-west-2.cloudposse.co" +zone_id="XXXXXXXXXXXX" diff --git a/aws/backing-services/vpc.tf b/aws/backing-services/vpc.tf index d7d6a3917..6e560859e 100644 --- a/aws/backing-services/vpc.tf +++ b/aws/backing-services/vpc.tf @@ -4,19 +4,19 @@ locals { module "vpc" { source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.3.3" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "${local.name}" cidr_block = "10.0.0.0/16" } module "subnets" { source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.3.4" - availability_zones = ["${module.identity.availability_zones}"] - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + availability_zones = ["${data.aws_availability_zones.available}"] + namespace = "${var.namespace}" + stage = "${var.stage}" name = "${local.name}" - region = "${module.identity.aws_region}" + region = "${var.region}" vpc_id = "${module.vpc.vpc_id}" igw_id = "${module.vpc.igw_id}" cidr_block = "${module.vpc.vpc_cidr_block}" diff --git a/aws/chamber/chamber-kops.sh b/aws/chamber/chamber-kops.sh index 0c6b88b1c..9d63517c5 100755 --- a/aws/chamber/chamber-kops.sh +++ b/aws/chamber/chamber-kops.sh @@ -14,36 +14,36 @@ exit 1 ## Chart Museum chamber write kops CHARTMUSEUM_BASIC_AUTH_USER XXXXXXXXXXXX # e.g. server chamber write kops CHARTMUSEUM_BASIC_AUTH_PASS XXXXXXXXXXXX -chamber write kops CHARTMUSEUM_HOSTNAME XXXXXXXXXXXX # e.g. charts.us-west-2.staging.cloudposse.org -chamber write kops CHARTMUSEUM_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops CHARTMUSEUM_HOSTNAME XXXXXXXXXXXX # e.g. charts.us-west-2.staging.cloudposse.co +chamber write kops CHARTMUSEUM_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co ## Chart Repo chamber write kops CHART_REPO_STORAGE_AMAZON_BUCKET XXXXXXXXXXXX # e.g. cp-staging-chart-repo chamber write kops CHART_REPO_STORAGE_AMAZON_REGION XXXXXXXXXXXX # e.g. us-west-2 chamber write kops CHART_REPO_STORAGE_AWS_IAM_ROLE XXXXXXXXXXXX # e.g. cp-staging-chart-repo -chamber write kops CHART_REPO_GATEWAY_HOSTNAME XXXXXXXXXXXX # e.g. gateway.charts.us-west-2.staging.cloudposse.org -chamber write kops CHART_REPO_GATEWAY_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops CHART_REPO_GATEWAY_HOSTNAME XXXXXXXXXXXX # e.g. gateway.charts.us-west-2.staging.cloudposse.co +chamber write kops CHART_REPO_GATEWAY_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co chamber write kops CHART_REPO_GATEWAY_BASIC_AUTH_USER XXXXXXXXXXXX # e.g. gateway chamber write kops CHART_REPO_GATEWAY_BASIC_AUTH_PASS XXXXXXXXXXXX -chamber write kops CHART_REPO_SERVER_HOSTNAME XXXXXXXXXXXX # e.g. charts.us-west-2.staging.cloudposse.org -chamber write kops CHART_REPO_SERVER_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops CHART_REPO_SERVER_HOSTNAME XXXXXXXXXXXX # e.g. charts.us-west-2.staging.cloudposse.co +chamber write kops CHART_REPO_SERVER_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co chamber write kops CHART_REPO_SERVER_BASIC_AUTH_USER XXXXXXXXXXXX # e.g. server chamber write kops CHART_REPO_SERVER_BASIC_AUTH_PASS XXXXXXXXXXXX ## External DNS -chamber write kops EXTERNAL_DNS_TXT_OWNER_ID XXXXXXXXXXXX # e.g. us-west-2.staging.cloudposse.org +chamber write kops EXTERNAL_DNS_TXT_OWNER_ID XXXXXXXXXXXX # e.g. us-west-2.staging.cloudposse.co chamber write kops EXTERNAL_DNS_TXT_PREFIX XXXXXXXXXXXX # e.g. 184f3df5-53c6-4071-974b-2d8de32e82c7- chamber write kops EXTERNAL_DNS_IAM_ROLE XXXXXXXXXXXX # e.g. cp-staging-external-dns ## Kube Lego - Automatic Let's Encrypt for Ingress -chamber write kops KUBE_LEGO_EMAIL XXXXXXXXXXXX # e.g. awsadmin@cloudposse.org +chamber write kops KUBE_LEGO_EMAIL XXXXXXXXXXXX # e.g. awsadmin@cloudposse.co ## NGINX Ingress Controller -chamber write kops NGINX_INGRESS_HOSTNAME XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops NGINX_INGRESS_HOSTNAME XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co ## prometheus-operator @@ -62,11 +62,11 @@ chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_REPLICA_COUNT XXXXXXXXXXXX # chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_IMAGE_TAG XXXXXXXXXXXX # e.g. v0.14.0 chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_SLACK_WEBHOOK_URL XXXXXXXXXXXX chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_SLACK_CHANNEL XXXXXXXXXXXX -chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_HOSTNAME XXXXXXXXXXXX # e.g. alerts.us-west-2.staging.cloudposse.org -chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_HOSTNAME XXXXXXXXXXXX # e.g. alerts.us-west-2.staging.cloudposse.co +chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co chamber write kops KUBE_PROMETHEUS_ALERT_MANAGER_SECRET_NAME XXXXXXXXXXXX # e.g. alertmanager-general-tls chamber write kops KUBE_PROMETHEUS_REPLICA_COUNT XXXXXXXXXXXX # e.g. 4 chamber write kops KUBE_PROMETHEUS_IMAGE_TAG XXXXXXXXXXXX # e.g. v2.2.1 -chamber write kops KUBE_PROMETHEUS_HOSTNAME XXXXXXXXXXXX # e.g. prometheus.us-west-2.staging.cloudposse.org -chamber write kops KUBE_PROMETHEUS_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.org +chamber write kops KUBE_PROMETHEUS_HOSTNAME XXXXXXXXXXXX # e.g. prometheus.us-west-2.staging.cloudposse.co +chamber write kops KUBE_PROMETHEUS_INGRESS XXXXXXXXXXXX # e.g. ingress.us-west-2.staging.cloudposse.co chamber write kops KUBE_PROMETHEUS_SECRET_NAME XXXXXXXXXXXX # e.g. prometheus-general-tls diff --git a/aws/chamber/kms-key.tf b/aws/chamber/kms-key.tf index b9ddbf865..e8fd50e00 100644 --- a/aws/chamber/kms-key.tf +++ b/aws/chamber/kms-key.tf @@ -1,7 +1,7 @@ module "chamber_kms_key" { source = "git::https://github.com/cloudposse/terraform-aws-kms-key.git?ref=tags/0.1.0" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "chamber" description = "KMS key for chamber" } diff --git a/aws/chamber/main.tf b/aws/chamber/main.tf index b3253a29d..d81c0178c 100644 --- a/aws/chamber/main.tf +++ b/aws/chamber/main.tf @@ -4,14 +4,32 @@ terraform { backend "s3" {} } -variable "aws_assume_role_arn" {} +variable "aws_assume_role_arn" { + type = "string" +} + +variable "namespace" { + type = "string" + description = "Namespace (e.g. `cp` or `cloudposse`)" +} + +variable "stage" { + type = "string" + description = "Stage (e.g. `prod`, `dev`, `staging`)" +} + +variable "region" { + type = "string" + description = "AWS region" +} + +variable "account_id" { + type = "string" + description = "AWS account ID" +} provider "aws" { assume_role { role_arn = "${var.aws_assume_role_arn}" } } - -module "identity" { - source = "git::git@github.com:cloudposse/terraform-aws-account-metadata.git?ref=init" -} diff --git a/aws/chamber/terraform.tfvars.example b/aws/chamber/terraform.tfvars.example new file mode 100644 index 000000000..5e75f1078 --- /dev/null +++ b/aws/chamber/terraform.tfvars.example @@ -0,0 +1,4 @@ +namespace="cp" +stage="staging" +region="us-west-2" +account_id="XXXXXXXXXXXX" diff --git a/aws/chamber/user.tf b/aws/chamber/user.tf index 6cd8bb159..9160d7890 100644 --- a/aws/chamber/user.tf +++ b/aws/chamber/user.tf @@ -2,12 +2,12 @@ # https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-access.html module "chamber_user" { source = "git::https://github.com/cloudposse/terraform-aws-iam-chamber-user.git?ref=tags/0.1.4" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "chamber" attributes = ["codefresh"] kms_key_arn = "${module.chamber_kms_key.key_arn}" - ssm_resources = ["${format("arn:aws:ssm:%s:%s:parameter/kops/*", module.identity.aws_region, module.identity.account_id)}"] + ssm_resources = ["${format("arn:aws:ssm:%s:%s:parameter/kops/*", var.region, var.account_id)}"] } output "chamber_user_name" { diff --git a/aws/dns/terraform.tfvars.example b/aws/dns/terraform.tfvars.example index aa32eed58..0c7e52f63 100644 --- a/aws/dns/terraform.tfvars.example +++ b/aws/dns/terraform.tfvars.example @@ -1 +1 @@ -domain_name="staging.cloudposse.org" +domain_name="staging.cloudposse.co" diff --git a/aws/docs/main.tf b/aws/docs/main.tf index 84ab711c1..a4e39587d 100644 --- a/aws/docs/main.tf +++ b/aws/docs/main.tf @@ -12,6 +12,26 @@ variable "domain_name" { type = "string" } +variable "namespace" { + type = "string" + description = "Namespace (e.g. `cp` or `cloudposse`)" +} + +variable "stage" { + type = "string" + description = "Stage (e.g. `prod`, `dev`, `staging`)" +} + +variable "region" { + type = "string" + description = "AWS region" +} + +variable "account_id" { + type = "string" + description = "AWS account ID" +} + provider "aws" { assume_role { role_arn = "${var.aws_assume_role_arn}" @@ -38,28 +58,24 @@ data "aws_acm_certificate" "acm_cloudfront_certificate" { locals { name = "docs" cdn_domain = "docs.${var.domain_name}" - docs_user_arn = "arn:aws:iam::${module.identity.account_id}:user/${module.identity.namespace}-${module.identity.stage}-${local.name}" -} - -module "identity" { - source = "git::git@github.com:cloudposse/terraform-aws-account-metadata.git?ref=init" + docs_user_arn = "arn:aws:iam::${var.account_id}:user/${var.namespace}-${var.stage}-${local.name}" } module "docs_user" { source = "git::https://github.com/cloudposse/terraform-aws-iam-system-user.git?ref=tags/0.2.2" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "${local.name}" } module "origin" { source = "git::https://github.com/cloudposse/terraform-aws-s3-website.git?ref=tags/0.5.2" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "${local.name}" hostname = "${local.cdn_domain}" parent_zone_name = "${var.domain_name}" - region = "${module.identity.aws_region}" + region = "${var.region}" cors_allowed_headers = ["*"] cors_allowed_methods = ["GET"] cors_allowed_origins = ["*"] @@ -84,8 +100,8 @@ module "origin" { # CloudFront CDN fronting origin module "cdn" { source = "git::https://github.com/cloudposse/terraform-aws-cloudfront-cdn.git?ref=tags/0.4.0" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "${local.name}" aliases = ["${local.cdn_domain}", "docs.cloudposse.com"] origin_domain_name = "${module.origin.s3_bucket_website_endpoint}" diff --git a/aws/docs/terraform.tfvars.example b/aws/docs/terraform.tfvars.example new file mode 100644 index 000000000..5e75f1078 --- /dev/null +++ b/aws/docs/terraform.tfvars.example @@ -0,0 +1,4 @@ +namespace="cp" +stage="staging" +region="us-west-2" +account_id="XXXXXXXXXXXX" diff --git a/aws/kops-aws-platform/chart-repo.tf b/aws/kops-aws-platform/chart-repo.tf index 1ba00bdb7..dd21889fb 100644 --- a/aws/kops-aws-platform/chart-repo.tf +++ b/aws/kops-aws-platform/chart-repo.tf @@ -1,12 +1,12 @@ module "kops_chart_repo" { source = "git::https://github.com/cloudposse/terraform-aws-kops-chart-repo.git?ref=tags/0.1.1" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "chart-repo" - cluster_name = "${module.identity.aws_region}.${module.identity.zone_name}" + cluster_name = "${var.region}.${var.zone_name}" tags = { - Cluster = "${module.identity.aws_region}.${module.identity.zone_name}" + Cluster = "${var.region}.${var.zone_name}" } } diff --git a/aws/kops-aws-platform/external-dns.tf b/aws/kops-aws-platform/external-dns.tf index b1e074116..b6a81ba72 100644 --- a/aws/kops-aws-platform/external-dns.tf +++ b/aws/kops-aws-platform/external-dns.tf @@ -1,12 +1,12 @@ module "kops_external_dns" { source = "git::https://github.com/cloudposse/terraform-aws-kops-external-dns.git?ref=tags/0.1.2" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "external-dns" - cluster_name = "${module.identity.aws_region}.${module.identity.zone_name}" + cluster_name = "${var.region}.${var.zone_name}" tags = { - Cluster = "${module.identity.aws_region}.${module.identity.zone_name}" + Cluster = "${var.region}.${var.zone_name}" } } diff --git a/aws/kops-aws-platform/main.tf b/aws/kops-aws-platform/main.tf index b3253a29d..880ca9f5c 100644 --- a/aws/kops-aws-platform/main.tf +++ b/aws/kops-aws-platform/main.tf @@ -4,14 +4,32 @@ terraform { backend "s3" {} } -variable "aws_assume_role_arn" {} +variable "aws_assume_role_arn" { + type = "string" +} + +variable "namespace" { + type = "string" + description = "Namespace (e.g. `cp` or `cloudposse`)" +} + +variable "stage" { + type = "string" + description = "Stage (e.g. `prod`, `dev`, `staging`)" +} + +variable "region" { + type = "string" + description = "AWS region" +} + +variable "zone_name" { + type = "string" + description = "DNS zone name" +} provider "aws" { assume_role { role_arn = "${var.aws_assume_role_arn}" } } - -module "identity" { - source = "git::git@github.com:cloudposse/terraform-aws-account-metadata.git?ref=init" -} diff --git a/aws/kops-aws-platform/terraform.tfvars.example b/aws/kops-aws-platform/terraform.tfvars.example new file mode 100644 index 000000000..16db64d2b --- /dev/null +++ b/aws/kops-aws-platform/terraform.tfvars.example @@ -0,0 +1,4 @@ +namespace="cp" +stage="staging" +region="us-west-2" +zone_name="us-west-2.cloudposse.co" diff --git a/aws/kops-aws-platform/vpc-peering.tf b/aws/kops-aws-platform/vpc-peering.tf index 2a83ffc87..2b61020df 100644 --- a/aws/kops-aws-platform/vpc-peering.tf +++ b/aws/kops-aws-platform/vpc-peering.tf @@ -2,17 +2,17 @@ data "aws_vpc" "backing_services_vpc" { filter { name = "tag:Name" - values = ["${module.identity.namespace}-${module.identity.stage}-backing-services"] + values = ["${var.namespace}-${var.stage}-backing-services"] } } module "kops_vpc_peering" { source = "git::https://github.com/cloudposse/terraform-aws-kops-vpc-peering.git?ref=tags/0.1.2" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "kops-peering" backing_services_vpc_id = "${data.aws_vpc.backing_services_vpc.id}" - dns_zone = "${module.identity.aws_region}.${module.identity.zone_name}" + dns_zone = "${var.region}.${var.zone_name}" } output "kops_vpc_peering_connection_id" { diff --git a/aws/kops/main.tf b/aws/kops/main.tf index f86af2f01..6c0615f54 100644 --- a/aws/kops/main.tf +++ b/aws/kops/main.tf @@ -4,7 +4,29 @@ terraform { backend "s3" {} } -variable "aws_assume_role_arn" {} +variable "aws_assume_role_arn" { + type = "string" +} + +variable "namespace" { + type = "string" + description = "Namespace (e.g. `cp` or `cloudposse`)" +} + +variable "stage" { + type = "string" + description = "Stage (e.g. `prod`, `dev`, `staging`)" +} + +variable "region" { + type = "string" + description = "AWS region" +} + +variable "zone_name" { + type = "string" + description = "DNS zone name" +} provider "aws" { assume_role { @@ -12,26 +34,22 @@ provider "aws" { } } -module "identity" { - source = "git::git@github.com:cloudposse/terraform-aws-account-metadata.git?ref=init" -} - module "kops_state_backend" { source = "git::https://github.com/cloudposse/terraform-aws-kops-state-backend.git?ref=tags/0.1.3" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" + namespace = "${var.namespace}" + stage = "${var.stage}" name = "kops-state" - cluster_name = "${module.identity.aws_region}" - parent_zone_name = "${module.identity.zone_name}" + cluster_name = "${var.region}" + parent_zone_name = "${var.zone_name}" zone_name = "$${name}.$${parent_zone_name}" - region = "${module.identity.aws_region}" + region = "${var.region}" } module "ssh_key_pair" { source = "git::https://github.com/cloudposse/terraform-aws-key-pair.git?ref=tags/0.2.3" - namespace = "${module.identity.namespace}" - stage = "${module.identity.stage}" - name = "kops-${module.identity.aws_region}" + namespace = "${var.namespace}" + stage = "${var.stage}" + name = "kops-${var.region}" ssh_public_key_path = "/secrets/tf/ssh" generate_ssh_key = "true" } diff --git a/aws/kops/terraform.tfvars.example b/aws/kops/terraform.tfvars.example new file mode 100644 index 000000000..16db64d2b --- /dev/null +++ b/aws/kops/terraform.tfvars.example @@ -0,0 +1,4 @@ +namespace="cp" +stage="staging" +region="us-west-2" +zone_name="us-west-2.cloudposse.co"