Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add VPN routes #200

Merged
merged 1 commit into from
Jul 5, 2024
Merged

Add VPN routes #200

merged 1 commit into from
Jul 5, 2024

Conversation

akuzminsky
Copy link
Member

We want to let VPN cliens reach certain networks. For that, we push the management VPC network range to the VPN client configuration.

@akuzminsky akuzminsky temporarily deployed to continuous-integration July 5, 2024 19:45 — with GitHub Actions Inactive
@infrahouse8
Copy link
Contributor

State s3://infrahouse-aws-control-493370826424/terraform.tfstate

Affected resources counts

Success Add 🟡 Change Destroy
0 4 0

Affected resources by action

Action Resources
🟡 module.vpn.aws_autoscaling_group.openvpn
🟡 module.vpn.aws_launch_template.openvpn
🟡 module.vpn.module.google_client.aws_secretsmanager_secret_version.current
🟡 module.vpn.module.instance_profile.aws_iam_policy.profile
STDOUT 
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.vpn.data.aws_iam_policy_document.instance_permissions will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "instance_permissions" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions   = [
              + "sts:GetCallerIdentity",
            ]
          + resources = [
              + "*",
            ]
        }
      + statement {
          + actions   = [
              + "ec2:DescribeInstances",
            ]
          + resources = [
              + "*",
            ]
        }
      + statement {
          + actions   = [
              + "ec2:ModifyInstanceAttribute",
            ]
          + resources = [
              + "*",
            ]

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "openvpn-2024070518392010580000001e-nRBgZQ",
                ]
              + variable = "ec2:ResourceTag/aws:autoscaling:groupName"
            }
        }
    }

  # module.vpn.aws_autoscaling_group.openvpn will be updated in-place
  ~ resource "aws_autoscaling_group" "openvpn" {
        id                               = "openvpn-2024070518392010580000001e-nRBgZQ"
        name                             = "openvpn-2024070518392010580000001e-nRBgZQ"
        # (31 unchanged attributes hidden)

      ~ launch_template {
            id      = "lt-0f7a032c61f3f5094"
            name    = "openvpn-2024070518392010580000001e"
          ~ version = "1" -> (known after apply)
        }

        # (5 unchanged blocks hidden)
    }

  # module.vpn.aws_launch_template.openvpn will be updated in-place
  ~ resource "aws_launch_template" "openvpn" {
        id                                   = "lt-0f7a032c61f3f5094"
      ~ latest_version                       = 1 -> (known after apply)
        name                                 = "openvpn-2024070518392010580000001e"
        tags                                 = {
            "created_by_module" = "infrahouse/openvpn/aws"
            "service"           = "openvpn"
        }
      ~ user_data                            = "Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PSJNSU1FQk9VTkRBUlkiCk1JTUUtVmVyc2lvbjogMS4wDQoNCi0tTUlNRUJPVU5EQVJZDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA3Yml0DQpDb250ZW50LVR5cGU6IHRleHQvY2xvdWQtY29uZmlnDQpNaW1lLVZlcnNpb246IDEuMA0KDQojY2xvdWQtY29uZmlnCiJhcHQiOgogICJzb3VyY2VzIjoKICAgICJpbmZyYWhvdXNlIjoKICAgICAgImtleSI6IHwKICAgICAgICAtLS0tLUJFR0lOIFBHUCBQVUJMSUMgS0VZIEJMT0NLLS0tLS0KCiAgICAgICAgbVFJTkJHUzdGdGtCRUFERitZbURnNlF2c3Y1VjZaUXcrUWh4ZFR2ak1YZUxDOVQ2UkZSVkQ5NDdxS3p0Tk5RbgogICAgICAgICtBL3l4cHJMQW1XMjVVdS8xMW9Dc3pOVklJYVIzT1k4TXR5aWxiQ3R6VWtCenZXZGxYM0h2VHc5MUxwOGJ4VUwKICAgICAgICBFWE9NOW5zY3FPck92ZkJqYW5wbEtERUtQTVk2dklaM2twMXJVc0NOR0xCTDB4MktaZ1U4MHVsUnNNTThxbkJOCiAgICAgICAga3BUaUFlWEtPRVZ0UnpsV2x2T0ZMSjdwWUR2YVowVWdIU1Z1RStaa2xkcU9kTExScEtrZEl2SlBja1hxTDV4VAogICAgICAgIFV2V1RXMWVuRkFIZDUrTlF4TW5DYTNpa2pRVjNEVGxFanNnTExRYmJ5c1hqWFByNlBJUHMyOWNUY2ZvcTQzMU8KICAgICAgICB0UjREclpCNHZNRU9BODhUbUtCa0VpTUcraUI5Y2p6NXdCSXVNdTk1Wm1vSnhkdmpQUjcyRllLZ3JDWE50TmhkCiAgICAgICAgVmVyRVJ2cExUaGRhUm1aZ2k3bHkrRHZrWTdMcXlKUHZkSGNxeGVkZ0ZuUEtSNFQrZ1NRbWJVUGQ5cXFkSlIwUQogICAgICAgIEtsL1BtdHVTL3c5Z3kyWjRheTBRSUtyTkJ6UXhoQThMRFpwcDFydWZDSjUrWk1lZjkwdkhwd3hNK09hUHJ5TmwKICAgICAgICBFZERXN1lROGZ1QjVuUHFqd1VBcG1sWVlMSllsZDd2Sjc5RUl4L3NqZ2g2RytJRmltN3hSN1dpUUYvbkpldmZxCiAgICAgICAgdnpZTzdvci9HSUNiNmVad3ZQZHR5NzlIbVZlUHFFVGxEVTAwb3lvcFd5VHNZeVNZRFNIbi80ZG9UdXg4ditGLwogICAgICAgIFlleWJ2Z3FicmlIN2lTRjhIeHdFRmVEanJNdFVUSHNYQzM1REhGZU1DaEpveHN5S3Y0OEorYklHRndBUkFRQUIKICAgICAgICB0QzFKYm1aeVlVaHZkWE5sSUZCaFkydGhaMlZ5SUR4d1lXTnJZV2RsY2tCcGJtWnlZV2h2ZFhObExtTnZiVDZKCiAgICAgICAgQWxRRUV3RUtBRDRXSVFTaU5oNWtZM3c4VzBnQUY4WGd1SmFveGZjRDd3VUNaTHNXMlFJYkF3VUpBOEpuQUFVTAogICAgICAgIENRZ0hBZ1lWQ2drSUN3SUVGZ0lEQVFJZUFRSVhnQUFLQ1JEZ3VKYW94ZmNEN3diN0QvOWVuYnRPMURFUW4xUHQKICAgICAgICBoZ2t0SCtJcmJCZFlSSGs3MWlsMmhibm1BYm9Ma2sxYWsvYWFRWS9YUURKRmhyQTdqTWtQTE9DUmVvdEhpUW12CiAgICAgICAgMVVmcURjTTJlUTQveDBOOUYyRExVU2t1d3cxMTd2dHRVb0J4aXJCNzJwTzBUL2xkOW8zOVNITUMvRGZrNnk2aAogICAgICAgIHRUR3F4TGdoOGozRFN5TzVFRXJKTGEvM0J2TXFyNGlxYjNQVHdOZURSRWphdlFKaFhTdkVGanlBQ29vOWQ3cnMKICAgICAgICA3bGhDYmJTUGpnVGNHL1BDZnpMcjM3UXl6WGlUUi9Ud2ppd1ZkVGhkQ1MvQ0tuc29NOG5nSHhqWFlwSzdNNndnCiAgICAgICAgdHpBOEprSFpyNU1wa3JQR3JnUWV2aEpCTGtIUi9qY3NhYUJaTjdudzhhZUhjd3dNNC9DaEhJeVpkUTkxMDU5cAogICAgICAgIE9NYVltV21qUFFmcTFyT25BQXZBMXhXdytUWk56SGdXSXE0dnVzeDdPQnZyRnNWZVpOc3FkN09hNHBydFZXZzAKICAgICAgICA5MWNLWkpvL092Nm9wTS93RFdOMnlCbmttQkN3YVhwb0g1TkRRMjJiaG5HVEplSVdkZWk4VVNHcHZCa1R4QkkyCiAgICAgICAgWDMycHlPbVpEbjgxTDJ6TTJpb052Z1hJYjV1NXRqYjlOT2lBdDZvVzBHMHgwMGRncjNyNnB1OHFtTXdrQlZCQwogICAgICAgIHZXd0VtYXhRbmtUaG5iQWQ1N1ZiYXQ0Ly91RGNIRnBEYUJQcEZXZUNMMmRmRFNyUzlpaUs2SzFWa3ZHTG9YaDgKICAgICAgICBNcEpxam9kZHBmTmg0dXlmekt5TkUxZHJRMjltY3dmSWx6WG9QcmIwOVc2WkhwbSt0cWQ4TWs3MDd6d3NkRkdSCiAgICAgICAgcVJzeG10UG45SjFyZVlaaVZ1RTVHMjZmMWFLVFI3a0NEUVJrdXhiWkFSQUE0KzlrbjRzbUJYWmNNMHZGcTlSOAogICAgICAgIDI0WEtadFRhVm1Wb1ZKTVJRTTQ0cVdSK3MvUzBNenZiTzV1MGNTVlRoWTY1WXpNTHM5MjBVWTZ1R3BvUzJaWXcKICAgICAgICBJTWlwa2FCKzJGNkI4UjdWN25sL1NnYVhHYTJNZXhrQzd3dDZibEZiYXc3cGJ2SStpSTl3UzhCS0hnTUR6ZDBGCiAgICAgICAgVGpTcTl2ZGtWa2Y3eUkzaEV3bGxYN3pUNklMT3Zrbk5HYm9zMGRGSTkyY0JXUXMraVhQNTB4RFZpdDMrOW1DRAogICAgICAgIHJ1V1ZZazczbXZTRXpGY3VYQ3liS0o1VS9uelNRNzBKb1FtU1BjNTBSUWp1SEdkemwvWXpHRmFGbjV6SVo1cFAKICAgICAgICBrNVMrS1RZZWt6Y2lSa0h6YmVhNVBqK0E2S1ppbEtqNXlrQVJGencrQ1B4cXN1ZWpEa2k3QSthM20zV0dxK21tCiAgICAgICAgQWtsUTRZQmNvbHpOT3BnV2NsSVN1RTNkNWtndGFKQUNJZ3RlODdGNlFCQnNrOG9EQkZRQ25abW9PaXJsU2xiZgogICAgICAgIEp1RDZmVkNKdTJ6WTdUaE4xTzBvV1R3QWFOQXZNNTVDTFR2NnMzRm10UjkybG5sUURGdUorZmo4NjNjNnF4MTQKICAgICAgICBGdU80bU03ZXVTMDh3R2dWR205MXdBN2JZbDRhaHhDNlMyQkdCNUZ2a1pmekJCd2pzZm1VV0hBdTdWUlpKeGtYCiAgICAgICAgSnA2OTZPVGRSM1JmSTdJWjZPVzZ0R0VMaWpzd1diYlpYYjVYUldFVzk5dldPN05JSzZzT3ZoTUROcDliU011YgogICAgICAgIFhQM1BiUHhneVQwYm1zczB5d05Zd3VjbmZjbURYcVBWdTNHZHQ1M2F0MStoSzdtbG5RM3VVczVlVkVPSUhuSm0KICAgICAgICBmMXRyRGdnU1RFN2Zua3g2Q3psK2lNa0FFUUVBQVlrQ1BBUVlBUW9BSmhZaEJLSTJIbVJqZkR4YlNBQVh4ZUM0CiAgICAgICAgbHFqRjl3UHZCUUprdXhiWkFoc01CUWtEd21jQUFBb0pFT0M0bHFqRjl3UHY4U1FQL2pzUWZKQ1VIcmpwWDRmUAogICAgICAgIDBOdFZ5cWxDcnExT21MUDdCTHJYckN4b0FGUmI2NFlKVWRXazVQMzVrOXdqMkJRanBqY05qMmlrODBGb28wMkUKICAgICAgICB5YytQelcvNHR6VnZkeFJyRXpzT0ZtK21NUitsbFVIQUt6QmE2UUJ4SFQwb2ZMN3A1WFlUdU1ObllvK1BqVk1tCiAgICAgICAgalAzVEVKR1lYWW11aEdmYWFKWnBqTG1KRnFwNTl4Ly9kc01IZUxxVUNod2I2Q2c2RHVrQWloZUFzM1ArclhvMwogICAgICAgIHRCbkE0SkNDaVhSNy8vMFdlelJvU1BkYWxOZW00dnM4UFQ4N3NuSGJEbGlGTVZmOHcrZmtzSW5xdm90aVJESTQKICAgICAgICBRQnJCZnMzTmRlWlcvdG11cE9hWkpSekhEdnZLYmcvL082aXAxYVB2SUxXdlRETThLY1FDUUVTYVdrQ2JJMXVjCiAgICAgICAgcml6QU1ibFRCMmd5dzl5b2pDcFZDTUJYZGl6QXFxeWw1WlZydzQrWC9pMDlJc050OGhBOS81Ulk3djNjN1oyQwogICAgICAgIFh5MnhLV210TEk5bmxPU1N3VXhCNTY2STI5bFZLQkxVbVhtUWZuUklJSENpSkRYWUZEUC82TGZ2OSttaEVXVTgKICAgICAgICBxZWQzeGhwZU5TQUl6QStNVGxqdGlSbW9yeHBkZGlYYnRDYWZjUGwvSjNYMEIwN2ZjY0pad1pzQ1lDcHRMeTFjCiAgICAgICAgeXZWYU4rRUJtam9DcDNqdDZ3TGU0eGNscVUzQUN3ei84VEREbXRKN1VVZGw3TWRraXBRWjI3OEwya3BsNm82MQogICAgICAgIE1GMmZYRDdmWk1lWmZFdzZsdTBCRjVtWjAvY2gzSHhYZVpvWGlmNzlnMjV2Wm1TZFc5N3BjZWV3UGx2bEVURlEKICAgICAgICA1NXBNb3JReVVURVFDUTNFQ3pIWVNuTC9UbVc3CiAgICAgICAgPSswUmMKICAgICAgICAtLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCiAgICAgICJzb3VyY2UiOiAiZGViIFtzaWduZWQtYnk9JEtFWV9GSUxFXSBodHRwczovL3JlbGVhc2UtamFtbXkuaW5mcmFob3VzZS5jb20vICRSRUxFQVNFCiAgICAgICAgbWFpbiIKInBhY2thZ2VfdXBkYXRlIjogdHJ1ZQoicGFja2FnZXMiOgotICJtYWtlIgotICJnY2MiCi0gInB1cHBldC1jb2RlIgotICJpbmZyYWhvdXNlLXRvb2xraXQiCi0gImF3c2NsaSIKLSAibmZzLWNvbW1vbiIKInB1cHBldCI6CiAgImNvbGxlY3Rpb24iOiAicHVwcGV0OCIKICAiaW5zdGFsbCI6IHRydWUKICAiaW5zdGFsbF90eXBlIjogImFpbyIKICAicGFja2FnZV9uYW1lIjogInB1cHBldC1hZ2VudCIKICAic3RhcnRfc2VydmljZSI6IGZhbHNlCiJydW5jbWQiOgotICIvb3B0L3B1cHBldGxhYnMvcHVwcGV0L2Jpbi9nZW0gaW5zdGFsbCBqc29uIgotICIvb3B0L3B1cHBldGxhYnMvcHVwcGV0L2Jpbi9nZW0gaW5zdGFsbCBhd3Mtc2RrLWNvcmUiCi0gIi9vcHQvcHVwcGV0bGFicy9wdXBwZXQvYmluL2dlbSBpbnN0YWxsIGF3cy1zZGstc2VjcmV0c21hbmFnZXIiCi0gImF3cyBlYzIgbW9kaWZ5LWluc3RhbmNlLWF0dHJpYnV0ZSAtLW5vLXNvdXJjZS1kZXN0LWNoZWNrIC0taW5zdGFuY2UtaWQgJChlYzJtZXRhZGF0YQogIC0taW5zdGFuY2UtaWQpIgotICJpaC1wdXBwZXQgIC0tZW52aXJvbm1lbnQgZGV2ZWxvcG1lbnQgLS1lbnZpcm9ubWVudHBhdGgge3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMKICAtLXJvb3QtZGlyZWN0b3J5IC9vcHQvcHVwcGV0LWNvZGUgLS1oaWVyYS1jb25maWcge3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMve2Vudmlyb25tZW50fS9oaWVyYS55YW1sCiAgLS1tb2R1bGUtcGF0aCB7cm9vdF9kaXJlY3Rvcnl9L21vZHVsZXMgYXBwbHkgL29wdC9wdXBwZXQtY29kZS9lbnZpcm9ubWVudHMvZGV2ZWxvcG1lbnQvbWFuaWZlc3RzL3NpdGUucHAiCiJ3cml0ZV9maWxlcyI6Ci0gImNvbnRlbnQiOiAiZXhwb3J0IEFXU19ERUZBVUxUX1JFR0lPTj11cy13ZXN0LTEiCiAgInBhdGgiOiAiL2V0Yy9wcm9maWxlLmQvYXdzLnNoIgogICJwZXJtaXNzaW9ucyI6ICIwNjQ0IgotICJjb250ZW50IjogfC0KICAgIFtkZWZhdWx0XQogICAgcmVnaW9uPXVzLXdlc3QtMQogICJwYXRoIjogIi9yb290Ly5hd3MvY29uZmlnIgogICJwZXJtaXNzaW9ucyI6ICIwNjAwIgotICJjb250ZW50IjogfAogICAgInB1cHBldF9lbnZpcm9ubWVudCI6ICJkZXZlbG9wbWVudCIKICAgICJwdXBwZXRfcm9sZSI6ICJvcGVudnBuX3NlcnZlciIKICAicGF0aCI6ICIvZXRjL3B1cHBldGxhYnMvZmFjdGVyL2ZhY3RzLmQvcHVwcGV0LnlhbWwiCiAgInBlcm1pc3Npb25zIjogIjA2NDQiCi0gImNvbnRlbnQiOiAie1wiaWgtcHVwcGV0XCI6e1wiZGVidWdcIjpmYWxzZSxcImVudmlyb25tZW50cGF0aFwiOlwie3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHNcIixcImhpZXJhLWNvbmZpZ1wiOlwie3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMve2Vudmlyb25tZW50fS9oaWVyYS55YW1sXCIsXCJtYW5pZmVzdFwiOlwiL29wdC9wdXBwZXQtY29kZS9lbnZpcm9ubWVudHMvZGV2ZWxvcG1lbnQvbWFuaWZlc3RzL3NpdGUucHBcIixcIm1vZHVsZS1wYXRoXCI6XCJ7cm9vdF9kaXJlY3Rvcnl9L21vZHVsZXNcIixcInJvb3QtZGlyZWN0b3J5XCI6XCIvb3B0L3B1cHBldC1jb2RlXCJ9fSIKICAicGF0aCI6ICIvZXRjL3B1cHBldGxhYnMvZmFjdGVyL2ZhY3RzLmQvaWgtcHVwcGV0Lmpzb24iCiAgInBlcm1pc3Npb25zIjogIjA2NDQiCi0gImNvbnRlbnQiOiAie1wiZWZzXCI6e1wiZG5zX25hbWVcIjpcImZzLTAzMGFmNTdmYWFjNmRjOTc5LmVmcy51cy13ZXN0LTEuYW1hem9uYXdzLmNvbVwiLFwiZmlsZV9zeXN0ZW1faWRcIjpcImZzLTAzMGFmNTdmYWFjNmRjOTc5XCJ9LFwib3BlbnZwblwiOntcImNhX2tleV9wYXNzcGhyYXNlX3NlY3JldFwiOlwib3BlbnZwbl9jYV9wYXNzcGhyYXNlMjAyNDA3MDUxODM5MTY1Njc4MDAwMDAwMTdcIixcIm9wZW52cG5fcG9ydFwiOjExOTQsXCJyb3V0ZXNcIjpbXX19IgogICJwYXRoIjogIi9ldGMvcHVwcGV0bGFicy9mYWN0ZXIvZmFjdHMuZC9jdXN0b20uanNvbiIKICAicGVybWlzc2lvbnMiOiAiMDY0NCIKDQotLU1JTUVCT1VOREFSWS0tDQo=" -> "Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PSJNSU1FQk9VTkRBUlkiCk1JTUUtVmVyc2lvbjogMS4wDQoNCi0tTUlNRUJPVU5EQVJZDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA3Yml0DQpDb250ZW50LVR5cGU6IHRleHQvY2xvdWQtY29uZmlnDQpNaW1lLVZlcnNpb246IDEuMA0KDQojY2xvdWQtY29uZmlnCiJhcHQiOgogICJzb3VyY2VzIjoKICAgICJpbmZyYWhvdXNlIjoKICAgICAgImtleSI6IHwKICAgICAgICAtLS0tLUJFR0lOIFBHUCBQVUJMSUMgS0VZIEJMT0NLLS0tLS0KCiAgICAgICAgbVFJTkJHUzdGdGtCRUFERitZbURnNlF2c3Y1VjZaUXcrUWh4ZFR2ak1YZUxDOVQ2UkZSVkQ5NDdxS3p0Tk5RbgogICAgICAgICtBL3l4cHJMQW1XMjVVdS8xMW9Dc3pOVklJYVIzT1k4TXR5aWxiQ3R6VWtCenZXZGxYM0h2VHc5MUxwOGJ4VUwKICAgICAgICBFWE9NOW5zY3FPck92ZkJqYW5wbEtERUtQTVk2dklaM2twMXJVc0NOR0xCTDB4MktaZ1U4MHVsUnNNTThxbkJOCiAgICAgICAga3BUaUFlWEtPRVZ0UnpsV2x2T0ZMSjdwWUR2YVowVWdIU1Z1RStaa2xkcU9kTExScEtrZEl2SlBja1hxTDV4VAogICAgICAgIFV2V1RXMWVuRkFIZDUrTlF4TW5DYTNpa2pRVjNEVGxFanNnTExRYmJ5c1hqWFByNlBJUHMyOWNUY2ZvcTQzMU8KICAgICAgICB0UjREclpCNHZNRU9BODhUbUtCa0VpTUcraUI5Y2p6NXdCSXVNdTk1Wm1vSnhkdmpQUjcyRllLZ3JDWE50TmhkCiAgICAgICAgVmVyRVJ2cExUaGRhUm1aZ2k3bHkrRHZrWTdMcXlKUHZkSGNxeGVkZ0ZuUEtSNFQrZ1NRbWJVUGQ5cXFkSlIwUQogICAgICAgIEtsL1BtdHVTL3c5Z3kyWjRheTBRSUtyTkJ6UXhoQThMRFpwcDFydWZDSjUrWk1lZjkwdkhwd3hNK09hUHJ5TmwKICAgICAgICBFZERXN1lROGZ1QjVuUHFqd1VBcG1sWVlMSllsZDd2Sjc5RUl4L3NqZ2g2RytJRmltN3hSN1dpUUYvbkpldmZxCiAgICAgICAgdnpZTzdvci9HSUNiNmVad3ZQZHR5NzlIbVZlUHFFVGxEVTAwb3lvcFd5VHNZeVNZRFNIbi80ZG9UdXg4ditGLwogICAgICAgIFlleWJ2Z3FicmlIN2lTRjhIeHdFRmVEanJNdFVUSHNYQzM1REhGZU1DaEpveHN5S3Y0OEorYklHRndBUkFRQUIKICAgICAgICB0QzFKYm1aeVlVaHZkWE5sSUZCaFkydGhaMlZ5SUR4d1lXTnJZV2RsY2tCcGJtWnlZV2h2ZFhObExtTnZiVDZKCiAgICAgICAgQWxRRUV3RUtBRDRXSVFTaU5oNWtZM3c4VzBnQUY4WGd1SmFveGZjRDd3VUNaTHNXMlFJYkF3VUpBOEpuQUFVTAogICAgICAgIENRZ0hBZ1lWQ2drSUN3SUVGZ0lEQVFJZUFRSVhnQUFLQ1JEZ3VKYW94ZmNEN3diN0QvOWVuYnRPMURFUW4xUHQKICAgICAgICBoZ2t0SCtJcmJCZFlSSGs3MWlsMmhibm1BYm9Ma2sxYWsvYWFRWS9YUURKRmhyQTdqTWtQTE9DUmVvdEhpUW12CiAgICAgICAgMVVmcURjTTJlUTQveDBOOUYyRExVU2t1d3cxMTd2dHRVb0J4aXJCNzJwTzBUL2xkOW8zOVNITUMvRGZrNnk2aAogICAgICAgIHRUR3F4TGdoOGozRFN5TzVFRXJKTGEvM0J2TXFyNGlxYjNQVHdOZURSRWphdlFKaFhTdkVGanlBQ29vOWQ3cnMKICAgICAgICA3bGhDYmJTUGpnVGNHL1BDZnpMcjM3UXl6WGlUUi9Ud2ppd1ZkVGhkQ1MvQ0tuc29NOG5nSHhqWFlwSzdNNndnCiAgICAgICAgdHpBOEprSFpyNU1wa3JQR3JnUWV2aEpCTGtIUi9qY3NhYUJaTjdudzhhZUhjd3dNNC9DaEhJeVpkUTkxMDU5cAogICAgICAgIE9NYVltV21qUFFmcTFyT25BQXZBMXhXdytUWk56SGdXSXE0dnVzeDdPQnZyRnNWZVpOc3FkN09hNHBydFZXZzAKICAgICAgICA5MWNLWkpvL092Nm9wTS93RFdOMnlCbmttQkN3YVhwb0g1TkRRMjJiaG5HVEplSVdkZWk4VVNHcHZCa1R4QkkyCiAgICAgICAgWDMycHlPbVpEbjgxTDJ6TTJpb052Z1hJYjV1NXRqYjlOT2lBdDZvVzBHMHgwMGRncjNyNnB1OHFtTXdrQlZCQwogICAgICAgIHZXd0VtYXhRbmtUaG5iQWQ1N1ZiYXQ0Ly91RGNIRnBEYUJQcEZXZUNMMmRmRFNyUzlpaUs2SzFWa3ZHTG9YaDgKICAgICAgICBNcEpxam9kZHBmTmg0dXlmekt5TkUxZHJRMjltY3dmSWx6WG9QcmIwOVc2WkhwbSt0cWQ4TWs3MDd6d3NkRkdSCiAgICAgICAgcVJzeG10UG45SjFyZVlaaVZ1RTVHMjZmMWFLVFI3a0NEUVJrdXhiWkFSQUE0KzlrbjRzbUJYWmNNMHZGcTlSOAogICAgICAgIDI0WEtadFRhVm1Wb1ZKTVJRTTQ0cVdSK3MvUzBNenZiTzV1MGNTVlRoWTY1WXpNTHM5MjBVWTZ1R3BvUzJaWXcKICAgICAgICBJTWlwa2FCKzJGNkI4UjdWN25sL1NnYVhHYTJNZXhrQzd3dDZibEZiYXc3cGJ2SStpSTl3UzhCS0hnTUR6ZDBGCiAgICAgICAgVGpTcTl2ZGtWa2Y3eUkzaEV3bGxYN3pUNklMT3Zrbk5HYm9zMGRGSTkyY0JXUXMraVhQNTB4RFZpdDMrOW1DRAogICAgICAgIHJ1V1ZZazczbXZTRXpGY3VYQ3liS0o1VS9uelNRNzBKb1FtU1BjNTBSUWp1SEdkemwvWXpHRmFGbjV6SVo1cFAKICAgICAgICBrNVMrS1RZZWt6Y2lSa0h6YmVhNVBqK0E2S1ppbEtqNXlrQVJGencrQ1B4cXN1ZWpEa2k3QSthM20zV0dxK21tCiAgICAgICAgQWtsUTRZQmNvbHpOT3BnV2NsSVN1RTNkNWtndGFKQUNJZ3RlODdGNlFCQnNrOG9EQkZRQ25abW9PaXJsU2xiZgogICAgICAgIEp1RDZmVkNKdTJ6WTdUaE4xTzBvV1R3QWFOQXZNNTVDTFR2NnMzRm10UjkybG5sUURGdUorZmo4NjNjNnF4MTQKICAgICAgICBGdU80bU03ZXVTMDh3R2dWR205MXdBN2JZbDRhaHhDNlMyQkdCNUZ2a1pmekJCd2pzZm1VV0hBdTdWUlpKeGtYCiAgICAgICAgSnA2OTZPVGRSM1JmSTdJWjZPVzZ0R0VMaWpzd1diYlpYYjVYUldFVzk5dldPN05JSzZzT3ZoTUROcDliU011YgogICAgICAgIFhQM1BiUHhneVQwYm1zczB5d05Zd3VjbmZjbURYcVBWdTNHZHQ1M2F0MStoSzdtbG5RM3VVczVlVkVPSUhuSm0KICAgICAgICBmMXRyRGdnU1RFN2Zua3g2Q3psK2lNa0FFUUVBQVlrQ1BBUVlBUW9BSmhZaEJLSTJIbVJqZkR4YlNBQVh4ZUM0CiAgICAgICAgbHFqRjl3UHZCUUprdXhiWkFoc01CUWtEd21jQUFBb0pFT0M0bHFqRjl3UHY4U1FQL2pzUWZKQ1VIcmpwWDRmUAogICAgICAgIDBOdFZ5cWxDcnExT21MUDdCTHJYckN4b0FGUmI2NFlKVWRXazVQMzVrOXdqMkJRanBqY05qMmlrODBGb28wMkUKICAgICAgICB5YytQelcvNHR6VnZkeFJyRXpzT0ZtK21NUitsbFVIQUt6QmE2UUJ4SFQwb2ZMN3A1WFlUdU1ObllvK1BqVk1tCiAgICAgICAgalAzVEVKR1lYWW11aEdmYWFKWnBqTG1KRnFwNTl4Ly9kc01IZUxxVUNod2I2Q2c2RHVrQWloZUFzM1ArclhvMwogICAgICAgIHRCbkE0SkNDaVhSNy8vMFdlelJvU1BkYWxOZW00dnM4UFQ4N3NuSGJEbGlGTVZmOHcrZmtzSW5xdm90aVJESTQKICAgICAgICBRQnJCZnMzTmRlWlcvdG11cE9hWkpSekhEdnZLYmcvL082aXAxYVB2SUxXdlRETThLY1FDUUVTYVdrQ2JJMXVjCiAgICAgICAgcml6QU1ibFRCMmd5dzl5b2pDcFZDTUJYZGl6QXFxeWw1WlZydzQrWC9pMDlJc050OGhBOS81Ulk3djNjN1oyQwogICAgICAgIFh5MnhLV210TEk5bmxPU1N3VXhCNTY2STI5bFZLQkxVbVhtUWZuUklJSENpSkRYWUZEUC82TGZ2OSttaEVXVTgKICAgICAgICBxZWQzeGhwZU5TQUl6QStNVGxqdGlSbW9yeHBkZGlYYnRDYWZjUGwvSjNYMEIwN2ZjY0pad1pzQ1lDcHRMeTFjCiAgICAgICAgeXZWYU4rRUJtam9DcDNqdDZ3TGU0eGNscVUzQUN3ei84VEREbXRKN1VVZGw3TWRraXBRWjI3OEwya3BsNm82MQogICAgICAgIE1GMmZYRDdmWk1lWmZFdzZsdTBCRjVtWjAvY2gzSHhYZVpvWGlmNzlnMjV2Wm1TZFc5N3BjZWV3UGx2bEVURlEKICAgICAgICA1NXBNb3JReVVURVFDUTNFQ3pIWVNuTC9UbVc3CiAgICAgICAgPSswUmMKICAgICAgICAtLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCiAgICAgICJzb3VyY2UiOiAiZGViIFtzaWduZWQtYnk9JEtFWV9GSUxFXSBodHRwczovL3JlbGVhc2UtamFtbXkuaW5mcmFob3VzZS5jb20vICRSRUxFQVNFCiAgICAgICAgbWFpbiIKInBhY2thZ2VfdXBkYXRlIjogdHJ1ZQoicGFja2FnZXMiOgotICJtYWtlIgotICJnY2MiCi0gInB1cHBldC1jb2RlIgotICJpbmZyYWhvdXNlLXRvb2xraXQiCi0gImF3c2NsaSIKLSAibmZzLWNvbW1vbiIKInB1cHBldCI6CiAgImNvbGxlY3Rpb24iOiAicHVwcGV0OCIKICAiaW5zdGFsbCI6IHRydWUKICAiaW5zdGFsbF90eXBlIjogImFpbyIKICAicGFja2FnZV9uYW1lIjogInB1cHBldC1hZ2VudCIKICAic3RhcnRfc2VydmljZSI6IGZhbHNlCiJydW5jbWQiOgotICIvb3B0L3B1cHBldGxhYnMvcHVwcGV0L2Jpbi9nZW0gaW5zdGFsbCBqc29uIgotICIvb3B0L3B1cHBldGxhYnMvcHVwcGV0L2Jpbi9nZW0gaW5zdGFsbCBhd3Mtc2RrLWNvcmUiCi0gIi9vcHQvcHVwcGV0bGFicy9wdXBwZXQvYmluL2dlbSBpbnN0YWxsIGF3cy1zZGstc2VjcmV0c21hbmFnZXIiCi0gImF3cyBlYzIgbW9kaWZ5LWluc3RhbmNlLWF0dHJpYnV0ZSAtLW5vLXNvdXJjZS1kZXN0LWNoZWNrIC0taW5zdGFuY2UtaWQgJChlYzJtZXRhZGF0YQogIC0taW5zdGFuY2UtaWQpIgotICJpaC1wdXBwZXQgIC0tZW52aXJvbm1lbnQgZGV2ZWxvcG1lbnQgLS1lbnZpcm9ubWVudHBhdGgge3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMKICAtLXJvb3QtZGlyZWN0b3J5IC9vcHQvcHVwcGV0LWNvZGUgLS1oaWVyYS1jb25maWcge3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMve2Vudmlyb25tZW50fS9oaWVyYS55YW1sCiAgLS1tb2R1bGUtcGF0aCB7cm9vdF9kaXJlY3Rvcnl9L21vZHVsZXMgYXBwbHkgL29wdC9wdXBwZXQtY29kZS9lbnZpcm9ubWVudHMvZGV2ZWxvcG1lbnQvbWFuaWZlc3RzL3NpdGUucHAiCiJ3cml0ZV9maWxlcyI6Ci0gImNvbnRlbnQiOiAiZXhwb3J0IEFXU19ERUZBVUxUX1JFR0lPTj11cy13ZXN0LTEiCiAgInBhdGgiOiAiL2V0Yy9wcm9maWxlLmQvYXdzLnNoIgogICJwZXJtaXNzaW9ucyI6ICIwNjQ0IgotICJjb250ZW50IjogfC0KICAgIFtkZWZhdWx0XQogICAgcmVnaW9uPXVzLXdlc3QtMQogICJwYXRoIjogIi9yb290Ly5hd3MvY29uZmlnIgogICJwZXJtaXNzaW9ucyI6ICIwNjAwIgotICJjb250ZW50IjogfAogICAgInB1cHBldF9lbnZpcm9ubWVudCI6ICJkZXZlbG9wbWVudCIKICAgICJwdXBwZXRfcm9sZSI6ICJvcGVudnBuX3NlcnZlciIKICAicGF0aCI6ICIvZXRjL3B1cHBldGxhYnMvZmFjdGVyL2ZhY3RzLmQvcHVwcGV0LnlhbWwiCiAgInBlcm1pc3Npb25zIjogIjA2NDQiCi0gImNvbnRlbnQiOiAie1wiaWgtcHVwcGV0XCI6e1wiZGVidWdcIjpmYWxzZSxcImVudmlyb25tZW50cGF0aFwiOlwie3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHNcIixcImhpZXJhLWNvbmZpZ1wiOlwie3Jvb3RfZGlyZWN0b3J5fS9lbnZpcm9ubWVudHMve2Vudmlyb25tZW50fS9oaWVyYS55YW1sXCIsXCJtYW5pZmVzdFwiOlwiL29wdC9wdXBwZXQtY29kZS9lbnZpcm9ubWVudHMvZGV2ZWxvcG1lbnQvbWFuaWZlc3RzL3NpdGUucHBcIixcIm1vZHVsZS1wYXRoXCI6XCJ7cm9vdF9kaXJlY3Rvcnl9L21vZHVsZXNcIixcInJvb3QtZGlyZWN0b3J5XCI6XCIvb3B0L3B1cHBldC1jb2RlXCJ9fSIKICAicGF0aCI6ICIvZXRjL3B1cHBldGxhYnMvZmFjdGVyL2ZhY3RzLmQvaWgtcHVwcGV0Lmpzb24iCiAgInBlcm1pc3Npb25zIjogIjA2NDQiCi0gImNvbnRlbnQiOiAie1wiZWZzXCI6e1wiZG5zX25hbWVcIjpcImZzLTAzMGFmNTdmYWFjNmRjOTc5LmVmcy51cy13ZXN0LTEuYW1hem9uYXdzLmNvbVwiLFwiZmlsZV9zeXN0ZW1faWRcIjpcImZzLTAzMGFmNTdmYWFjNmRjOTc5XCJ9LFwib3BlbnZwblwiOntcImNhX2tleV9wYXNzcGhyYXNlX3NlY3JldFwiOlwib3BlbnZwbl9jYV9wYXNzcGhyYXNlMjAyNDA3MDUxODM5MTY1Njc4MDAwMDAwMTdcIixcIm9wZW52cG5fcG9ydFwiOjExOTQsXCJyb3V0ZXNcIjpbe1wibmV0bWFza1wiOlwiMjU1LjI1NS4yNTIuMFwiLFwibmV0d29ya1wiOlwiMTAuMC4wLjBcIn1dfX0iCiAgInBhdGgiOiAiL2V0Yy9wdXBwZXRsYWJzL2ZhY3Rlci9mYWN0cy5kL2N1c3RvbS5qc29uIgogICJwZXJtaXNzaW9ucyI6ICIwNjQ0IgoNCi0tTUlNRUJPVU5EQVJZLS0NCg=="
        # (16 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.vpn.module.google_client.data.external.secret_value will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "external" "secret_value" {
      + id      = (known after apply)
      + program = [
          + "python",
          + ".terraform/modules/vpn.google_client/assets/get_secret.py",
          + "us-west-1",
          + "arn:aws:secretsmanager:us-west-1:493370826424:secret:google_client20240705183915856300000015-9EuJ0W",
          + "arn:aws:iam::493370826424:role/ih-tf-aws-control-493370826424-admin",
        ]
      + result  = (known after apply)
    }

  # module.vpn.module.google_client.aws_secretsmanager_secret_version.current will be updated in-place
  ~ resource "aws_secretsmanager_secret_version" "current" {
        id             = "arn:aws:secretsmanager:us-west-1:493370826424:secret:google_client20240705183915856300000015-9EuJ0W|terraform-20240705183924618600000020"
      ~ version_stages = [
          - "AWSPREVIOUS",
            # (1 unchanged element hidden)
        ]
        # (5 unchanged attributes hidden)
    }

  # module.vpn.module.instance_profile.aws_iam_policy.profile will be updated in-place
  ~ resource "aws_iam_policy" "profile" {
        id               = "arn:aws:iam::493370826424:policy/openvpn-8u1hU4OyuQDT20240705183937201200000024"
        name             = "openvpn-8u1hU4OyuQDT20240705183937201200000024"
      ~ policy           = jsonencode(
            {
              - Statement = [
                  - {
                      - Action   = "sts:GetCallerIdentity"
                      - Effect   = "Allow"
                      - Resource = "*"
                    },
                  - {
                      - Action   = "ec2:DescribeInstances"
                      - Effect   = "Allow"
                      - Resource = "*"
                    },
                  - {
                      - Action    = "ec2:ModifyInstanceAttribute"
                      - Condition = {
                          - StringEquals = {
                              - "ec2:ResourceTag/aws:autoscaling:groupName" = "openvpn-2024070518392010580000001e-nRBgZQ"
                            }
                        }
                      - Effect    = "Allow"
                      - Resource  = "*"
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        tags             = {
            "created_by_module" = "infrahouse/instance-profile/aws"
        }
        # (7 unchanged attributes hidden)
    }

Plan: 0 to add, 4 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf.plan"
metadata 
eyJzMzovL2luZnJhaG91c2UtYXdzLWNvbnRyb2wtNDkzMzcwODI2NDI0L3RlcnJhZm9ybS50ZnN0YXRlIjogeyJzdWNjZXNzIjogdHJ1ZSwgImFkZCI6IDAsICJjaGFuZ2UiOiA0LCAiZGVzdHJveSI6IDB9fQ==

@akuzminsky akuzminsky merged commit 363cabf into main Jul 5, 2024
1 check passed
@akuzminsky akuzminsky deleted the vpn branch July 5, 2024 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@akuzminsky @infrahouse8