├── .gitignore ├── 000_getting_started ├── aws.tf ├── main.tf ├── outputs.tf ├── providers.tf ├── terraform.tfvars └── variables.tf ├── 010_provisioners-cloud-init ├── main.tf ├── private_ips.txt └── userdata.yaml ├── 011_provisioners-local-exec └── main.tf ├── 012_provisioners-remote-exec └── main.tf ├── 013_provisioners-file └── main.tf ├── 014_provisioners-null-resource ├── main.tf └── userdata.yaml ├── 015_provisioners-terraform-data ├── main.tf └── userdata.yaml ├── 020_providers-azure └── main.tf ├── 021_provider-gcp └── main.tf ├── 040_variable-and-outputs ├── aws_server │ └── main.tf └── main.tf ├── 050_resource-meta-arguements-depends-on └── main.tf ├── 051-resource-meta-arguments-count └── main.tf ├── 052-resource-meta-arguments-for-each └── main.tf ├── 053_resource-meta-arguments-alias └── main.tf ├── 054-resource-meta-arguments-lifecycle └── main.tf ├── 060_expressions ├── main.tf └── terraform.tfvars ├── 061_dynamic-blocks └── main.tf ├── 062_versions └── main.tf ├── 070_terraform_state ├── main.tf └── terraform.tfstate.1632100397.backup ├── 080_plan-and-apply ├── main.tf └── my_saved_plan.plan ├── 090_manage-resource-drift └── main.tf ├── 100_troubleshooting └── main.tf ├── 110_modules └── main.tf ├── 130_backends-standard-s3 ├── .gitignore ├── main.tf └── variables.tf ├── 131_backends-terraform_remote_state ├── project1 │ └── main.tf └── project2 │ ├── main.tf │ ├── terraform.tfvars │ └── variables.tf ├── 132__locking ├── main.tf └── variables.tf ├── 140_resources-and-complex-types └── main.tf ├── 150_built-in-functions └── main.tf ├── 180_sentinel └── sentinel_mocks │ ├── mock-tfconfig-v2.sentinel │ ├── mock-tfconfig.sentinel │ ├── mock-tfplan-v2.sentinel │ ├── mock-tfplan.sentinel │ ├── mock-tfrun.sentinel │ ├── mock-tfstate-v2.sentinel │ ├── mock-tfstate.sentinel │ └── sentinel.hcl ├── 190_packer ├── apache.pkr.hcl └── main.tf ├── 200_vault ├── Readme.md └── main.tf └── Readme.md /.gitignore: -------------------------------------------------------------------------------- 1 | .terraform/ 2 | .terraform.lock.hcl 3 | terraform.tfstate 4 | terraform.tfstate.backup 5 | terraform.log -------------------------------------------------------------------------------- /000_getting_started/aws.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "my_server" { 2 | ami = "ami-087c17d1fe0178315" 3 | instance_type = var.instance_type 4 | 5 | tags = { 6 | Name = "MyServer-${local.project_name}" 7 | } 8 | } 9 | 10 | /* 11 | module "vpc" { 12 | source = "terraform-aws-modules/vpc/aws" 13 | providers = { 14 | aws = aws.eu 15 | } 16 | 17 | name = "my-vpc" 18 | cidr = "10.0.0.0/16" 19 | 20 | azs = ["eu-west-1a", "eu-west-1b", "eu-west-1c"] 21 | private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] 22 | public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] 23 | 24 | enable_nat_gateway = true 25 | enable_vpn_gateway = true 26 | 27 | tags = { 28 | Terraform = "true" 29 | Environment = "dev" 30 | } 31 | } 32 | */ -------------------------------------------------------------------------------- /000_getting_started/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | #backend "remote" { 3 | # hostname = "app.terraform.io" 4 | # organization = "ExamPro" 5 | 6 | # workspaces { 7 | # name = "getting-started" 8 | # } 9 | #} 10 | cloud { 11 | hostname = "app.terraform.io" 12 | organization = "ExamPro" 13 | 14 | workspaces { 15 | name = "getting-started" 16 | } 17 | } 18 | 19 | required_providers { 20 | aws = { 21 | source = "hashicorp/aws" 22 | version = "~> 5.0" 23 | } 24 | } 25 | } 26 | 27 | locals { 28 | project_name = "Andrew" 29 | } -------------------------------------------------------------------------------- /000_getting_started/outputs.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = aws_instance.my_server.public_ip 3 | } -------------------------------------------------------------------------------- /000_getting_started/providers.tf: -------------------------------------------------------------------------------- 1 | 2 | 3 | provider "aws" { 4 | # profile = "default" 5 | region = "us-east-1" 6 | } 7 | 8 | provider "aws" { 9 | # profile = "default" 10 | region = "eu-west-1" 11 | alias = "eu" 12 | } 13 | -------------------------------------------------------------------------------- /000_getting_started/terraform.tfvars: -------------------------------------------------------------------------------- 1 | instance_type="t2.micro" -------------------------------------------------------------------------------- /000_getting_started/variables.tf: -------------------------------------------------------------------------------- 1 | variable "instance_type" { 2 | type = string 3 | } -------------------------------------------------------------------------------- /010_provisioners-cloud-init/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | /* 3 | backend "remote" { 4 | organization = "ExamPro" 5 | 6 | workspaces { 7 | name = "provisioners" 8 | } 9 | } 10 | */ 11 | required_providers { 12 | aws = { 13 | source = "hashicorp/aws" 14 | version = "3.59.0" 15 | } 16 | } 17 | } 18 | 19 | provider "aws" { 20 | region = "us-east-1" 21 | } 22 | 23 | data "aws_vpc" "main" { 24 | id = "vpc-bd9bdcc7" 25 | } 26 | 27 | 28 | resource "aws_security_group" "sg_my_server" { 29 | name = "sg_my_server" 30 | description = "MyServer Security Group" 31 | vpc_id = data.aws_vpc.main.id 32 | 33 | ingress = [ 34 | { 35 | description = "HTTP" 36 | from_port = 80 37 | to_port = 80 38 | protocol = "tcp" 39 | cidr_blocks = ["0.0.0.0/0"] 40 | ipv6_cidr_blocks = [] 41 | prefix_list_ids = [] 42 | security_groups = [] 43 | self = false 44 | }, 45 | { 46 | description = "SSH" 47 | from_port = 22 48 | to_port = 22 49 | protocol = "tcp" 50 | cidr_blocks = ["104.194.51.113/32"] 51 | ipv6_cidr_blocks = [] 52 | prefix_list_ids = [] 53 | security_groups = [] 54 | self = false 55 | } 56 | ] 57 | 58 | egress = [ 59 | { 60 | description = "outgoing traffic" 61 | from_port = 0 62 | to_port = 0 63 | protocol = "-1" 64 | cidr_blocks = ["0.0.0.0/0"] 65 | ipv6_cidr_blocks = ["::/0"] 66 | prefix_list_ids = [] 67 | security_groups = [] 68 | self = false 69 | } 70 | ] 71 | } 72 | 73 | resource "aws_key_pair" "deployer" { 74 | key_name = "deployer-key" 75 | public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdgyskPBKxTa4G8rIT76MP1zKfL4Xv9UBn/k/p7bEQYLPzhGQfdki3em2Hnh/wGzjeRJsRCCgezMnyirOizm3jXbob5F9QVBGbwn0cQMu1CW9Dx59ce+vJQtz9ezCAocko7W8oij3fr0npJWVQchxiR+yI5lm1PexaESYTTmz/ImzmeF2AJNRDqKR4xFrK9kM22GOm2kd7YYXIxpqDOMZ7j7v1HHU9v9CwgHCGbq0c09EshCXLx0GZ7r3BjRun8vQ9OxgVGIf62MQAUbMPKR0oq84X5oVv/2a4d79Bx46Ttj1xlzP8UHgWrUKHUbpFZ6AZEMMIsLOzoduLk8eCzNvPWH/SkaEoc2ww+7+Ii0fDyeycTHzewQtXxyyzNDyFrZj8b08c+Pg1h26PClMNajUF4eBO8+u4ZbcvsDMdXKimvYeRXXaFMciy6NcMCq0ZwtwvmLsId+pm9Gu1WS/QG3JmRYUSMzc1FPZG9DI2aI3ivG3HQEuYe25hhik6adw24lk= root@DESKTOP-J1KCQ03" 76 | } 77 | 78 | data "template_file" "user_data" { 79 | template = file("./userdata.yaml") 80 | } 81 | 82 | 83 | resource "aws_instance" "my_server" { 84 | ami = "ami-087c17d1fe0178315" 85 | instance_type = "t2.micro" 86 | key_name = "${aws_key_pair.deployer.key_name}" 87 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 88 | user_data = data.template_file.user_data.rendered 89 | provisioner "file" { 90 | content = "mars" 91 | destination = "/home/ec2-user/barsoon.txt" 92 | connection { 93 | type = "ssh" 94 | user = "ec2-user" 95 | host = "${self.public_ip}" 96 | private_key = "${file("/root/.ssh/terraform")}" 97 | } 98 | } 99 | 100 | tags = { 101 | Name = "MyServer" 102 | } 103 | } 104 | 105 | output "public_ip"{ 106 | value = aws_instance.my_server.public_ip 107 | } -------------------------------------------------------------------------------- /010_provisioners-cloud-init/private_ips.txt: -------------------------------------------------------------------------------- 1 | 172.31.86.10 2 | -------------------------------------------------------------------------------- /010_provisioners-cloud-init/userdata.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | runcmd: 5 | - systemctl start httpd 6 | - sudo systemctl enable httpd -------------------------------------------------------------------------------- /011_provisioners-local-exec/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.59.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | region = "us-east-1" 12 | } 13 | 14 | data "aws_vpc" "main" { 15 | id = "vpc-bd9bdcc7" 16 | } 17 | 18 | 19 | resource "aws_security_group" "sg_my_server" { 20 | name = "sg_my_server" 21 | description = "MyServer Security Group" 22 | vpc_id = data.aws_vpc.main.id 23 | 24 | ingress = [ 25 | { 26 | description = "HTTP" 27 | from_port = 80 28 | to_port = 80 29 | protocol = "tcp" 30 | cidr_blocks = ["0.0.0.0/0"] 31 | ipv6_cidr_blocks = [] 32 | prefix_list_ids = [] 33 | security_groups = [] 34 | self = false 35 | }, 36 | { 37 | description = "SSH" 38 | from_port = 22 39 | to_port = 22 40 | protocol = "tcp" 41 | cidr_blocks = ["104.194.51.113/32"] 42 | ipv6_cidr_blocks = [] 43 | prefix_list_ids = [] 44 | security_groups = [] 45 | self = false 46 | } 47 | ] 48 | 49 | egress = [ 50 | { 51 | description = "outgoing traffic" 52 | from_port = 0 53 | to_port = 0 54 | protocol = "-1" 55 | cidr_blocks = ["0.0.0.0/0"] 56 | ipv6_cidr_blocks = ["::/0"] 57 | prefix_list_ids = [] 58 | security_groups = [] 59 | self = false 60 | } 61 | ] 62 | } 63 | 64 | resource "aws_key_pair" "deployer" { 65 | key_name = "deployer-key" 66 | public_key = "YOUR_SSH_KEY" 67 | } 68 | 69 | data "template_file" "user_data" { 70 | template = file("./userdata.yaml") 71 | } 72 | 73 | 74 | resource "aws_instance" "my_server" { 75 | ami = "ami-087c17d1fe0178315" 76 | instance_type = "t2.micro" 77 | key_name = "${aws_key_pair.deployer.key_name}" 78 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 79 | user_data = data.template_file.user_data.rendered 80 | provisioner "local-exec" { 81 | command = "echo ${self.private_ip} >> private_ips.txt" 82 | } 83 | 84 | tags = { 85 | Name = "MyServer" 86 | } 87 | } 88 | 89 | output "public_ip"{ 90 | value = aws_instance.my_server.public_ip 91 | } -------------------------------------------------------------------------------- /012_provisioners-remote-exec/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.59.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | region = "us-east-1" 12 | } 13 | 14 | data "aws_vpc" "main" { 15 | id = "vpc-bd9bdcc7" 16 | } 17 | 18 | 19 | resource "aws_security_group" "sg_my_server" { 20 | name = "sg_my_server" 21 | description = "MyServer Security Group" 22 | vpc_id = data.aws_vpc.main.id 23 | 24 | ingress = [ 25 | { 26 | description = "HTTP" 27 | from_port = 80 28 | to_port = 80 29 | protocol = "tcp" 30 | cidr_blocks = ["0.0.0.0/0"] 31 | ipv6_cidr_blocks = [] 32 | prefix_list_ids = [] 33 | security_groups = [] 34 | self = false 35 | }, 36 | { 37 | description = "SSH" 38 | from_port = 22 39 | to_port = 22 40 | protocol = "tcp" 41 | cidr_blocks = ["104.194.51.113/32"] 42 | ipv6_cidr_blocks = [] 43 | prefix_list_ids = [] 44 | security_groups = [] 45 | self = false 46 | } 47 | ] 48 | 49 | egress = [ 50 | { 51 | description = "outgoing traffic" 52 | from_port = 0 53 | to_port = 0 54 | protocol = "-1" 55 | cidr_blocks = ["0.0.0.0/0"] 56 | ipv6_cidr_blocks = ["::/0"] 57 | prefix_list_ids = [] 58 | security_groups = [] 59 | self = false 60 | } 61 | ] 62 | } 63 | 64 | resource "aws_key_pair" "deployer" { 65 | key_name = "deployer-key" 66 | public_key = "YOUR_SSH_KEY" 67 | } 68 | 69 | data "template_file" "user_data" { 70 | template = file("./userdata.yaml") 71 | } 72 | 73 | 74 | resource "aws_instance" "my_server" { 75 | ami = "ami-087c17d1fe0178315" 76 | instance_type = "t2.micro" 77 | key_name = "${aws_key_pair.deployer.key_name}" 78 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 79 | user_data = data.template_file.user_data.rendered 80 | provisioner "remote-exec" { 81 | inline = [ 82 | "echo \"mars\" >> /home/ec2-user/barsoon/txt" 83 | ] 84 | connection { 85 | type = "ssh" 86 | user = "ec2-user" 87 | host = "${self.public_ip}" 88 | private_key = "${file("/root/.ssh/terraform")}" 89 | } 90 | } 91 | 92 | tags = { 93 | Name = "MyServer" 94 | } 95 | } 96 | 97 | output "public_ip"{ 98 | value = aws_instance.my_server.public_ip 99 | } -------------------------------------------------------------------------------- /013_provisioners-file/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.59.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | region = "us-east-1" 12 | } 13 | 14 | data "aws_vpc" "main" { 15 | id = "vpc-bd9bdcc7" 16 | } 17 | 18 | 19 | resource "aws_security_group" "sg_my_server" { 20 | name = "sg_my_server" 21 | description = "MyServer Security Group" 22 | vpc_id = data.aws_vpc.main.id 23 | 24 | ingress = [ 25 | { 26 | description = "HTTP" 27 | from_port = 80 28 | to_port = 80 29 | protocol = "tcp" 30 | cidr_blocks = ["0.0.0.0/0"] 31 | ipv6_cidr_blocks = [] 32 | prefix_list_ids = [] 33 | security_groups = [] 34 | self = false 35 | }, 36 | { 37 | description = "SSH" 38 | from_port = 22 39 | to_port = 22 40 | protocol = "tcp" 41 | cidr_blocks = ["104.194.51.113/32"] 42 | ipv6_cidr_blocks = [] 43 | prefix_list_ids = [] 44 | security_groups = [] 45 | self = false 46 | } 47 | ] 48 | 49 | egress = [ 50 | { 51 | description = "outgoing traffic" 52 | from_port = 0 53 | to_port = 0 54 | protocol = "-1" 55 | cidr_blocks = ["0.0.0.0/0"] 56 | ipv6_cidr_blocks = ["::/0"] 57 | prefix_list_ids = [] 58 | security_groups = [] 59 | self = false 60 | } 61 | ] 62 | } 63 | 64 | resource "aws_key_pair" "deployer" { 65 | key_name = "deployer-key" 66 | public_key = "YOUR_SSH_KEY" 67 | } 68 | 69 | data "template_file" "user_data" { 70 | template = file("./userdata.yaml") 71 | } 72 | 73 | 74 | resource "aws_instance" "my_server" { 75 | ami = "ami-087c17d1fe0178315" 76 | instance_type = "t2.micro" 77 | key_name = "${aws_key_pair.deployer.key_name}" 78 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 79 | user_data = data.template_file.user_data.rendered 80 | provisioner "file" { 81 | content = "mars" 82 | destination = "/home/ec2-user/barsoon.txt" 83 | connection { 84 | type = "ssh" 85 | user = "ec2-user" 86 | host = "${self.public_ip}" 87 | private_key = "${file("/root/.ssh/terraform")}" 88 | } 89 | } 90 | 91 | tags = { 92 | Name = "MyServer" 93 | } 94 | } 95 | 96 | output "public_ip"{ 97 | value = aws_instance.my_server.public_ip 98 | } -------------------------------------------------------------------------------- /014_provisioners-null-resource/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.59.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | region = "us-east-1" 12 | } 13 | 14 | data "aws_vpc" "main" { 15 | id = "vpc-bd9bdcc7" 16 | } 17 | 18 | 19 | resource "aws_security_group" "sg_my_server" { 20 | name = "sg_my_server" 21 | description = "MyServer Security Group" 22 | vpc_id = data.aws_vpc.main.id 23 | 24 | ingress = [ 25 | { 26 | description = "HTTP" 27 | from_port = 80 28 | to_port = 80 29 | protocol = "tcp" 30 | cidr_blocks = ["0.0.0.0/0"] 31 | ipv6_cidr_blocks = [] 32 | prefix_list_ids = [] 33 | security_groups = [] 34 | self = false 35 | }, 36 | { 37 | description = "SSH" 38 | from_port = 22 39 | to_port = 22 40 | protocol = "tcp" 41 | cidr_blocks = ["104.194.51.113/32"] 42 | ipv6_cidr_blocks = [] 43 | prefix_list_ids = [] 44 | security_groups = [] 45 | self = false 46 | } 47 | ] 48 | 49 | egress = [ 50 | { 51 | description = "outgoing traffic" 52 | from_port = 0 53 | to_port = 0 54 | protocol = "-1" 55 | cidr_blocks = ["0.0.0.0/0"] 56 | ipv6_cidr_blocks = ["::/0"] 57 | prefix_list_ids = [] 58 | security_groups = [] 59 | self = false 60 | } 61 | ] 62 | } 63 | 64 | resource "aws_key_pair" "deployer" { 65 | key_name = "deployer-key" 66 | public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdgyskPBKxTa4G8rIT76MP1zKfL4Xv9UBn/k/p7bEQYLPzhGQfdki3em2Hnh/wGzjeRJsRCCgezMnyirOizm3jXbob5F9QVBGbwn0cQMu1CW9Dx59ce+vJQtz9ezCAocko7W8oij3fr0npJWVQchxiR+yI5lm1PexaESYTTmz/ImzmeF2AJNRDqKR4xFrK9kM22GOm2kd7YYXIxpqDOMZ7j7v1HHU9v9CwgHCGbq0c09EshCXLx0GZ7r3BjRun8vQ9OxgVGIf62MQAUbMPKR0oq84X5oVv/2a4d79Bx46Ttj1xlzP8UHgWrUKHUbpFZ6AZEMMIsLOzoduLk8eCzNvPWH/SkaEoc2ww+7+Ii0fDyeycTHzewQtXxyyzNDyFrZj8b08c+Pg1h26PClMNajUF4eBO8+u4ZbcvsDMdXKimvYeRXXaFMciy6NcMCq0ZwtwvmLsId+pm9Gu1WS/QG3JmRYUSMzc1FPZG9DI2aI3ivG3HQEuYe25hhik6adw24lk= root@DESKTOP-J1KCQ03" 67 | } 68 | 69 | data "template_file" "user_data" { 70 | template = file("./userdata.yaml") 71 | } 72 | 73 | 74 | resource "aws_instance" "my_server" { 75 | ami = "ami-087c17d1fe0178315" 76 | instance_type = "t2.micro" 77 | key_name = "${aws_key_pair.deployer.key_name}" 78 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 79 | user_data = data.template_file.user_data.rendered 80 | provisioner "file" { 81 | content = "mars" 82 | destination = "/home/ec2-user/barsoon.txt" 83 | connection { 84 | type = "ssh" 85 | user = "ec2-user" 86 | host = "${self.public_ip}" 87 | private_key = "${file("/root/.ssh/terraform")}" 88 | } 89 | } 90 | 91 | 92 | 93 | tags = { 94 | Name = "MyServer" 95 | } 96 | } 97 | 98 | resource "null_resource" "status" { 99 | provisioner "local-exec" { 100 | command = "aws ec2 wait instance-status-ok --instance-ids ${aws_instance.my_server.id}" 101 | } 102 | depends_on = [ 103 | aws_instance.my_server 104 | ] 105 | } 106 | 107 | output "public_ip"{ 108 | value = aws_instance.my_server.public_ip 109 | } -------------------------------------------------------------------------------- /014_provisioners-null-resource/userdata.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | runcmd: 5 | - systemctl start httpd 6 | - sudo systemctl enable httpd -------------------------------------------------------------------------------- /015_provisioners-terraform-data/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 5.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | region = "us-east-1" 12 | } 13 | 14 | data "aws_vpc" "main" { 15 | id = "vpc-c3be22b9" 16 | } 17 | 18 | 19 | resource "aws_security_group" "sg_my_server" { 20 | name = "sg_my_server" 21 | description = "MyServer Security Group" 22 | vpc_id = data.aws_vpc.main.id 23 | 24 | ingress = [ 25 | { 26 | description = "HTTP" 27 | from_port = 80 28 | to_port = 80 29 | protocol = "tcp" 30 | cidr_blocks = ["0.0.0.0/0"] 31 | ipv6_cidr_blocks = [] 32 | prefix_list_ids = [] 33 | security_groups = [] 34 | self = false 35 | }, 36 | { 37 | description = "SSH" 38 | from_port = 22 39 | to_port = 22 40 | protocol = "tcp" 41 | cidr_blocks = ["174.5.116.22/32"] 42 | ipv6_cidr_blocks = [] 43 | prefix_list_ids = [] 44 | security_groups = [] 45 | self = false 46 | } 47 | ] 48 | 49 | egress = [ 50 | { 51 | description = "outgoing traffic" 52 | from_port = 0 53 | to_port = 0 54 | protocol = "-1" 55 | cidr_blocks = ["0.0.0.0/0"] 56 | ipv6_cidr_blocks = ["::/0"] 57 | prefix_list_ids = [] 58 | security_groups = [] 59 | self = false 60 | } 61 | ] 62 | } 63 | 64 | resource "aws_key_pair" "deployer" { 65 | key_name = "deployer-key" 66 | public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDYEYsmIn73rDKorEofqKWf6deW69msWWoKZdh9h+VOhagT9PS1KCNPp7Nyogj1b+6I6SohZwu7GqSDBChCKI72scGXljFNYNrjpE4oy/K4UHqDTIYWJ+c4GSxr6Qul8i68nb31F0pOb/pknN0mztWrZIhDOpjrxmPZ5ibNvBrm1trvSWyNy4+cZXXaZjtko4dcoyj/38N+GWjGu2ZnkYzfYB3cFV2x+TGiX3EDm7KHd8AA3CpBDsaSXg1OZ456OA6jW5bBRcSHeAaN6YAiLlzj1WbI6yS3KrVL7HafNBovCv2mGYMOqCkGshiLDbOpi0LmAYqYA4VAkvPeLlWtttPXjDNXQZ1wroZVb32fPOpBZfJ2pU2xsj+DDq79Y/FbU87kViz24fen+ah/WkBaZJl+veX741gkwplNQw6/edWPqse0xH6Rga+a6ZHuIJl+2HnXb3EeZSCz3VBFCZHk00FdUBsfLB7kXKbT6ujodIBcCaH3uw+lPfyN3xdrv5ZFep8= andrew@DESKTOP-1LHO517" 67 | } 68 | 69 | data "template_file" "user_data" { 70 | template = file("./userdata.yaml") 71 | } 72 | 73 | 74 | resource "aws_instance" "my_server" { 75 | ami = "ami-087c17d1fe0178315" 76 | instance_type = "t3.micro" 77 | key_name = "${aws_key_pair.deployer.key_name}" 78 | vpc_security_group_ids = [aws_security_group.sg_my_server.id] 79 | user_data = data.template_file.user_data.rendered 80 | provisioner "file" { 81 | content = "mars" 82 | destination = "/home/ec2-user/barsoon.txt" 83 | connection { 84 | type = "ssh" 85 | user = "ec2-user" 86 | host = "${self.public_ip}" 87 | private_key = "${file("/home/andrew/.ssh/terraform")}" 88 | } 89 | } 90 | 91 | 92 | 93 | tags = { 94 | Name = "MyServer" 95 | } 96 | } 97 | 98 | resource "terraform_data" "status" { 99 | provisioner "local-exec" { 100 | command = "aws ec2 wait instance-status-ok --instance-ids ${aws_instance.my_server.id}" 101 | } 102 | depends_on = [ 103 | aws_instance.my_server 104 | ] 105 | } 106 | 107 | output "public_ip"{ 108 | value = aws_instance.my_server.public_ip 109 | } -------------------------------------------------------------------------------- /015_provisioners-terraform-data/userdata.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | packages: 3 | - httpd 4 | runcmd: 5 | - systemctl start httpd 6 | - sudo systemctl enable httpd -------------------------------------------------------------------------------- /020_providers-azure/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | azurerm = { 4 | source = "hashicorp/azurerm" 5 | version = "2.77.0" 6 | } 7 | } 8 | } 9 | 10 | provider "azurerm" { 11 | features {} 12 | } 13 | 14 | resource "azurerm_resource_group" "terraform_azure_providers" { 15 | name = "terraform_azure_providers" 16 | location = "East US" 17 | } 18 | 19 | module "linuxservers" { 20 | source = "Azure/compute/azurerm" 21 | resource_group_name = azurerm_resource_group.terraform_azure_providers.name 22 | vm_os_simple = "UbuntuServer" 23 | public_ip_dns = ["linsimplevmips"] // change to a unique name per datacenter region 24 | vnet_subnet_id = module.network.vnet_subnets[0] 25 | vm_size = "Standard_B1ls" 26 | depends_on = [azurerm_resource_group.terraform_azure_providers] 27 | } 28 | 29 | module "network" { 30 | source = "Azure/network/azurerm" 31 | resource_group_name = azurerm_resource_group.terraform_azure_providers.name 32 | subnet_prefixes = ["10.0.1.0/24"] 33 | subnet_names = ["subnet1"] 34 | 35 | depends_on = [azurerm_resource_group.terraform_azure_providers] 36 | } 37 | 38 | output "linux_vm_public_name" { 39 | value = module.linuxservers.public_ip_dns_name 40 | } -------------------------------------------------------------------------------- /021_provider-gcp/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google" 5 | version = "3.84.0" 6 | } 7 | } 8 | } 9 | 10 | provider "google" { 11 | credentials = "terraform-gcp-example-326401-042e1f1dc62c.json" 12 | project = "terraform-gcp-example-326401" 13 | region = "us-central1" 14 | zone = "us-central1-c" 15 | } 16 | 17 | resource "google_compute_instance" "vm_instance" { 18 | name = "terraform-instance" 19 | machine_type = "e2-micro" 20 | 21 | boot_disk { 22 | initialize_params { 23 | image = "debian-cloud/debian-10" 24 | } 25 | } 26 | 27 | network_interface { 28 | network = "default" 29 | access_config { } 30 | } 31 | } -------------------------------------------------------------------------------- /040_variable-and-outputs/aws_server/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | variable "instance_type" { 11 | type = string 12 | description = "The size of the instance." 13 | #sensitive = true 14 | validation { 15 | condition = can(regex("^t2.",var.instance_type)) 16 | error_message = "The instance must be a t2 type EC2 instance." 17 | } 18 | } 19 | 20 | provider "aws" { 21 | profile = "default" 22 | region = "us-east-1" 23 | } 24 | 25 | data "aws_ami" "ubuntu" { 26 | most_recent = true 27 | 28 | filter { 29 | name = "name" 30 | values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"] 31 | } 32 | 33 | filter { 34 | name = "virtualization-type" 35 | values = ["hvm"] 36 | } 37 | 38 | owners = ["099720109477"] # Canonical 39 | } 40 | 41 | resource "aws_instance" "my_server" { 42 | ami = data.aws_ami.ubuntu.id 43 | instance_type = var.instance_type 44 | } 45 | 46 | output "public_ip" { 47 | value = aws_instance.my_server.public_ip 48 | } -------------------------------------------------------------------------------- /040_variable-and-outputs/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | } 3 | 4 | module "aws_server" { 5 | source = ".//aws_server" 6 | instance_type = "t2.micro" 7 | } 8 | 9 | output "public_ip" { 10 | value = module.aws_server.public_ip 11 | } -------------------------------------------------------------------------------- /050_resource-meta-arguements-depends-on/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | 15 | resource "aws_s3_bucket" "bucket" { 16 | bucket = "43802482094298-depends-on" 17 | } 18 | 19 | resource "aws_instance" "my_server" { 20 | ami = "ami-087c17d1fe0178315" 21 | instance_type = "t2.micro" 22 | depends_on = [ 23 | aws_s3_bucket.bucket 24 | ] 25 | } 26 | 27 | output "public_ip" { 28 | value = aws_instance.my_server.public_ip 29 | } -------------------------------------------------------------------------------- /051-resource-meta-arguments-count/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | count = 2 16 | ami = "ami-087c17d1fe0178315" 17 | instance_type = "t2.micro" 18 | tags = { 19 | Name = "Server-${count.index}" 20 | } 21 | } 22 | 23 | output "public_ip" { 24 | value = aws_instance.my_server[*].public_ip 25 | } -------------------------------------------------------------------------------- /052-resource-meta-arguments-for-each/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | for_each = { 16 | nano = "t2.nano" 17 | micro = "t2.micro" 18 | small = "t2.small" 19 | } 20 | ami = "ami-087c17d1fe0178315" 21 | instance_type = each.value 22 | tags = { 23 | Name = "Server-${each.key}" 24 | } 25 | } 26 | 27 | output "public_ip" { 28 | value = values(aws_instance.my_server)[*].public_ip 29 | } -------------------------------------------------------------------------------- /053_resource-meta-arguments-alias/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | 15 | provider "aws" { 16 | profile = "default" 17 | region = "us-east-2" 18 | alias = "east" 19 | } 20 | 21 | provider "aws" { 22 | profile = "default" 23 | region = "us-west-1" 24 | alias = "west" 25 | } 26 | data "aws_ami" "east-amazon-linux-2" { 27 | provider = aws.east 28 | most_recent = true 29 | owners = ["amazon"] 30 | filter { 31 | name = "owner-alias" 32 | values = ["amazon"] 33 | } 34 | filter { 35 | name = "name" 36 | values = ["amzn2-ami-hvm*"] 37 | } 38 | } 39 | 40 | data "aws_ami" "west-amazon-linux-2" { 41 | provider = aws.west 42 | most_recent = true 43 | owners = ["amazon"] 44 | filter { 45 | name = "owner-alias" 46 | values = ["amazon"] 47 | } 48 | filter { 49 | name = "name" 50 | values = ["amzn2-ami-hvm*"] 51 | } 52 | } 53 | 54 | resource "aws_instance" "my_east_server" { 55 | ami = "${data.aws_ami.east-amazon-linux-2.id}" 56 | instance_type = "t2.micro" 57 | provider = aws.east 58 | tags = { 59 | Name = "Server-East" 60 | } 61 | } 62 | 63 | resource "aws_instance" "my_west_server" { 64 | ami = "${data.aws_ami.west-amazon-linux-2.id}" 65 | instance_type = "t2.micro" 66 | provider = aws.west 67 | tags = { 68 | Name = "Server-West" 69 | } 70 | } 71 | 72 | output "east_public_ip" { 73 | value = aws_instance.my_east_server.public_ip 74 | } 75 | output "west_public_ip" { 76 | value = aws_instance.my_west_server.public_ip 77 | } -------------------------------------------------------------------------------- /054-resource-meta-arguments-lifecycle/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | ami = "ami-087c17d1fe0178315" 16 | instance_type = "t2.micro" 17 | tags = { 18 | Name = "My-Server" 19 | } 20 | lifecycle { 21 | prevent_destroy = false 22 | } 23 | } 24 | 25 | output "public_ip" { 26 | value = aws_instance.my_server.public_ip 27 | } -------------------------------------------------------------------------------- /060_expressions/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | 3 | } 4 | 5 | variable "worlds" { 6 | type = list 7 | } 8 | 9 | variable "worlds_map" { 10 | type = map 11 | } 12 | 13 | variable "worlds_splat" { 14 | type = list 15 | } -------------------------------------------------------------------------------- /060_expressions/terraform.tfvars: -------------------------------------------------------------------------------- 1 | worlds=["barsoon","jasoom","sasoom","cosoom"] 2 | worlds_map={ 3 | "barsoon": "mars", 4 | "jasoom": "earth", 5 | "sasoom": "jupiter", 6 | "cosoom": "venus" 7 | } 8 | worlds_splat=[ 9 | {mars_name: "barsoon", earth_name: "mars"}, 10 | {mars_name: "jasoom", earth_name: "earth"}, 11 | {mars_name: "sasoom", earth_name: "jupiter"}, 12 | {mars_name:"cosoom", earth_name: "venus" } 13 | ] -------------------------------------------------------------------------------- /061_dynamic-blocks/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.59.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | 15 | data "aws_vpc" "main" { 16 | id = "vpc-bd9bdcc7" 17 | } 18 | 19 | locals { 20 | ingress = [{ 21 | port = 443 22 | description = "Port 443" 23 | protocol = "tcp" 24 | }, 25 | { 26 | port = 80 27 | description = "Port 80" 28 | protocol = "tcp" 29 | }] 30 | } 31 | 32 | resource "aws_security_group" "allow_tls" { 33 | name = "allow_tls" 34 | description = "Allow TLS inbound traffic" 35 | vpc_id = data.aws_vpc.main.id 36 | 37 | dynamic "ingress" { 38 | for_each = local.ingress 39 | content { 40 | description = ingress.value.description 41 | from_port = ingress.value.port 42 | to_port = ingress.value.port 43 | protocol = ingress.value.protocol 44 | cidr_blocks = [data.aws_vpc.main.cidr_block] 45 | ipv6_cidr_blocks = [] 46 | prefix_list_ids = [] 47 | security_groups = [] 48 | self = false 49 | } 50 | } 51 | 52 | egress = [ 53 | { 54 | description = "outgoing for everyone" 55 | from_port = 0 56 | to_port = 0 57 | protocol = "-1" 58 | cidr_blocks = ["0.0.0.0/0"] 59 | ipv6_cidr_blocks = [] 60 | prefix_list_ids = [] 61 | security_groups = [] 62 | self = false 63 | } 64 | ] 65 | } -------------------------------------------------------------------------------- /062_versions/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = ">= 3.59.0" 6 | } 7 | } 8 | 9 | required_version = ">= 1.0.0" 10 | } -------------------------------------------------------------------------------- /070_terraform_state/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "our_server" { 15 | ami = "ami-087c17d1fe0178315" 16 | instance_type = "t2.micro" 17 | tags = { 18 | Name = "MyServer" 19 | } 20 | } 21 | 22 | output "public_ip" { 23 | value = aws_instance.our_server[*].public_ip 24 | } -------------------------------------------------------------------------------- /070_terraform_state/terraform.tfstate.1632100397.backup: -------------------------------------------------------------------------------- 1 | { 2 | "version": 4, 3 | "terraform_version": "1.0.7", 4 | "serial": 2, 5 | "lineage": "01cda1b9-86d9-d59d-37ec-a9ea517c089d", 6 | "outputs": { 7 | "public_ip": { 8 | "value": [ 9 | "34.239.245.236" 10 | ], 11 | "type": [ 12 | "tuple", 13 | [ 14 | "string" 15 | ] 16 | ] 17 | } 18 | }, 19 | "resources": [ 20 | { 21 | "mode": "managed", 22 | "type": "aws_instance", 23 | "name": "my_server", 24 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 25 | "instances": [ 26 | { 27 | "schema_version": 1, 28 | "attributes": { 29 | "ami": "ami-087c17d1fe0178315", 30 | "arn": "arn:aws:ec2:us-east-1:318412259206:instance/i-07b33d6f3de454478", 31 | "associate_public_ip_address": true, 32 | "availability_zone": "us-east-1b", 33 | "capacity_reservation_specification": [ 34 | { 35 | "capacity_reservation_preference": "open", 36 | "capacity_reservation_target": [] 37 | } 38 | ], 39 | "cpu_core_count": 1, 40 | "cpu_threads_per_core": 1, 41 | "credit_specification": [ 42 | { 43 | "cpu_credits": "standard" 44 | } 45 | ], 46 | "disable_api_termination": false, 47 | "ebs_block_device": [], 48 | "ebs_optimized": false, 49 | "enclave_options": [ 50 | { 51 | "enabled": false 52 | } 53 | ], 54 | "ephemeral_block_device": [], 55 | "get_password_data": false, 56 | "hibernation": false, 57 | "host_id": null, 58 | "iam_instance_profile": "", 59 | "id": "i-07b33d6f3de454478", 60 | "instance_initiated_shutdown_behavior": "stop", 61 | "instance_state": "running", 62 | "instance_type": "t2.micro", 63 | "ipv6_address_count": 0, 64 | "ipv6_addresses": [], 65 | "key_name": "", 66 | "launch_template": [], 67 | "metadata_options": [ 68 | { 69 | "http_endpoint": "enabled", 70 | "http_put_response_hop_limit": 1, 71 | "http_tokens": "optional" 72 | } 73 | ], 74 | "monitoring": false, 75 | "network_interface": [], 76 | "outpost_arn": "", 77 | "password_data": "", 78 | "placement_group": "", 79 | "primary_network_interface_id": "eni-0df10640eb716499a", 80 | "private_dns": "ip-172-31-26-248.ec2.internal", 81 | "private_ip": "172.31.26.248", 82 | "public_dns": "ec2-34-239-245-236.compute-1.amazonaws.com", 83 | "public_ip": "34.239.245.236", 84 | "root_block_device": [ 85 | { 86 | "delete_on_termination": true, 87 | "device_name": "/dev/xvda", 88 | "encrypted": false, 89 | "iops": 100, 90 | "kms_key_id": "", 91 | "tags": {}, 92 | "throughput": 0, 93 | "volume_id": "vol-08196aa3e56b5c491", 94 | "volume_size": 8, 95 | "volume_type": "gp2" 96 | } 97 | ], 98 | "secondary_private_ips": [], 99 | "security_groups": [ 100 | "default" 101 | ], 102 | "source_dest_check": true, 103 | "subnet_id": "subnet-30aa507d", 104 | "tags": { 105 | "Name": "MyServer" 106 | }, 107 | "tags_all": { 108 | "Name": "MyServer" 109 | }, 110 | "tenancy": "default", 111 | "timeouts": null, 112 | "user_data": null, 113 | "user_data_base64": null, 114 | "volume_tags": null, 115 | "vpc_security_group_ids": [ 116 | "sg-2198be7f" 117 | ] 118 | }, 119 | "sensitive_attributes": [], 120 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" 121 | } 122 | ] 123 | } 124 | ] 125 | } 126 | -------------------------------------------------------------------------------- /080_plan-and-apply/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | ami = "ami-087c17d1fe0178315" 16 | instance_type = "t2.micro" 17 | tags = { 18 | Name = "MyServer" 19 | } 20 | } 21 | 22 | output "public_ip" { 23 | value = aws_instance.my_server.public_ip 24 | } -------------------------------------------------------------------------------- /080_plan-and-apply/my_saved_plan.plan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ExamProCo/Terraform-Associate-Labs/9edaa82b5ca0d5d91d4b774476d090d04a6b4ea2/080_plan-and-apply/my_saved_plan.plan -------------------------------------------------------------------------------- /090_manage-resource-drift/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | ami = "ami-087c17d1fe0178315" 16 | instance_type = "t2.micro" 17 | tags = { 18 | Name = "MyServer" 19 | } 20 | } 21 | 22 | resource "aws_s3_bucket" "bucket" { 23 | bucket = "my-new-bucket-421419084210" 24 | } 25 | 26 | output "public_ip" { 27 | value = aws_instance.my_server.public_ip 28 | } -------------------------------------------------------------------------------- /100_troubleshooting/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | resource "aws_instance" "my_server" { 15 | ami = "ami-087c17d1fe0178315" 16 | instance_type = "t2.micro" 17 | tags = { 18 | Name = "MyServer" 19 | } 20 | } 21 | 22 | output "public_ip" { 23 | value = aws_instance.my_server.public_ip 24 | } -------------------------------------------------------------------------------- /110_modules/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | 3 | } 4 | 5 | provider "aws" { 6 | region = "us-east-1" 7 | } 8 | 9 | module "apache" { 10 | source = ".//terraform-aws-apache-example" 11 | vpc_id = "vpc-bd9bdcc7" 12 | my_ip_with_cidr = "104.194.51.113/32" 13 | public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdgyskPBKxTa4G8rIT76MP1zKfL4Xv9UBn/k/p7bEQYLPzhGQfdki3em2Hnh/wGzjeRJsRCCgezMnyirOizm3jXbob5F9QVBGbwn0cQMu1CW9Dx59ce+vJQtz9ezCAocko7W8oij3fr0npJWVQchxiR+yI5lm1PexaESYTTmz/ImzmeF2AJNRDqKR4xFrK9kM22GOm2kd7YYXIxpqDOMZ7j7v1HHU9v9CwgHCGbq0c09EshCXLx0GZ7r3BjRun8vQ9OxgVGIf62MQAUbMPKR0oq84X5oVv/2a4d79Bx46Ttj1xlzP8UHgWrUKHUbpFZ6AZEMMIsLOzoduLk8eCzNvPWH/SkaEoc2ww+7+Ii0fDyeycTHzewQtXxyyzNDyFrZj8b08c+Pg1h26PClMNajUF4eBO8+u4ZbcvsDMdXKimvYeRXXaFMciy6NcMCq0ZwtwvmLsId+pm9Gu1WS/QG3JmRYUSMzc1FPZG9DI2aI3ivG3HQEuYe25hhik6adw24lk= root@DESKTOP-J1KCQ03" 14 | instance_type = "t2.micro" 15 | server_name = "Apache Example Server" 16 | } 17 | 18 | output "public_ip" { 19 | value = module.apache.public_ip 20 | } -------------------------------------------------------------------------------- /130_backends-standard-s3/.gitignore: -------------------------------------------------------------------------------- 1 | *.tfvars -------------------------------------------------------------------------------- /130_backends-standard-s3/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend "s3" { 3 | bucket = "terraform-backend-4329408" 4 | key = "terraform.tfstate" 5 | region = "us-east-1" 6 | dynamodb_table = "force-unlock-terraform" 7 | } 8 | } 9 | 10 | 11 | provider "aws" { 12 | region = "us-east-1" 13 | } 14 | 15 | resource "aws_s3_bucket" "bucket" { 16 | bucket = var.bucket 17 | } 18 | 19 | module "apache" { 20 | source = "ExamProCo/apache-example/aws" 21 | version = "1.1.0" 22 | vpc_id = var.vpc_id 23 | my_ip_with_cidr = var.my_ip_with_cidr 24 | public_key = var.public_key 25 | instance_type = var.instance_type 26 | server_name = var.server_name 27 | } 28 | 29 | output "public_ip" { 30 | value = module.apache.public_ip 31 | } -------------------------------------------------------------------------------- /130_backends-standard-s3/variables.tf: -------------------------------------------------------------------------------- 1 | variable "bucket" { 2 | type = string 3 | default = "320489324827429471210198" 4 | } 5 | 6 | variable "vpc_id" { 7 | type = string 8 | } 9 | 10 | variable "my_ip_with_cidr" { 11 | type = string 12 | } 13 | 14 | variable "public_key" { 15 | type = string 16 | } 17 | 18 | variable "instance_type" { 19 | type = string 20 | } 21 | 22 | variable "server_name" { 23 | type = string 24 | } 25 | 26 | variable "workspace_iam_roles" { 27 | default = { 28 | staging = "arn:aws:iam::STAGING-ACCOUNT-ID:role/Terraform" 29 | production = "arn:aws:iam::PRODUCTION-ACCOUNT-ID:role/Terraform" 30 | } 31 | } -------------------------------------------------------------------------------- /131_backends-terraform_remote_state/project1/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | 3 | } 4 | 5 | provider "aws" { 6 | profile = "default" 7 | region = "us-east-1" 8 | } 9 | 10 | module "vpc" { 11 | source = "terraform-aws-modules/vpc/aws" 12 | 13 | name = "my-terraform-vpc" 14 | cidr = "10.0.0.0/16" 15 | 16 | azs = ["us-east-1a", "us-east-1b", "us-east-1c"] 17 | private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] 18 | public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] 19 | 20 | enable_nat_gateway = false 21 | enable_vpn_gateway = false 22 | } 23 | 24 | output "vpc_id" { 25 | value = module.vpc.vpc_id 26 | description = "Module VPC ID" 27 | } -------------------------------------------------------------------------------- /131_backends-terraform_remote_state/project2/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | profile = "default" 3 | region = "us-east-1" 4 | } 5 | 6 | data "terraform_remote_state" "vpc" { 7 | backend = "local" 8 | config = { 9 | path = "../project1/terraform.tfstate" 10 | } 11 | } 12 | 13 | module "apache" { 14 | source = "../../110_modules/terraform-aws-apache-example" 15 | #version = "1.0.0" 16 | vpc_id = data.terraform_remote_state.vpc.outputs.vpc_id 17 | my_ip_with_cidr = var.my_ip_with_cidr 18 | public_key = var.public_key 19 | instance_type = var.instance_type 20 | server_name = var.server_name 21 | } 22 | 23 | output "public_ip" { 24 | value = module.apache.public_ip 25 | } -------------------------------------------------------------------------------- /131_backends-terraform_remote_state/project2/terraform.tfvars: -------------------------------------------------------------------------------- 1 | my_ip_with_cidr = "104.194.51.113/32" 2 | public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdgyskPBKxTa4G8rIT76MP1zKfL4Xv9UBn/k/p7bEQYLPzhGQfdki3em2Hnh/wGzjeRJsRCCgezMnyirOizm3jXbob5F9QVBGbwn0cQMu1CW9Dx59ce+vJQtz9ezCAocko7W8oij3fr0npJWVQchxiR+yI5lm1PexaESYTTmz/ImzmeF2AJNRDqKR4xFrK9kM22GOm2kd7YYXIxpqDOMZ7j7v1HHU9v9CwgHCGbq0c09EshCXLx0GZ7r3BjRun8vQ9OxgVGIf62MQAUbMPKR0oq84X5oVv/2a4d79Bx46Ttj1xlzP8UHgWrUKHUbpFZ6AZEMMIsLOzoduLk8eCzNvPWH/SkaEoc2ww+7+Ii0fDyeycTHzewQtXxyyzNDyFrZj8b08c+Pg1h26PClMNajUF4eBO8+u4ZbcvsDMdXKimvYeRXXaFMciy6NcMCq0ZwtwvmLsId+pm9Gu1WS/QG3JmRYUSMzc1FPZG9DI2aI3ivG3HQEuYe25hhik6adw24lk= root@DESKTOP-J1KCQ03" 3 | instance_type = "t2.micro" 4 | server_name = "Apache Example Server" -------------------------------------------------------------------------------- /131_backends-terraform_remote_state/project2/variables.tf: -------------------------------------------------------------------------------- 1 | variable "my_ip_with_cidr" { 2 | type = string 3 | } 4 | 5 | variable "public_key" { 6 | type = string 7 | } 8 | 9 | variable "instance_type" { 10 | type = string 11 | } 12 | 13 | variable "server_name" { 14 | type = string 15 | } -------------------------------------------------------------------------------- /132__locking/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend "remote" { 3 | organization = "ExamPro" 4 | 5 | workspaces { 6 | name = "force-unlocking" 7 | } 8 | } 9 | } 10 | 11 | provider "aws" { 12 | profile = "default" 13 | region = "us-east-1" 14 | } 15 | 16 | module "apache" { 17 | source = "ExamProCo/apache-example/aws" 18 | version = "1.1.0" 19 | vpc_id = var.vpc_id 20 | my_ip_with_cidr = var.my_ip_with_cidr 21 | public_key = var.public_key 22 | instance_type = var.instance_type 23 | server_name = var.server_name 24 | } 25 | 26 | output "public_ip" { 27 | value = module.apache.public_ip 28 | } -------------------------------------------------------------------------------- /132__locking/variables.tf: -------------------------------------------------------------------------------- 1 | variable "my_ip_with_cidr" { 2 | type = string 3 | } 4 | 5 | variable "public_key" { 6 | type = string 7 | } 8 | 9 | variable "instance_type" { 10 | type = string 11 | } 12 | 13 | variable "server_name" { 14 | type = string 15 | } 16 | 17 | variable "vpc_id" { 18 | type = string 19 | } -------------------------------------------------------------------------------- /140_resources-and-complex-types/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | 3 | } 4 | 5 | variable "planets" { 6 | type = list 7 | default = ["mars","earth","moon"] 8 | } 9 | 10 | variable "plans" { 11 | type = map 12 | default = { 13 | "PlanA" = "10 USD", 14 | "PlanB" = "50 USD", 15 | "PlanC" = "100 USD" 16 | } 17 | } 18 | 19 | variable "random" { 20 | type = tuple([string,number,bool]) 21 | default = ["hello",22,false] 22 | } 23 | 24 | variable "plan" { 25 | type = object({ 26 | PlanName = string 27 | PlanAmount = number 28 | }) 29 | 30 | default = { 31 | "PlanName" = "Basic", 32 | "PlanAmount" = 10 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /150_built-in-functions/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | 3 | } 4 | 5 | variable "str" { 6 | type = string 7 | default = "" 8 | } 9 | variable "items" { 10 | type = list 11 | default = [null,null,"","last"] 12 | } 13 | 14 | variable "stuff" { 15 | type = map 16 | default = { 17 | "hello" = "world", 18 | "goodbye" = "moon" 19 | } 20 | } -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfconfig-v2.sentinel: -------------------------------------------------------------------------------- 1 | import "strings" 2 | 3 | providers = { 4 | "aws": { 5 | "alias": "", 6 | "config": { 7 | "region": { 8 | "constant_value": "us-east-1", 9 | }, 10 | }, 11 | "module_address": "", 12 | "name": "aws", 13 | "provider_config_key": "aws", 14 | "version_constraint": "", 15 | }, 16 | "module.apache:aws": { 17 | "alias": "", 18 | "config": {}, 19 | "module_address": "module.apache", 20 | "name": "aws", 21 | "provider_config_key": "module.apache:aws", 22 | "version_constraint": ">= 2.59.0", 23 | }, 24 | } 25 | 26 | resources = { 27 | "aws_s3_bucket.bucket": { 28 | "address": "aws_s3_bucket.bucket", 29 | "config": { 30 | "bucket": { 31 | "references": [ 32 | "var.bucket", 33 | ], 34 | }, 35 | }, 36 | "count": {}, 37 | "depends_on": [], 38 | "for_each": {}, 39 | "mode": "managed", 40 | "module_address": "", 41 | "name": "bucket", 42 | "provider_config_key": "aws", 43 | "provisioners": [], 44 | "type": "aws_s3_bucket", 45 | }, 46 | "module.apache.aws_instance.my_server": { 47 | "address": "module.apache.aws_instance.my_server", 48 | "config": { 49 | "ami": { 50 | "references": [ 51 | "data.aws_ami.amazon-linux-2.id", 52 | "data.aws_ami.amazon-linux-2", 53 | ], 54 | }, 55 | "instance_type": { 56 | "references": [ 57 | "var.instance_type", 58 | ], 59 | }, 60 | "key_name": { 61 | "references": [ 62 | "aws_key_pair.deployer.key_name", 63 | "aws_key_pair.deployer", 64 | ], 65 | }, 66 | "tags": { 67 | "references": [ 68 | "var.server_name", 69 | ], 70 | }, 71 | "user_data": { 72 | "references": [ 73 | "data.template_file.user_data.rendered", 74 | "data.template_file.user_data", 75 | ], 76 | }, 77 | "vpc_security_group_ids": { 78 | "references": [ 79 | "aws_security_group.sg_my_server.id", 80 | "aws_security_group.sg_my_server", 81 | ], 82 | }, 83 | }, 84 | "count": {}, 85 | "depends_on": [], 86 | "for_each": {}, 87 | "mode": "managed", 88 | "module_address": "module.apache", 89 | "name": "my_server", 90 | "provider_config_key": "module.apache:aws", 91 | "provisioners": [], 92 | "type": "aws_instance", 93 | }, 94 | "module.apache.aws_key_pair.deployer": { 95 | "address": "module.apache.aws_key_pair.deployer", 96 | "config": { 97 | "key_name": { 98 | "constant_value": "deployer-key", 99 | }, 100 | "public_key": { 101 | "references": [ 102 | "var.public_key", 103 | ], 104 | }, 105 | }, 106 | "count": {}, 107 | "depends_on": [], 108 | "for_each": {}, 109 | "mode": "managed", 110 | "module_address": "module.apache", 111 | "name": "deployer", 112 | "provider_config_key": "module.apache:aws", 113 | "provisioners": [], 114 | "type": "aws_key_pair", 115 | }, 116 | "module.apache.aws_security_group.sg_my_server": { 117 | "address": "module.apache.aws_security_group.sg_my_server", 118 | "config": { 119 | "description": { 120 | "constant_value": "MyServer Security Group", 121 | }, 122 | "egress": { 123 | "constant_value": [ 124 | { 125 | "cidr_blocks": [ 126 | "0.0.0.0/0", 127 | ], 128 | "description": "outgoing traffic", 129 | "from_port": 0, 130 | "ipv6_cidr_blocks": [ 131 | "::/0", 132 | ], 133 | "prefix_list_ids": [], 134 | "protocol": "-1", 135 | "security_groups": [], 136 | "self": false, 137 | "to_port": 0, 138 | }, 139 | ], 140 | }, 141 | "ingress": { 142 | "references": [ 143 | "var.my_ip_with_cidr", 144 | ], 145 | }, 146 | "name": { 147 | "constant_value": "sg_my_server", 148 | }, 149 | "vpc_id": { 150 | "references": [ 151 | "data.aws_vpc.main.id", 152 | "data.aws_vpc.main", 153 | ], 154 | }, 155 | }, 156 | "count": {}, 157 | "depends_on": [], 158 | "for_each": {}, 159 | "mode": "managed", 160 | "module_address": "module.apache", 161 | "name": "sg_my_server", 162 | "provider_config_key": "module.apache:aws", 163 | "provisioners": [], 164 | "type": "aws_security_group", 165 | }, 166 | "module.apache.data.aws_ami.amazon-linux-2": { 167 | "address": "module.apache.data.aws_ami.amazon-linux-2", 168 | "config": { 169 | "filter": [ 170 | { 171 | "name": { 172 | "constant_value": "owner-alias", 173 | }, 174 | "values": { 175 | "constant_value": [ 176 | "amazon", 177 | ], 178 | }, 179 | }, 180 | { 181 | "name": { 182 | "constant_value": "name", 183 | }, 184 | "values": { 185 | "constant_value": [ 186 | "amzn2-ami-hvm*", 187 | ], 188 | }, 189 | }, 190 | ], 191 | "most_recent": { 192 | "constant_value": true, 193 | }, 194 | "owners": { 195 | "constant_value": [ 196 | "amazon", 197 | ], 198 | }, 199 | }, 200 | "count": {}, 201 | "depends_on": [], 202 | "for_each": {}, 203 | "mode": "data", 204 | "module_address": "module.apache", 205 | "name": "amazon-linux-2", 206 | "provider_config_key": "module.apache:aws", 207 | "provisioners": [], 208 | "type": "aws_ami", 209 | }, 210 | "module.apache.data.aws_vpc.main": { 211 | "address": "module.apache.data.aws_vpc.main", 212 | "config": { 213 | "id": { 214 | "references": [ 215 | "var.vpc_id", 216 | ], 217 | }, 218 | }, 219 | "count": {}, 220 | "depends_on": [], 221 | "for_each": {}, 222 | "mode": "data", 223 | "module_address": "module.apache", 224 | "name": "main", 225 | "provider_config_key": "module.apache:aws", 226 | "provisioners": [], 227 | "type": "aws_vpc", 228 | }, 229 | "module.apache.data.template_file.user_data": { 230 | "address": "module.apache.data.template_file.user_data", 231 | "config": { 232 | "template": { 233 | "references": [ 234 | "path.module", 235 | ], 236 | }, 237 | }, 238 | "count": {}, 239 | "depends_on": [], 240 | "for_each": {}, 241 | "mode": "data", 242 | "module_address": "module.apache", 243 | "name": "user_data", 244 | "provider_config_key": "module.apache:template", 245 | "provisioners": [], 246 | "type": "template_file", 247 | }, 248 | } 249 | 250 | provisioners = {} 251 | 252 | variables = { 253 | "bucket": { 254 | "default": "320489324827429471210198", 255 | "description": "", 256 | "module_address": "", 257 | "name": "bucket", 258 | }, 259 | "instance_type": { 260 | "default": null, 261 | "description": "", 262 | "module_address": "", 263 | "name": "instance_type", 264 | }, 265 | "module.apache:instance_type": { 266 | "default": "t2.micro", 267 | "description": "", 268 | "module_address": "module.apache", 269 | "name": "instance_type", 270 | }, 271 | "module.apache:my_ip_with_cidr": { 272 | "default": null, 273 | "description": "Provide your IP eg. 104.194.51.113/32", 274 | "module_address": "module.apache", 275 | "name": "my_ip_with_cidr", 276 | }, 277 | "module.apache:public_key": { 278 | "default": null, 279 | "description": "", 280 | "module_address": "module.apache", 281 | "name": "public_key", 282 | }, 283 | "module.apache:server_name": { 284 | "default": "Apache Example Server", 285 | "description": "", 286 | "module_address": "module.apache", 287 | "name": "server_name", 288 | }, 289 | "module.apache:vpc_id": { 290 | "default": null, 291 | "description": "", 292 | "module_address": "module.apache", 293 | "name": "vpc_id", 294 | }, 295 | "my_ip_with_cidr": { 296 | "default": null, 297 | "description": "", 298 | "module_address": "", 299 | "name": "my_ip_with_cidr", 300 | }, 301 | "public_key": { 302 | "default": null, 303 | "description": "", 304 | "module_address": "", 305 | "name": "public_key", 306 | }, 307 | "server_name": { 308 | "default": null, 309 | "description": "", 310 | "module_address": "", 311 | "name": "server_name", 312 | }, 313 | "vpc_id": { 314 | "default": null, 315 | "description": "", 316 | "module_address": "", 317 | "name": "vpc_id", 318 | }, 319 | } 320 | 321 | outputs = { 322 | "module.apache:public_ip": { 323 | "depends_on": [], 324 | "description": "", 325 | "module_address": "module.apache", 326 | "name": "public_ip", 327 | "sensitive": false, 328 | "value": { 329 | "references": [ 330 | "aws_instance.my_server.public_ip", 331 | "aws_instance.my_server", 332 | ], 333 | }, 334 | }, 335 | "public_ip": { 336 | "depends_on": [], 337 | "description": "", 338 | "module_address": "", 339 | "name": "public_ip", 340 | "sensitive": false, 341 | "value": { 342 | "references": [ 343 | "module.apache.public_ip", 344 | "module.apache", 345 | ], 346 | }, 347 | }, 348 | } 349 | 350 | module_calls = { 351 | "apache": { 352 | "config": { 353 | "instance_type": { 354 | "references": [ 355 | "var.instance_type", 356 | ], 357 | }, 358 | "my_ip_with_cidr": { 359 | "references": [ 360 | "var.my_ip_with_cidr", 361 | ], 362 | }, 363 | "public_key": { 364 | "references": [ 365 | "var.public_key", 366 | ], 367 | }, 368 | "server_name": { 369 | "references": [ 370 | "var.server_name", 371 | ], 372 | }, 373 | "vpc_id": { 374 | "references": [ 375 | "var.vpc_id", 376 | ], 377 | }, 378 | }, 379 | "count": {}, 380 | "depends_on": [], 381 | "for_each": {}, 382 | "module_address": "", 383 | "name": "apache", 384 | "source": "ExamProCo/apache-example/aws", 385 | "version_constraint": "1.0.0", 386 | }, 387 | } 388 | 389 | strip_index = func(addr) { 390 | s = strings.split(addr, ".") 391 | for s as i, v { 392 | s[i] = strings.split(v, "[")[0] 393 | } 394 | 395 | return strings.join(s, ".") 396 | } 397 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfconfig.sentinel: -------------------------------------------------------------------------------- 1 | import "strings" 2 | import "types" 3 | 4 | _modules = { 5 | "root": { 6 | "data": {}, 7 | "modules": { 8 | "apache": { 9 | "config": {}, 10 | "references": { 11 | "instance_type": [ 12 | "var.instance_type", 13 | ], 14 | "my_ip_with_cidr": [ 15 | "var.my_ip_with_cidr", 16 | ], 17 | "public_key": [ 18 | "var.public_key", 19 | ], 20 | "server_name": [ 21 | "var.server_name", 22 | ], 23 | "vpc_id": [ 24 | "var.vpc_id", 25 | ], 26 | }, 27 | "source": "ExamProCo/apache-example/aws", 28 | "version": "1.0.0", 29 | }, 30 | }, 31 | "outputs": { 32 | "public_ip": { 33 | "depends_on": [], 34 | "description": "", 35 | "references": [ 36 | "module.apache.public_ip", 37 | "module.apache", 38 | ], 39 | "sensitive": false, 40 | "value": undefined, 41 | }, 42 | }, 43 | "providers": { 44 | "aws": { 45 | "alias": { 46 | "": { 47 | "config": { 48 | "region": "us-east-1", 49 | }, 50 | "references": { 51 | "region": [], 52 | }, 53 | "version": "", 54 | }, 55 | }, 56 | "config": { 57 | "region": "us-east-1", 58 | }, 59 | "references": { 60 | "region": [], 61 | }, 62 | "version": "", 63 | }, 64 | }, 65 | "resources": { 66 | "aws_s3_bucket": { 67 | "bucket": { 68 | "config": {}, 69 | "provisioners": null, 70 | "references": { 71 | "bucket": [ 72 | "var.bucket", 73 | ], 74 | }, 75 | }, 76 | }, 77 | }, 78 | "variables": { 79 | "bucket": { 80 | "default": "320489324827429471210198", 81 | "description": "", 82 | }, 83 | "instance_type": { 84 | "default": null, 85 | "description": "", 86 | }, 87 | "my_ip_with_cidr": { 88 | "default": null, 89 | "description": "", 90 | }, 91 | "public_key": { 92 | "default": null, 93 | "description": "", 94 | }, 95 | "server_name": { 96 | "default": null, 97 | "description": "", 98 | }, 99 | "vpc_id": { 100 | "default": null, 101 | "description": "", 102 | }, 103 | }, 104 | }, 105 | 106 | "module.apache": { 107 | "data": { 108 | "aws_ami": { 109 | "amazon-linux-2": { 110 | "config": { 111 | "filter": [ 112 | { 113 | "name": "owner-alias", 114 | "values": [ 115 | "amazon", 116 | ], 117 | }, 118 | { 119 | "name": "name", 120 | "values": [ 121 | "amzn2-ami-hvm*", 122 | ], 123 | }, 124 | ], 125 | "most_recent": true, 126 | "owners": [ 127 | "amazon", 128 | ], 129 | }, 130 | "provisioners": null, 131 | "references": { 132 | "filter": [ 133 | { 134 | "name": [], 135 | "values": [], 136 | }, 137 | { 138 | "name": [], 139 | "values": [], 140 | }, 141 | ], 142 | "most_recent": [], 143 | "owners": [], 144 | }, 145 | }, 146 | }, 147 | "aws_vpc": { 148 | "main": { 149 | "config": {}, 150 | "provisioners": null, 151 | "references": { 152 | "id": [ 153 | "var.vpc_id", 154 | ], 155 | }, 156 | }, 157 | }, 158 | "template_file": { 159 | "user_data": { 160 | "config": {}, 161 | "provisioners": null, 162 | "references": { 163 | "template": [ 164 | "path.module", 165 | ], 166 | }, 167 | }, 168 | }, 169 | }, 170 | "modules": {}, 171 | "outputs": { 172 | "public_ip": { 173 | "depends_on": [], 174 | "description": "", 175 | "references": [ 176 | "aws_instance.my_server.public_ip", 177 | "aws_instance.my_server", 178 | ], 179 | "sensitive": false, 180 | "value": undefined, 181 | }, 182 | }, 183 | "providers": { 184 | "aws": { 185 | "alias": { 186 | "": { 187 | "config": {}, 188 | "references": {}, 189 | "version": ">= 2.59.0", 190 | }, 191 | }, 192 | "config": {}, 193 | "references": {}, 194 | "version": ">= 2.59.0", 195 | }, 196 | }, 197 | "resources": { 198 | "aws_instance": { 199 | "my_server": { 200 | "config": {}, 201 | "provisioners": null, 202 | "references": { 203 | "ami": [ 204 | "data.aws_ami.amazon-linux-2.id", 205 | "data.aws_ami.amazon-linux-2", 206 | ], 207 | "instance_type": [ 208 | "var.instance_type", 209 | ], 210 | "key_name": [ 211 | "aws_key_pair.deployer.key_name", 212 | "aws_key_pair.deployer", 213 | ], 214 | "tags": [ 215 | "var.server_name", 216 | ], 217 | "user_data": [ 218 | "data.template_file.user_data.rendered", 219 | "data.template_file.user_data", 220 | ], 221 | "vpc_security_group_ids": [ 222 | "aws_security_group.sg_my_server.id", 223 | "aws_security_group.sg_my_server", 224 | ], 225 | }, 226 | }, 227 | }, 228 | "aws_key_pair": { 229 | "deployer": { 230 | "config": { 231 | "key_name": "deployer-key", 232 | }, 233 | "provisioners": null, 234 | "references": { 235 | "key_name": [], 236 | "public_key": [ 237 | "var.public_key", 238 | ], 239 | }, 240 | }, 241 | }, 242 | "aws_security_group": { 243 | "sg_my_server": { 244 | "config": { 245 | "description": "MyServer Security Group", 246 | "egress": [ 247 | { 248 | "cidr_blocks": [ 249 | "0.0.0.0/0", 250 | ], 251 | "description": "outgoing traffic", 252 | "from_port": 0, 253 | "ipv6_cidr_blocks": [ 254 | "::/0", 255 | ], 256 | "prefix_list_ids": [], 257 | "protocol": "-1", 258 | "security_groups": [], 259 | "self": false, 260 | "to_port": 0, 261 | }, 262 | ], 263 | "name": "sg_my_server", 264 | }, 265 | "provisioners": null, 266 | "references": { 267 | "description": [], 268 | "egress": [], 269 | "ingress": [ 270 | "var.my_ip_with_cidr", 271 | ], 272 | "name": [], 273 | "vpc_id": [ 274 | "data.aws_vpc.main.id", 275 | "data.aws_vpc.main", 276 | ], 277 | }, 278 | }, 279 | }, 280 | }, 281 | "variables": { 282 | "instance_type": { 283 | "default": "t2.micro", 284 | "description": "", 285 | }, 286 | "my_ip_with_cidr": { 287 | "default": null, 288 | "description": "Provide your IP eg. 104.194.51.113/32", 289 | }, 290 | "public_key": { 291 | "default": null, 292 | "description": "", 293 | }, 294 | "server_name": { 295 | "default": "Apache Example Server", 296 | "description": "", 297 | }, 298 | "vpc_id": { 299 | "default": null, 300 | "description": "", 301 | }, 302 | }, 303 | }, 304 | } 305 | 306 | module_paths = [ 307 | [], 308 | [ 309 | "apache", 310 | ], 311 | ] 312 | 313 | module = func(path) { 314 | if types.type_of(path) is not "list" { 315 | error("expected list, got", types.type_of(path)) 316 | } 317 | 318 | if length(path) < 1 { 319 | return _modules.root 320 | } 321 | 322 | addr = [] 323 | for path as p { 324 | append(addr, "module") 325 | append(addr, p) 326 | } 327 | 328 | return _modules[strings.join(addr, ".")] 329 | } 330 | 331 | data = _modules.root.data 332 | modules = _modules.root.modules 333 | providers = _modules.root.providers 334 | resources = _modules.root.resources 335 | variables = _modules.root.variables 336 | outputs = _modules.root.outputs 337 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfplan-v2.sentinel: -------------------------------------------------------------------------------- 1 | terraform_version = "1.0.7" 2 | 3 | planned_values = { 4 | "outputs": { 5 | "public_ip": { 6 | "name": "public_ip", 7 | "sensitive": false, 8 | "value": undefined, 9 | }, 10 | }, 11 | "resources": { 12 | "aws_s3_bucket.bucket": { 13 | "address": "aws_s3_bucket.bucket", 14 | "depends_on": [], 15 | "deposed_key": "", 16 | "index": null, 17 | "mode": "managed", 18 | "module_address": "", 19 | "name": "bucket", 20 | "provider_name": "registry.terraform.io/hashicorp/aws", 21 | "tainted": false, 22 | "type": "aws_s3_bucket", 23 | "values": { 24 | "acl": "private", 25 | "bucket": "320489324827429471210198", 26 | "bucket_prefix": null, 27 | "cors_rule": [], 28 | "force_destroy": false, 29 | "grant": [], 30 | "lifecycle_rule": [], 31 | "logging": [], 32 | "object_lock_configuration": [], 33 | "policy": null, 34 | "replication_configuration": [], 35 | "server_side_encryption_configuration": [], 36 | "tags": null, 37 | "website": [], 38 | }, 39 | }, 40 | "module.apache.aws_instance.my_server": { 41 | "address": "module.apache.aws_instance.my_server", 42 | "depends_on": [], 43 | "deposed_key": "", 44 | "index": null, 45 | "mode": "managed", 46 | "module_address": "module.apache", 47 | "name": "my_server", 48 | "provider_name": "registry.terraform.io/hashicorp/aws", 49 | "tainted": false, 50 | "type": "aws_instance", 51 | "values": { 52 | "ami": "ami-087c17d1fe0178315", 53 | "credit_specification": [], 54 | "get_password_data": false, 55 | "hibernation": null, 56 | "iam_instance_profile": null, 57 | "instance_type": "t2.micro", 58 | "key_name": "deployer-key", 59 | "launch_template": [], 60 | "source_dest_check": true, 61 | "tags": { 62 | "Name": "Apache Example Server", 63 | }, 64 | "tags_all": { 65 | "Name": "Apache Example Server", 66 | }, 67 | "timeouts": null, 68 | "user_data": "10c4c258f99341835de2107a0595234329aba813", 69 | "volume_tags": null, 70 | }, 71 | }, 72 | "module.apache.aws_key_pair.deployer": { 73 | "address": "module.apache.aws_key_pair.deployer", 74 | "depends_on": [], 75 | "deposed_key": "", 76 | "index": null, 77 | "mode": "managed", 78 | "module_address": "module.apache", 79 | "name": "deployer", 80 | "provider_name": "registry.terraform.io/hashicorp/aws", 81 | "tainted": false, 82 | "type": "aws_key_pair", 83 | "values": { 84 | "key_name": "deployer-key", 85 | "key_name_prefix": null, 86 | "public_key": "REDACTED_SENSITIVE", 87 | "tags": null, 88 | }, 89 | }, 90 | "module.apache.aws_security_group.sg_my_server": { 91 | "address": "module.apache.aws_security_group.sg_my_server", 92 | "depends_on": [], 93 | "deposed_key": "", 94 | "index": null, 95 | "mode": "managed", 96 | "module_address": "module.apache", 97 | "name": "sg_my_server", 98 | "provider_name": "registry.terraform.io/hashicorp/aws", 99 | "tainted": false, 100 | "type": "aws_security_group", 101 | "values": { 102 | "description": "MyServer Security Group", 103 | "egress": [ 104 | { 105 | "cidr_blocks": [ 106 | "0.0.0.0/0", 107 | ], 108 | "description": "outgoing traffic", 109 | "from_port": 0, 110 | "ipv6_cidr_blocks": [ 111 | "::/0", 112 | ], 113 | "prefix_list_ids": [], 114 | "protocol": "-1", 115 | "security_groups": [], 116 | "self": false, 117 | "to_port": 0, 118 | }, 119 | ], 120 | "ingress": [ 121 | { 122 | "cidr_blocks": [ 123 | "0.0.0.0/0", 124 | ], 125 | "description": "HTTP", 126 | "from_port": 80, 127 | "ipv6_cidr_blocks": [], 128 | "prefix_list_ids": [], 129 | "protocol": "tcp", 130 | "security_groups": [], 131 | "self": false, 132 | "to_port": 80, 133 | }, 134 | { 135 | "cidr_blocks": [ 136 | "104.194.51.113/32", 137 | ], 138 | "description": "SSH", 139 | "from_port": 22, 140 | "ipv6_cidr_blocks": [], 141 | "prefix_list_ids": [], 142 | "protocol": "tcp", 143 | "security_groups": [], 144 | "self": false, 145 | "to_port": 22, 146 | }, 147 | ], 148 | "name": "sg_my_server", 149 | "revoke_rules_on_delete": false, 150 | "tags": null, 151 | "timeouts": null, 152 | "vpc_id": "vpc-bd9bdcc7", 153 | }, 154 | }, 155 | }, 156 | } 157 | 158 | variables = { 159 | "bucket": { 160 | "name": "bucket", 161 | "value": "320489324827429471210198", 162 | }, 163 | "instance_type": { 164 | "name": "instance_type", 165 | "value": "t2.micro", 166 | }, 167 | "my_ip_with_cidr": { 168 | "name": "my_ip_with_cidr", 169 | "value": "104.194.51.113/32", 170 | }, 171 | "public_key": { 172 | "name": "public_key", 173 | "value": "REDACTED_SENSITIVE", 174 | }, 175 | "server_name": { 176 | "name": "server_name", 177 | "value": "Apache Example Server", 178 | }, 179 | "vpc_id": { 180 | "name": "vpc_id", 181 | "value": "vpc-bd9bdcc7", 182 | }, 183 | } 184 | 185 | resource_changes = { 186 | "aws_s3_bucket.bucket": { 187 | "address": "aws_s3_bucket.bucket", 188 | "change": { 189 | "actions": [ 190 | "create", 191 | ], 192 | "after": { 193 | "acl": "private", 194 | "bucket": "320489324827429471210198", 195 | "bucket_prefix": null, 196 | "cors_rule": [], 197 | "force_destroy": false, 198 | "grant": [], 199 | "lifecycle_rule": [], 200 | "logging": [], 201 | "object_lock_configuration": [], 202 | "policy": null, 203 | "replication_configuration": [], 204 | "server_side_encryption_configuration": [], 205 | "tags": null, 206 | "website": [], 207 | }, 208 | "after_unknown": { 209 | "acceleration_status": true, 210 | "arn": true, 211 | "bucket_domain_name": true, 212 | "bucket_regional_domain_name": true, 213 | "cors_rule": [], 214 | "grant": [], 215 | "hosted_zone_id": true, 216 | "id": true, 217 | "lifecycle_rule": [], 218 | "logging": [], 219 | "object_lock_configuration": [], 220 | "region": true, 221 | "replication_configuration": [], 222 | "request_payer": true, 223 | "server_side_encryption_configuration": [], 224 | "tags_all": true, 225 | "versioning": true, 226 | "website": [], 227 | "website_domain": true, 228 | "website_endpoint": true, 229 | }, 230 | "before": null, 231 | }, 232 | "deposed": "", 233 | "index": null, 234 | "mode": "managed", 235 | "module_address": "", 236 | "name": "bucket", 237 | "provider_name": "registry.terraform.io/hashicorp/aws", 238 | "type": "aws_s3_bucket", 239 | }, 240 | "module.apache.aws_instance.my_server": { 241 | "address": "module.apache.aws_instance.my_server", 242 | "change": { 243 | "actions": [ 244 | "create", 245 | ], 246 | "after": { 247 | "ami": "ami-087c17d1fe0178315", 248 | "credit_specification": [], 249 | "get_password_data": false, 250 | "hibernation": null, 251 | "iam_instance_profile": null, 252 | "instance_type": "t2.micro", 253 | "key_name": "deployer-key", 254 | "launch_template": [], 255 | "source_dest_check": true, 256 | "tags": { 257 | "Name": "Apache Example Server", 258 | }, 259 | "tags_all": { 260 | "Name": "Apache Example Server", 261 | }, 262 | "timeouts": null, 263 | "user_data": "10c4c258f99341835de2107a0595234329aba813", 264 | "volume_tags": null, 265 | }, 266 | "after_unknown": { 267 | "arn": true, 268 | "associate_public_ip_address": true, 269 | "availability_zone": true, 270 | "capacity_reservation_specification": true, 271 | "cpu_core_count": true, 272 | "cpu_threads_per_core": true, 273 | "credit_specification": [], 274 | "disable_api_termination": true, 275 | "ebs_block_device": true, 276 | "ebs_optimized": true, 277 | "enclave_options": true, 278 | "ephemeral_block_device": true, 279 | "host_id": true, 280 | "id": true, 281 | "instance_initiated_shutdown_behavior": true, 282 | "instance_state": true, 283 | "ipv6_address_count": true, 284 | "ipv6_addresses": true, 285 | "launch_template": [], 286 | "metadata_options": true, 287 | "monitoring": true, 288 | "network_interface": true, 289 | "outpost_arn": true, 290 | "password_data": true, 291 | "placement_group": true, 292 | "primary_network_interface_id": true, 293 | "private_dns": true, 294 | "private_ip": true, 295 | "public_dns": true, 296 | "public_ip": true, 297 | "root_block_device": true, 298 | "secondary_private_ips": true, 299 | "security_groups": true, 300 | "subnet_id": true, 301 | "tags": {}, 302 | "tags_all": {}, 303 | "tenancy": true, 304 | "user_data_base64": true, 305 | "vpc_security_group_ids": true, 306 | }, 307 | "before": null, 308 | }, 309 | "deposed": "", 310 | "index": null, 311 | "mode": "managed", 312 | "module_address": "module.apache", 313 | "name": "my_server", 314 | "provider_name": "registry.terraform.io/hashicorp/aws", 315 | "type": "aws_instance", 316 | }, 317 | "module.apache.aws_key_pair.deployer": { 318 | "address": "module.apache.aws_key_pair.deployer", 319 | "change": { 320 | "actions": [ 321 | "create", 322 | ], 323 | "after": { 324 | "key_name": "deployer-key", 325 | "key_name_prefix": null, 326 | "public_key": "REDACTED_SENSITIVE", 327 | "tags": null, 328 | }, 329 | "after_unknown": { 330 | "arn": true, 331 | "fingerprint": true, 332 | "id": true, 333 | "key_pair_id": true, 334 | "tags_all": true, 335 | }, 336 | "before": null, 337 | }, 338 | "deposed": "", 339 | "index": null, 340 | "mode": "managed", 341 | "module_address": "module.apache", 342 | "name": "deployer", 343 | "provider_name": "registry.terraform.io/hashicorp/aws", 344 | "type": "aws_key_pair", 345 | }, 346 | "module.apache.aws_security_group.sg_my_server": { 347 | "address": "module.apache.aws_security_group.sg_my_server", 348 | "change": { 349 | "actions": [ 350 | "create", 351 | ], 352 | "after": { 353 | "description": "MyServer Security Group", 354 | "egress": [ 355 | { 356 | "cidr_blocks": [ 357 | "0.0.0.0/0", 358 | ], 359 | "description": "outgoing traffic", 360 | "from_port": 0, 361 | "ipv6_cidr_blocks": [ 362 | "::/0", 363 | ], 364 | "prefix_list_ids": [], 365 | "protocol": "-1", 366 | "security_groups": [], 367 | "self": false, 368 | "to_port": 0, 369 | }, 370 | ], 371 | "ingress": [ 372 | { 373 | "cidr_blocks": [ 374 | "0.0.0.0/0", 375 | ], 376 | "description": "HTTP", 377 | "from_port": 80, 378 | "ipv6_cidr_blocks": [], 379 | "prefix_list_ids": [], 380 | "protocol": "tcp", 381 | "security_groups": [], 382 | "self": false, 383 | "to_port": 80, 384 | }, 385 | { 386 | "cidr_blocks": [ 387 | "104.194.51.113/32", 388 | ], 389 | "description": "SSH", 390 | "from_port": 22, 391 | "ipv6_cidr_blocks": [], 392 | "prefix_list_ids": [], 393 | "protocol": "tcp", 394 | "security_groups": [], 395 | "self": false, 396 | "to_port": 22, 397 | }, 398 | ], 399 | "name": "sg_my_server", 400 | "revoke_rules_on_delete": false, 401 | "tags": null, 402 | "timeouts": null, 403 | "vpc_id": "vpc-bd9bdcc7", 404 | }, 405 | "after_unknown": { 406 | "arn": true, 407 | "egress": [ 408 | { 409 | "cidr_blocks": [ 410 | false, 411 | ], 412 | "ipv6_cidr_blocks": [ 413 | false, 414 | ], 415 | "prefix_list_ids": [], 416 | "security_groups": [], 417 | }, 418 | ], 419 | "id": true, 420 | "ingress": [ 421 | { 422 | "cidr_blocks": [ 423 | false, 424 | ], 425 | "ipv6_cidr_blocks": [], 426 | "prefix_list_ids": [], 427 | "security_groups": [], 428 | }, 429 | { 430 | "cidr_blocks": [ 431 | false, 432 | ], 433 | "ipv6_cidr_blocks": [], 434 | "prefix_list_ids": [], 435 | "security_groups": [], 436 | }, 437 | ], 438 | "name_prefix": true, 439 | "owner_id": true, 440 | "tags_all": true, 441 | }, 442 | "before": null, 443 | }, 444 | "deposed": "", 445 | "index": null, 446 | "mode": "managed", 447 | "module_address": "module.apache", 448 | "name": "sg_my_server", 449 | "provider_name": "registry.terraform.io/hashicorp/aws", 450 | "type": "aws_security_group", 451 | }, 452 | } 453 | 454 | output_changes = { 455 | "public_ip": { 456 | "change": { 457 | "actions": [ 458 | "create", 459 | ], 460 | "after": undefined, 461 | "after_unknown": true, 462 | "before": null, 463 | }, 464 | "name": "public_ip", 465 | }, 466 | } 467 | 468 | raw = { 469 | "configuration": { 470 | "provider_config": { 471 | "aws": { 472 | "expressions": { 473 | "region": { 474 | "constant_value": "us-east-1", 475 | }, 476 | }, 477 | "name": "aws", 478 | }, 479 | "module.apache:aws": { 480 | "module_address": "module.apache", 481 | "name": "aws", 482 | "version_constraint": ">= 2.59.0", 483 | }, 484 | }, 485 | "root_module": { 486 | "module_calls": { 487 | "apache": { 488 | "expressions": { 489 | "instance_type": { 490 | "references": [ 491 | "var.instance_type", 492 | ], 493 | }, 494 | "my_ip_with_cidr": { 495 | "references": [ 496 | "var.my_ip_with_cidr", 497 | ], 498 | }, 499 | "public_key": { 500 | "references": [ 501 | "var.public_key", 502 | ], 503 | }, 504 | "server_name": { 505 | "references": [ 506 | "var.server_name", 507 | ], 508 | }, 509 | "vpc_id": { 510 | "references": [ 511 | "var.vpc_id", 512 | ], 513 | }, 514 | }, 515 | "module": { 516 | "outputs": { 517 | "public_ip": { 518 | "expression": { 519 | "references": [ 520 | "aws_instance.my_server.public_ip", 521 | "aws_instance.my_server", 522 | ], 523 | }, 524 | }, 525 | }, 526 | "resources": [ 527 | { 528 | "address": "aws_instance.my_server", 529 | "expressions": { 530 | "ami": { 531 | "references": [ 532 | "data.aws_ami.amazon-linux-2.id", 533 | "data.aws_ami.amazon-linux-2", 534 | ], 535 | }, 536 | "instance_type": { 537 | "references": [ 538 | "var.instance_type", 539 | ], 540 | }, 541 | "key_name": { 542 | "references": [ 543 | "aws_key_pair.deployer.key_name", 544 | "aws_key_pair.deployer", 545 | ], 546 | }, 547 | "tags": { 548 | "references": [ 549 | "var.server_name", 550 | ], 551 | }, 552 | "user_data": { 553 | "references": [ 554 | "data.template_file.user_data.rendered", 555 | "data.template_file.user_data", 556 | ], 557 | }, 558 | "vpc_security_group_ids": { 559 | "references": [ 560 | "aws_security_group.sg_my_server.id", 561 | "aws_security_group.sg_my_server", 562 | ], 563 | }, 564 | }, 565 | "mode": "managed", 566 | "name": "my_server", 567 | "provider_config_key": "apache:aws", 568 | "schema_version": 1, 569 | "type": "aws_instance", 570 | }, 571 | { 572 | "address": "aws_key_pair.deployer", 573 | "expressions": { 574 | "key_name": { 575 | "constant_value": "deployer-key", 576 | }, 577 | "public_key": { 578 | "references": [ 579 | "var.public_key", 580 | ], 581 | }, 582 | }, 583 | "mode": "managed", 584 | "name": "deployer", 585 | "provider_config_key": "apache:aws", 586 | "schema_version": 1, 587 | "type": "aws_key_pair", 588 | }, 589 | { 590 | "address": "aws_security_group.sg_my_server", 591 | "expressions": { 592 | "description": { 593 | "constant_value": "MyServer Security Group", 594 | }, 595 | "egress": { 596 | "constant_value": [ 597 | { 598 | "cidr_blocks": [ 599 | "0.0.0.0/0", 600 | ], 601 | "description": "outgoing traffic", 602 | "from_port": 0, 603 | "ipv6_cidr_blocks": [ 604 | "::/0", 605 | ], 606 | "prefix_list_ids": [], 607 | "protocol": "-1", 608 | "security_groups": [], 609 | "self": false, 610 | "to_port": 0, 611 | }, 612 | ], 613 | }, 614 | "ingress": { 615 | "references": [ 616 | "var.my_ip_with_cidr", 617 | ], 618 | }, 619 | "name": { 620 | "constant_value": "sg_my_server", 621 | }, 622 | "vpc_id": { 623 | "references": [ 624 | "data.aws_vpc.main.id", 625 | "data.aws_vpc.main", 626 | ], 627 | }, 628 | }, 629 | "mode": "managed", 630 | "name": "sg_my_server", 631 | "provider_config_key": "apache:aws", 632 | "schema_version": 1, 633 | "type": "aws_security_group", 634 | }, 635 | { 636 | "address": "data.aws_ami.amazon-linux-2", 637 | "expressions": { 638 | "filter": [ 639 | { 640 | "name": { 641 | "constant_value": "owner-alias", 642 | }, 643 | "values": { 644 | "constant_value": [ 645 | "amazon", 646 | ], 647 | }, 648 | }, 649 | { 650 | "name": { 651 | "constant_value": "name", 652 | }, 653 | "values": { 654 | "constant_value": [ 655 | "amzn2-ami-hvm*", 656 | ], 657 | }, 658 | }, 659 | ], 660 | "most_recent": { 661 | "constant_value": true, 662 | }, 663 | "owners": { 664 | "constant_value": [ 665 | "amazon", 666 | ], 667 | }, 668 | }, 669 | "mode": "data", 670 | "name": "amazon-linux-2", 671 | "provider_config_key": "apache:aws", 672 | "schema_version": 0, 673 | "type": "aws_ami", 674 | }, 675 | { 676 | "address": "data.aws_vpc.main", 677 | "expressions": { 678 | "id": { 679 | "references": [ 680 | "var.vpc_id", 681 | ], 682 | }, 683 | }, 684 | "mode": "data", 685 | "name": "main", 686 | "provider_config_key": "apache:aws", 687 | "schema_version": 0, 688 | "type": "aws_vpc", 689 | }, 690 | { 691 | "address": "data.template_file.user_data", 692 | "expressions": { 693 | "template": { 694 | "references": [ 695 | "path.module", 696 | ], 697 | }, 698 | }, 699 | "mode": "data", 700 | "name": "user_data", 701 | "provider_config_key": "apache:template", 702 | "schema_version": 0, 703 | "type": "template_file", 704 | }, 705 | ], 706 | "variables": { 707 | "instance_type": { 708 | "default": "t2.micro", 709 | }, 710 | "my_ip_with_cidr": { 711 | "description": "Provide your IP eg. 104.194.51.113/32", 712 | }, 713 | "public_key": {}, 714 | "server_name": { 715 | "default": "Apache Example Server", 716 | }, 717 | "vpc_id": {}, 718 | }, 719 | }, 720 | "source": "ExamProCo/apache-example/aws", 721 | "version_constraint": "1.0.0", 722 | }, 723 | }, 724 | "outputs": { 725 | "public_ip": { 726 | "expression": { 727 | "references": [ 728 | "module.apache.public_ip", 729 | "module.apache", 730 | ], 731 | }, 732 | }, 733 | }, 734 | "resources": [ 735 | { 736 | "address": "aws_s3_bucket.bucket", 737 | "expressions": { 738 | "bucket": { 739 | "references": [ 740 | "var.bucket", 741 | ], 742 | }, 743 | }, 744 | "mode": "managed", 745 | "name": "bucket", 746 | "provider_config_key": "aws", 747 | "schema_version": 0, 748 | "type": "aws_s3_bucket", 749 | }, 750 | ], 751 | "variables": { 752 | "bucket": { 753 | "default": "320489324827429471210198", 754 | }, 755 | "instance_type": {}, 756 | "my_ip_with_cidr": {}, 757 | "public_key": { 758 | "sensitive": true, 759 | }, 760 | "server_name": {}, 761 | "vpc_id": {}, 762 | }, 763 | }, 764 | }, 765 | "format_version": "0.2", 766 | "output_changes": { 767 | "public_ip": { 768 | "actions": [ 769 | "create", 770 | ], 771 | "after_sensitive": false, 772 | "after_unknown": true, 773 | "before": null, 774 | "before_sensitive": false, 775 | }, 776 | }, 777 | "planned_values": { 778 | "outputs": { 779 | "public_ip": { 780 | "sensitive": false, 781 | }, 782 | }, 783 | "root_module": { 784 | "child_modules": [ 785 | { 786 | "address": "module.apache", 787 | "resources": [ 788 | { 789 | "address": "module.apache.aws_instance.my_server", 790 | "mode": "managed", 791 | "name": "my_server", 792 | "provider_name": "registry.terraform.io/hashicorp/aws", 793 | "schema_version": 1, 794 | "sensitive_values": { 795 | "capacity_reservation_specification": [], 796 | "credit_specification": [], 797 | "ebs_block_device": [], 798 | "enclave_options": [], 799 | "ephemeral_block_device": [], 800 | "ipv6_addresses": [], 801 | "launch_template": [], 802 | "metadata_options": [], 803 | "network_interface": [], 804 | "root_block_device": [], 805 | "secondary_private_ips": [], 806 | "security_groups": [], 807 | "tags": {}, 808 | "tags_all": {}, 809 | "vpc_security_group_ids": [], 810 | }, 811 | "type": "aws_instance", 812 | "values": { 813 | "ami": "ami-087c17d1fe0178315", 814 | "credit_specification": [], 815 | "get_password_data": false, 816 | "hibernation": null, 817 | "iam_instance_profile": null, 818 | "instance_type": "t2.micro", 819 | "key_name": "deployer-key", 820 | "launch_template": [], 821 | "source_dest_check": true, 822 | "tags": { 823 | "Name": "Apache Example Server", 824 | }, 825 | "tags_all": { 826 | "Name": "Apache Example Server", 827 | }, 828 | "timeouts": null, 829 | "user_data": "10c4c258f99341835de2107a0595234329aba813", 830 | "volume_tags": null, 831 | }, 832 | }, 833 | { 834 | "address": "module.apache.aws_key_pair.deployer", 835 | "mode": "managed", 836 | "name": "deployer", 837 | "provider_name": "registry.terraform.io/hashicorp/aws", 838 | "schema_version": 1, 839 | "sensitive_values": { 840 | "public_key": true, 841 | "tags_all": {}, 842 | }, 843 | "type": "aws_key_pair", 844 | "values": { 845 | "key_name": "deployer-key", 846 | "key_name_prefix": null, 847 | "public_key": "REDACTED_SENSITIVE", 848 | "tags": null, 849 | }, 850 | }, 851 | { 852 | "address": "module.apache.aws_security_group.sg_my_server", 853 | "mode": "managed", 854 | "name": "sg_my_server", 855 | "provider_name": "registry.terraform.io/hashicorp/aws", 856 | "schema_version": 1, 857 | "sensitive_values": { 858 | "egress": [ 859 | { 860 | "cidr_blocks": [ 861 | false, 862 | ], 863 | "ipv6_cidr_blocks": [ 864 | false, 865 | ], 866 | "prefix_list_ids": [], 867 | "security_groups": [], 868 | }, 869 | ], 870 | "ingress": [ 871 | { 872 | "cidr_blocks": [ 873 | false, 874 | ], 875 | "ipv6_cidr_blocks": [], 876 | "prefix_list_ids": [], 877 | "security_groups": [], 878 | }, 879 | { 880 | "cidr_blocks": [ 881 | false, 882 | ], 883 | "ipv6_cidr_blocks": [], 884 | "prefix_list_ids": [], 885 | "security_groups": [], 886 | }, 887 | ], 888 | "tags_all": {}, 889 | }, 890 | "type": "aws_security_group", 891 | "values": { 892 | "description": "MyServer Security Group", 893 | "egress": [ 894 | { 895 | "cidr_blocks": [ 896 | "0.0.0.0/0", 897 | ], 898 | "description": "outgoing traffic", 899 | "from_port": 0, 900 | "ipv6_cidr_blocks": [ 901 | "::/0", 902 | ], 903 | "prefix_list_ids": [], 904 | "protocol": "-1", 905 | "security_groups": [], 906 | "self": false, 907 | "to_port": 0, 908 | }, 909 | ], 910 | "ingress": [ 911 | { 912 | "cidr_blocks": [ 913 | "0.0.0.0/0", 914 | ], 915 | "description": "HTTP", 916 | "from_port": 80, 917 | "ipv6_cidr_blocks": [], 918 | "prefix_list_ids": [], 919 | "protocol": "tcp", 920 | "security_groups": [], 921 | "self": false, 922 | "to_port": 80, 923 | }, 924 | { 925 | "cidr_blocks": [ 926 | "104.194.51.113/32", 927 | ], 928 | "description": "SSH", 929 | "from_port": 22, 930 | "ipv6_cidr_blocks": [], 931 | "prefix_list_ids": [], 932 | "protocol": "tcp", 933 | "security_groups": [], 934 | "self": false, 935 | "to_port": 22, 936 | }, 937 | ], 938 | "name": "sg_my_server", 939 | "revoke_rules_on_delete": false, 940 | "tags": null, 941 | "timeouts": null, 942 | "vpc_id": "vpc-bd9bdcc7", 943 | }, 944 | }, 945 | ], 946 | }, 947 | ], 948 | "resources": [ 949 | { 950 | "address": "aws_s3_bucket.bucket", 951 | "mode": "managed", 952 | "name": "bucket", 953 | "provider_name": "registry.terraform.io/hashicorp/aws", 954 | "schema_version": 0, 955 | "sensitive_values": { 956 | "cors_rule": [], 957 | "grant": [], 958 | "lifecycle_rule": [], 959 | "logging": [], 960 | "object_lock_configuration": [], 961 | "replication_configuration": [], 962 | "server_side_encryption_configuration": [], 963 | "tags_all": {}, 964 | "versioning": [], 965 | "website": [], 966 | }, 967 | "type": "aws_s3_bucket", 968 | "values": { 969 | "acl": "private", 970 | "bucket": "320489324827429471210198", 971 | "bucket_prefix": null, 972 | "cors_rule": [], 973 | "force_destroy": false, 974 | "grant": [], 975 | "lifecycle_rule": [], 976 | "logging": [], 977 | "object_lock_configuration": [], 978 | "policy": null, 979 | "replication_configuration": [], 980 | "server_side_encryption_configuration": [], 981 | "tags": null, 982 | "website": [], 983 | }, 984 | }, 985 | ], 986 | }, 987 | }, 988 | "prior_state": { 989 | "format_version": "0.2", 990 | "terraform_version": "1.0.7", 991 | "values": { 992 | "root_module": { 993 | "child_modules": [ 994 | { 995 | "address": "module.apache", 996 | "resources": [ 997 | { 998 | "address": "module.apache.data.aws_ami.amazon-linux-2", 999 | "mode": "data", 1000 | "name": "amazon-linux-2", 1001 | "provider_name": "registry.terraform.io/hashicorp/aws", 1002 | "schema_version": 0, 1003 | "sensitive_values": { 1004 | "block_device_mappings": [ 1005 | { 1006 | "ebs": {}, 1007 | }, 1008 | ], 1009 | "filter": [ 1010 | { 1011 | "values": [ 1012 | false, 1013 | ], 1014 | }, 1015 | { 1016 | "values": [ 1017 | false, 1018 | ], 1019 | }, 1020 | ], 1021 | "owners": [ 1022 | false, 1023 | ], 1024 | "product_codes": [], 1025 | "state_reason": {}, 1026 | "tags": {}, 1027 | }, 1028 | "type": "aws_ami", 1029 | "values": { 1030 | "architecture": "x86_64", 1031 | "arn": "arn:aws:ec2:us-east-1::image/ami-087c17d1fe0178315", 1032 | "block_device_mappings": [ 1033 | { 1034 | "device_name": "/dev/xvda", 1035 | "ebs": { 1036 | "delete_on_termination": "true", 1037 | "encrypted": "false", 1038 | "iops": "0", 1039 | "snapshot_id": "snap-0699a041095ac5492", 1040 | "throughput": "0", 1041 | "volume_size": "8", 1042 | "volume_type": "gp2", 1043 | }, 1044 | "no_device": "", 1045 | "virtual_name": "", 1046 | }, 1047 | ], 1048 | "creation_date": "2021-08-25T06:57:27.000Z", 1049 | "description": "Amazon Linux 2 AMI 2.0.20210813.1 x86_64 HVM gp2", 1050 | "ena_support": true, 1051 | "executable_users": null, 1052 | "filter": [ 1053 | { 1054 | "name": "name", 1055 | "values": [ 1056 | "amzn2-ami-hvm*", 1057 | ], 1058 | }, 1059 | { 1060 | "name": "owner-alias", 1061 | "values": [ 1062 | "amazon", 1063 | ], 1064 | }, 1065 | ], 1066 | "hypervisor": "xen", 1067 | "id": "ami-087c17d1fe0178315", 1068 | "image_id": "ami-087c17d1fe0178315", 1069 | "image_location": "amazon/amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 1070 | "image_owner_alias": "amazon", 1071 | "image_type": "machine", 1072 | "kernel_id": null, 1073 | "most_recent": true, 1074 | "name": "amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 1075 | "name_regex": null, 1076 | "owner_id": "137112412989", 1077 | "owners": [ 1078 | "amazon", 1079 | ], 1080 | "platform": null, 1081 | "platform_details": "Linux/UNIX", 1082 | "product_codes": [], 1083 | "public": true, 1084 | "ramdisk_id": null, 1085 | "root_device_name": "/dev/xvda", 1086 | "root_device_type": "ebs", 1087 | "root_snapshot_id": "snap-0699a041095ac5492", 1088 | "sriov_net_support": "simple", 1089 | "state": "available", 1090 | "state_reason": { 1091 | "code": "UNSET", 1092 | "message": "UNSET", 1093 | }, 1094 | "tags": {}, 1095 | "usage_operation": "RunInstances", 1096 | "virtualization_type": "hvm", 1097 | }, 1098 | }, 1099 | { 1100 | "address": "module.apache.data.aws_vpc.main", 1101 | "mode": "data", 1102 | "name": "main", 1103 | "provider_name": "registry.terraform.io/hashicorp/aws", 1104 | "schema_version": 0, 1105 | "sensitive_values": { 1106 | "cidr_block_associations": [ 1107 | {}, 1108 | ], 1109 | "tags": {}, 1110 | }, 1111 | "type": "aws_vpc", 1112 | "values": { 1113 | "arn": "arn:aws:ec2:us-east-1:318412259206:vpc/vpc-bd9bdcc7", 1114 | "cidr_block": "172.31.0.0/16", 1115 | "cidr_block_associations": [ 1116 | { 1117 | "association_id": "vpc-cidr-assoc-f5bfef99", 1118 | "cidr_block": "172.31.0.0/16", 1119 | "state": "associated", 1120 | }, 1121 | ], 1122 | "default": true, 1123 | "dhcp_options_id": "dopt-04cf2f7e", 1124 | "enable_dns_hostnames": true, 1125 | "enable_dns_support": true, 1126 | "filter": null, 1127 | "id": "vpc-bd9bdcc7", 1128 | "instance_tenancy": "default", 1129 | "ipv6_association_id": null, 1130 | "ipv6_cidr_block": null, 1131 | "main_route_table_id": "rtb-8922e0f7", 1132 | "owner_id": "318412259206", 1133 | "state": "available", 1134 | "tags": {}, 1135 | }, 1136 | }, 1137 | { 1138 | "address": "module.apache.data.template_file.user_data", 1139 | "mode": "data", 1140 | "name": "user_data", 1141 | "provider_name": "registry.terraform.io/hashicorp/template", 1142 | "schema_version": 0, 1143 | "sensitive_values": {}, 1144 | "type": "template_file", 1145 | "values": { 1146 | "filename": null, 1147 | "id": "6544751e306996908c68e0b0d21fe63b3db093fa9730b8828fbdc4d2eba46816", 1148 | "rendered": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 1149 | "template": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 1150 | "vars": null, 1151 | }, 1152 | }, 1153 | ], 1154 | }, 1155 | ], 1156 | }, 1157 | }, 1158 | }, 1159 | "resource_changes": [ 1160 | { 1161 | "address": "aws_s3_bucket.bucket", 1162 | "change": { 1163 | "actions": [ 1164 | "create", 1165 | ], 1166 | "after": { 1167 | "acl": "private", 1168 | "bucket": "320489324827429471210198", 1169 | "bucket_prefix": null, 1170 | "cors_rule": [], 1171 | "force_destroy": false, 1172 | "grant": [], 1173 | "lifecycle_rule": [], 1174 | "logging": [], 1175 | "object_lock_configuration": [], 1176 | "policy": null, 1177 | "replication_configuration": [], 1178 | "server_side_encryption_configuration": [], 1179 | "tags": null, 1180 | "website": [], 1181 | }, 1182 | "after_sensitive": { 1183 | "cors_rule": [], 1184 | "grant": [], 1185 | "lifecycle_rule": [], 1186 | "logging": [], 1187 | "object_lock_configuration": [], 1188 | "replication_configuration": [], 1189 | "server_side_encryption_configuration": [], 1190 | "tags_all": {}, 1191 | "versioning": [], 1192 | "website": [], 1193 | }, 1194 | "after_unknown": { 1195 | "acceleration_status": true, 1196 | "arn": true, 1197 | "bucket_domain_name": true, 1198 | "bucket_regional_domain_name": true, 1199 | "cors_rule": [], 1200 | "grant": [], 1201 | "hosted_zone_id": true, 1202 | "id": true, 1203 | "lifecycle_rule": [], 1204 | "logging": [], 1205 | "object_lock_configuration": [], 1206 | "region": true, 1207 | "replication_configuration": [], 1208 | "request_payer": true, 1209 | "server_side_encryption_configuration": [], 1210 | "tags_all": true, 1211 | "versioning": true, 1212 | "website": [], 1213 | "website_domain": true, 1214 | "website_endpoint": true, 1215 | }, 1216 | "before": null, 1217 | "before_sensitive": false, 1218 | }, 1219 | "mode": "managed", 1220 | "name": "bucket", 1221 | "provider_name": "registry.terraform.io/hashicorp/aws", 1222 | "type": "aws_s3_bucket", 1223 | }, 1224 | { 1225 | "address": "module.apache.aws_instance.my_server", 1226 | "change": { 1227 | "actions": [ 1228 | "create", 1229 | ], 1230 | "after": { 1231 | "ami": "ami-087c17d1fe0178315", 1232 | "credit_specification": [], 1233 | "get_password_data": false, 1234 | "hibernation": null, 1235 | "iam_instance_profile": null, 1236 | "instance_type": "t2.micro", 1237 | "key_name": "deployer-key", 1238 | "launch_template": [], 1239 | "source_dest_check": true, 1240 | "tags": { 1241 | "Name": "Apache Example Server", 1242 | }, 1243 | "tags_all": { 1244 | "Name": "Apache Example Server", 1245 | }, 1246 | "timeouts": null, 1247 | "user_data": "10c4c258f99341835de2107a0595234329aba813", 1248 | "volume_tags": null, 1249 | }, 1250 | "after_sensitive": { 1251 | "capacity_reservation_specification": [], 1252 | "credit_specification": [], 1253 | "ebs_block_device": [], 1254 | "enclave_options": [], 1255 | "ephemeral_block_device": [], 1256 | "ipv6_addresses": [], 1257 | "launch_template": [], 1258 | "metadata_options": [], 1259 | "network_interface": [], 1260 | "root_block_device": [], 1261 | "secondary_private_ips": [], 1262 | "security_groups": [], 1263 | "tags": {}, 1264 | "tags_all": {}, 1265 | "vpc_security_group_ids": [], 1266 | }, 1267 | "after_unknown": { 1268 | "arn": true, 1269 | "associate_public_ip_address": true, 1270 | "availability_zone": true, 1271 | "capacity_reservation_specification": true, 1272 | "cpu_core_count": true, 1273 | "cpu_threads_per_core": true, 1274 | "credit_specification": [], 1275 | "disable_api_termination": true, 1276 | "ebs_block_device": true, 1277 | "ebs_optimized": true, 1278 | "enclave_options": true, 1279 | "ephemeral_block_device": true, 1280 | "host_id": true, 1281 | "id": true, 1282 | "instance_initiated_shutdown_behavior": true, 1283 | "instance_state": true, 1284 | "ipv6_address_count": true, 1285 | "ipv6_addresses": true, 1286 | "launch_template": [], 1287 | "metadata_options": true, 1288 | "monitoring": true, 1289 | "network_interface": true, 1290 | "outpost_arn": true, 1291 | "password_data": true, 1292 | "placement_group": true, 1293 | "primary_network_interface_id": true, 1294 | "private_dns": true, 1295 | "private_ip": true, 1296 | "public_dns": true, 1297 | "public_ip": true, 1298 | "root_block_device": true, 1299 | "secondary_private_ips": true, 1300 | "security_groups": true, 1301 | "subnet_id": true, 1302 | "tags": {}, 1303 | "tags_all": {}, 1304 | "tenancy": true, 1305 | "user_data_base64": true, 1306 | "vpc_security_group_ids": true, 1307 | }, 1308 | "before": null, 1309 | "before_sensitive": false, 1310 | }, 1311 | "mode": "managed", 1312 | "module_address": "module.apache", 1313 | "name": "my_server", 1314 | "provider_name": "registry.terraform.io/hashicorp/aws", 1315 | "type": "aws_instance", 1316 | }, 1317 | { 1318 | "address": "module.apache.aws_key_pair.deployer", 1319 | "change": { 1320 | "actions": [ 1321 | "create", 1322 | ], 1323 | "after": { 1324 | "key_name": "deployer-key", 1325 | "key_name_prefix": null, 1326 | "public_key": "REDACTED_SENSITIVE", 1327 | "tags": null, 1328 | }, 1329 | "after_sensitive": { 1330 | "public_key": true, 1331 | "tags_all": {}, 1332 | }, 1333 | "after_unknown": { 1334 | "arn": true, 1335 | "fingerprint": true, 1336 | "id": true, 1337 | "key_pair_id": true, 1338 | "tags_all": true, 1339 | }, 1340 | "before": null, 1341 | "before_sensitive": false, 1342 | }, 1343 | "mode": "managed", 1344 | "module_address": "module.apache", 1345 | "name": "deployer", 1346 | "provider_name": "registry.terraform.io/hashicorp/aws", 1347 | "type": "aws_key_pair", 1348 | }, 1349 | { 1350 | "address": "module.apache.aws_security_group.sg_my_server", 1351 | "change": { 1352 | "actions": [ 1353 | "create", 1354 | ], 1355 | "after": { 1356 | "description": "MyServer Security Group", 1357 | "egress": [ 1358 | { 1359 | "cidr_blocks": [ 1360 | "0.0.0.0/0", 1361 | ], 1362 | "description": "outgoing traffic", 1363 | "from_port": 0, 1364 | "ipv6_cidr_blocks": [ 1365 | "::/0", 1366 | ], 1367 | "prefix_list_ids": [], 1368 | "protocol": "-1", 1369 | "security_groups": [], 1370 | "self": false, 1371 | "to_port": 0, 1372 | }, 1373 | ], 1374 | "ingress": [ 1375 | { 1376 | "cidr_blocks": [ 1377 | "0.0.0.0/0", 1378 | ], 1379 | "description": "HTTP", 1380 | "from_port": 80, 1381 | "ipv6_cidr_blocks": [], 1382 | "prefix_list_ids": [], 1383 | "protocol": "tcp", 1384 | "security_groups": [], 1385 | "self": false, 1386 | "to_port": 80, 1387 | }, 1388 | { 1389 | "cidr_blocks": [ 1390 | "104.194.51.113/32", 1391 | ], 1392 | "description": "SSH", 1393 | "from_port": 22, 1394 | "ipv6_cidr_blocks": [], 1395 | "prefix_list_ids": [], 1396 | "protocol": "tcp", 1397 | "security_groups": [], 1398 | "self": false, 1399 | "to_port": 22, 1400 | }, 1401 | ], 1402 | "name": "sg_my_server", 1403 | "revoke_rules_on_delete": false, 1404 | "tags": null, 1405 | "timeouts": null, 1406 | "vpc_id": "vpc-bd9bdcc7", 1407 | }, 1408 | "after_sensitive": { 1409 | "egress": [ 1410 | { 1411 | "cidr_blocks": [ 1412 | false, 1413 | ], 1414 | "ipv6_cidr_blocks": [ 1415 | false, 1416 | ], 1417 | "prefix_list_ids": [], 1418 | "security_groups": [], 1419 | }, 1420 | ], 1421 | "ingress": [ 1422 | { 1423 | "cidr_blocks": [ 1424 | false, 1425 | ], 1426 | "ipv6_cidr_blocks": [], 1427 | "prefix_list_ids": [], 1428 | "security_groups": [], 1429 | }, 1430 | { 1431 | "cidr_blocks": [ 1432 | false, 1433 | ], 1434 | "ipv6_cidr_blocks": [], 1435 | "prefix_list_ids": [], 1436 | "security_groups": [], 1437 | }, 1438 | ], 1439 | "tags_all": {}, 1440 | }, 1441 | "after_unknown": { 1442 | "arn": true, 1443 | "egress": [ 1444 | { 1445 | "cidr_blocks": [ 1446 | false, 1447 | ], 1448 | "ipv6_cidr_blocks": [ 1449 | false, 1450 | ], 1451 | "prefix_list_ids": [], 1452 | "security_groups": [], 1453 | }, 1454 | ], 1455 | "id": true, 1456 | "ingress": [ 1457 | { 1458 | "cidr_blocks": [ 1459 | false, 1460 | ], 1461 | "ipv6_cidr_blocks": [], 1462 | "prefix_list_ids": [], 1463 | "security_groups": [], 1464 | }, 1465 | { 1466 | "cidr_blocks": [ 1467 | false, 1468 | ], 1469 | "ipv6_cidr_blocks": [], 1470 | "prefix_list_ids": [], 1471 | "security_groups": [], 1472 | }, 1473 | ], 1474 | "name_prefix": true, 1475 | "owner_id": true, 1476 | "tags_all": true, 1477 | }, 1478 | "before": null, 1479 | "before_sensitive": false, 1480 | }, 1481 | "mode": "managed", 1482 | "module_address": "module.apache", 1483 | "name": "sg_my_server", 1484 | "provider_name": "registry.terraform.io/hashicorp/aws", 1485 | "type": "aws_security_group", 1486 | }, 1487 | ], 1488 | "terraform_version": "1.0.7", 1489 | "variables": { 1490 | "bucket": { 1491 | "value": "320489324827429471210198", 1492 | }, 1493 | "instance_type": { 1494 | "value": "t2.micro", 1495 | }, 1496 | "my_ip_with_cidr": { 1497 | "value": "104.194.51.113/32", 1498 | }, 1499 | "public_key": { 1500 | "value": "REDACTED_SENSITIVE", 1501 | }, 1502 | "server_name": { 1503 | "value": "Apache Example Server", 1504 | }, 1505 | "vpc_id": { 1506 | "value": "vpc-bd9bdcc7", 1507 | }, 1508 | }, 1509 | } 1510 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfplan.sentinel: -------------------------------------------------------------------------------- 1 | import "strings" 2 | import "types" 3 | 4 | _modules = { 5 | "root": { 6 | "data": {}, 7 | "path": [], 8 | "resources": { 9 | "aws_s3_bucket": { 10 | "bucket": { 11 | 0: { 12 | "applied": { 13 | "acl": "private", 14 | "bucket": "320489324827429471210198", 15 | "bucket_prefix": null, 16 | "cors_rule": [], 17 | "force_destroy": false, 18 | "grant": [], 19 | "lifecycle_rule": [], 20 | "logging": [], 21 | "object_lock_configuration": [], 22 | "policy": null, 23 | "replication_configuration": [], 24 | "server_side_encryption_configuration": [], 25 | "tags": null, 26 | "website": [], 27 | }, 28 | "destroy": false, 29 | "diff": { 30 | "acceleration_status": { 31 | "computed": true, 32 | "new": "", 33 | "old": "", 34 | }, 35 | "acl": { 36 | "computed": false, 37 | "new": "private", 38 | "old": "", 39 | }, 40 | "arn": { 41 | "computed": true, 42 | "new": "", 43 | "old": "", 44 | }, 45 | "bucket": { 46 | "computed": false, 47 | "new": "320489324827429471210198", 48 | "old": "", 49 | }, 50 | "bucket_domain_name": { 51 | "computed": true, 52 | "new": "", 53 | "old": "", 54 | }, 55 | "bucket_prefix": { 56 | "computed": false, 57 | "new": "", 58 | "old": "", 59 | }, 60 | "bucket_regional_domain_name": { 61 | "computed": true, 62 | "new": "", 63 | "old": "", 64 | }, 65 | "cors_rule.#": { 66 | "computed": false, 67 | "new": "0", 68 | "old": "", 69 | }, 70 | "force_destroy": { 71 | "computed": false, 72 | "new": "false", 73 | "old": "", 74 | }, 75 | "grant.#": { 76 | "computed": false, 77 | "new": "0", 78 | "old": "", 79 | }, 80 | "hosted_zone_id": { 81 | "computed": true, 82 | "new": "", 83 | "old": "", 84 | }, 85 | "id": { 86 | "computed": true, 87 | "new": "", 88 | "old": "", 89 | }, 90 | "lifecycle_rule.#": { 91 | "computed": false, 92 | "new": "0", 93 | "old": "", 94 | }, 95 | "logging.#": { 96 | "computed": false, 97 | "new": "0", 98 | "old": "", 99 | }, 100 | "object_lock_configuration.#": { 101 | "computed": false, 102 | "new": "0", 103 | "old": "", 104 | }, 105 | "policy": { 106 | "computed": false, 107 | "new": "", 108 | "old": "", 109 | }, 110 | "region": { 111 | "computed": true, 112 | "new": "", 113 | "old": "", 114 | }, 115 | "replication_configuration.#": { 116 | "computed": false, 117 | "new": "0", 118 | "old": "", 119 | }, 120 | "request_payer": { 121 | "computed": true, 122 | "new": "", 123 | "old": "", 124 | }, 125 | "server_side_encryption_configuration.#": { 126 | "computed": false, 127 | "new": "0", 128 | "old": "", 129 | }, 130 | "tags": { 131 | "computed": false, 132 | "new": "", 133 | "old": "", 134 | }, 135 | "tags_all.%": { 136 | "computed": true, 137 | "new": "", 138 | "old": "", 139 | }, 140 | "versioning.#": { 141 | "computed": true, 142 | "new": "", 143 | "old": "", 144 | }, 145 | "website.#": { 146 | "computed": false, 147 | "new": "0", 148 | "old": "", 149 | }, 150 | "website_domain": { 151 | "computed": true, 152 | "new": "", 153 | "old": "", 154 | }, 155 | "website_endpoint": { 156 | "computed": true, 157 | "new": "", 158 | "old": "", 159 | }, 160 | }, 161 | "requires_new": false, 162 | }, 163 | }, 164 | }, 165 | }, 166 | }, 167 | 168 | "module.apache": { 169 | "data": {}, 170 | "path": [ 171 | "apache", 172 | ], 173 | "resources": { 174 | "aws_instance": { 175 | "my_server": { 176 | 0: { 177 | "applied": { 178 | "ami": "ami-087c17d1fe0178315", 179 | "credit_specification": [], 180 | "get_password_data": false, 181 | "hibernation": null, 182 | "iam_instance_profile": null, 183 | "instance_type": "t2.micro", 184 | "key_name": "deployer-key", 185 | "launch_template": [], 186 | "source_dest_check": true, 187 | "tags": { 188 | "Name": "Apache Example Server", 189 | }, 190 | "tags_all": { 191 | "Name": "Apache Example Server", 192 | }, 193 | "timeouts": null, 194 | "user_data": "10c4c258f99341835de2107a0595234329aba813", 195 | "volume_tags": null, 196 | }, 197 | "destroy": false, 198 | "diff": { 199 | "ami": { 200 | "computed": false, 201 | "new": "ami-087c17d1fe0178315", 202 | "old": "", 203 | }, 204 | "arn": { 205 | "computed": true, 206 | "new": "", 207 | "old": "", 208 | }, 209 | "associate_public_ip_address": { 210 | "computed": true, 211 | "new": "", 212 | "old": "", 213 | }, 214 | "availability_zone": { 215 | "computed": true, 216 | "new": "", 217 | "old": "", 218 | }, 219 | "capacity_reservation_specification.#": { 220 | "computed": true, 221 | "new": "", 222 | "old": "", 223 | }, 224 | "cpu_core_count": { 225 | "computed": true, 226 | "new": "", 227 | "old": "", 228 | }, 229 | "cpu_threads_per_core": { 230 | "computed": true, 231 | "new": "", 232 | "old": "", 233 | }, 234 | "credit_specification.#": { 235 | "computed": false, 236 | "new": "0", 237 | "old": "", 238 | }, 239 | "disable_api_termination": { 240 | "computed": true, 241 | "new": "", 242 | "old": "", 243 | }, 244 | "ebs_block_device.#": { 245 | "computed": true, 246 | "new": "", 247 | "old": "", 248 | }, 249 | "ebs_optimized": { 250 | "computed": true, 251 | "new": "", 252 | "old": "", 253 | }, 254 | "enclave_options.#": { 255 | "computed": true, 256 | "new": "", 257 | "old": "", 258 | }, 259 | "ephemeral_block_device.#": { 260 | "computed": true, 261 | "new": "", 262 | "old": "", 263 | }, 264 | "get_password_data": { 265 | "computed": false, 266 | "new": "false", 267 | "old": "", 268 | }, 269 | "hibernation": { 270 | "computed": false, 271 | "new": "", 272 | "old": "", 273 | }, 274 | "host_id": { 275 | "computed": true, 276 | "new": "", 277 | "old": "", 278 | }, 279 | "iam_instance_profile": { 280 | "computed": false, 281 | "new": "", 282 | "old": "", 283 | }, 284 | "id": { 285 | "computed": true, 286 | "new": "", 287 | "old": "", 288 | }, 289 | "instance_initiated_shutdown_behavior": { 290 | "computed": true, 291 | "new": "", 292 | "old": "", 293 | }, 294 | "instance_state": { 295 | "computed": true, 296 | "new": "", 297 | "old": "", 298 | }, 299 | "instance_type": { 300 | "computed": false, 301 | "new": "t2.micro", 302 | "old": "", 303 | }, 304 | "ipv6_address_count": { 305 | "computed": true, 306 | "new": "", 307 | "old": "", 308 | }, 309 | "ipv6_addresses.#": { 310 | "computed": true, 311 | "new": "", 312 | "old": "", 313 | }, 314 | "key_name": { 315 | "computed": false, 316 | "new": "deployer-key", 317 | "old": "", 318 | }, 319 | "launch_template.#": { 320 | "computed": false, 321 | "new": "0", 322 | "old": "", 323 | }, 324 | "metadata_options.#": { 325 | "computed": true, 326 | "new": "", 327 | "old": "", 328 | }, 329 | "monitoring": { 330 | "computed": true, 331 | "new": "", 332 | "old": "", 333 | }, 334 | "network_interface.#": { 335 | "computed": true, 336 | "new": "", 337 | "old": "", 338 | }, 339 | "outpost_arn": { 340 | "computed": true, 341 | "new": "", 342 | "old": "", 343 | }, 344 | "password_data": { 345 | "computed": true, 346 | "new": "", 347 | "old": "", 348 | }, 349 | "placement_group": { 350 | "computed": true, 351 | "new": "", 352 | "old": "", 353 | }, 354 | "primary_network_interface_id": { 355 | "computed": true, 356 | "new": "", 357 | "old": "", 358 | }, 359 | "private_dns": { 360 | "computed": true, 361 | "new": "", 362 | "old": "", 363 | }, 364 | "private_ip": { 365 | "computed": true, 366 | "new": "", 367 | "old": "", 368 | }, 369 | "public_dns": { 370 | "computed": true, 371 | "new": "", 372 | "old": "", 373 | }, 374 | "public_ip": { 375 | "computed": true, 376 | "new": "", 377 | "old": "", 378 | }, 379 | "root_block_device.#": { 380 | "computed": true, 381 | "new": "", 382 | "old": "", 383 | }, 384 | "secondary_private_ips.#": { 385 | "computed": true, 386 | "new": "", 387 | "old": "", 388 | }, 389 | "security_groups.#": { 390 | "computed": true, 391 | "new": "", 392 | "old": "", 393 | }, 394 | "source_dest_check": { 395 | "computed": false, 396 | "new": "true", 397 | "old": "", 398 | }, 399 | "subnet_id": { 400 | "computed": true, 401 | "new": "", 402 | "old": "", 403 | }, 404 | "tags.%": { 405 | "computed": false, 406 | "new": "1", 407 | "old": "", 408 | }, 409 | "tags.Name": { 410 | "computed": false, 411 | "new": "Apache Example Server", 412 | "old": "", 413 | }, 414 | "tags_all.%": { 415 | "computed": false, 416 | "new": "1", 417 | "old": "", 418 | }, 419 | "tags_all.Name": { 420 | "computed": false, 421 | "new": "Apache Example Server", 422 | "old": "", 423 | }, 424 | "tenancy": { 425 | "computed": true, 426 | "new": "", 427 | "old": "", 428 | }, 429 | "timeouts": { 430 | "computed": false, 431 | "new": "", 432 | "old": "", 433 | }, 434 | "user_data": { 435 | "computed": false, 436 | "new": "10c4c258f99341835de2107a0595234329aba813", 437 | "old": "", 438 | }, 439 | "user_data_base64": { 440 | "computed": true, 441 | "new": "", 442 | "old": "", 443 | }, 444 | "volume_tags": { 445 | "computed": false, 446 | "new": "", 447 | "old": "", 448 | }, 449 | "vpc_security_group_ids.#": { 450 | "computed": true, 451 | "new": "", 452 | "old": "", 453 | }, 454 | }, 455 | "requires_new": false, 456 | }, 457 | }, 458 | }, 459 | "aws_key_pair": { 460 | "deployer": { 461 | 0: { 462 | "applied": { 463 | "key_name": "deployer-key", 464 | "key_name_prefix": null, 465 | "public_key": "REDACTED_SENSITIVE", 466 | "tags": null, 467 | }, 468 | "destroy": false, 469 | "diff": { 470 | "arn": { 471 | "computed": true, 472 | "new": "", 473 | "old": "", 474 | }, 475 | "fingerprint": { 476 | "computed": true, 477 | "new": "", 478 | "old": "", 479 | }, 480 | "id": { 481 | "computed": true, 482 | "new": "", 483 | "old": "", 484 | }, 485 | "key_name": { 486 | "computed": false, 487 | "new": "deployer-key", 488 | "old": "", 489 | }, 490 | "key_name_prefix": { 491 | "computed": false, 492 | "new": "", 493 | "old": "", 494 | }, 495 | "key_pair_id": { 496 | "computed": true, 497 | "new": "", 498 | "old": "", 499 | }, 500 | "public_key": { 501 | "computed": false, 502 | "new": "REDACTED_SENSITIVE", 503 | "old": "", 504 | }, 505 | "tags": { 506 | "computed": false, 507 | "new": "", 508 | "old": "", 509 | }, 510 | "tags_all.%": { 511 | "computed": true, 512 | "new": "", 513 | "old": "", 514 | }, 515 | }, 516 | "requires_new": false, 517 | }, 518 | }, 519 | }, 520 | "aws_security_group": { 521 | "sg_my_server": { 522 | 0: { 523 | "applied": { 524 | "description": "MyServer Security Group", 525 | "egress": [ 526 | { 527 | "cidr_blocks": [ 528 | "0.0.0.0/0", 529 | ], 530 | "description": "outgoing traffic", 531 | "from_port": 0, 532 | "ipv6_cidr_blocks": [ 533 | "::/0", 534 | ], 535 | "prefix_list_ids": [], 536 | "protocol": "-1", 537 | "security_groups": [], 538 | "self": false, 539 | "to_port": 0, 540 | }, 541 | ], 542 | "ingress": [ 543 | { 544 | "cidr_blocks": [ 545 | "0.0.0.0/0", 546 | ], 547 | "description": "HTTP", 548 | "from_port": 80, 549 | "ipv6_cidr_blocks": [], 550 | "prefix_list_ids": [], 551 | "protocol": "tcp", 552 | "security_groups": [], 553 | "self": false, 554 | "to_port": 80, 555 | }, 556 | { 557 | "cidr_blocks": [ 558 | "104.194.51.113/32", 559 | ], 560 | "description": "SSH", 561 | "from_port": 22, 562 | "ipv6_cidr_blocks": [], 563 | "prefix_list_ids": [], 564 | "protocol": "tcp", 565 | "security_groups": [], 566 | "self": false, 567 | "to_port": 22, 568 | }, 569 | ], 570 | "name": "sg_my_server", 571 | "revoke_rules_on_delete": false, 572 | "tags": null, 573 | "timeouts": null, 574 | "vpc_id": "vpc-bd9bdcc7", 575 | }, 576 | "destroy": false, 577 | "diff": { 578 | "arn": { 579 | "computed": true, 580 | "new": "", 581 | "old": "", 582 | }, 583 | "description": { 584 | "computed": false, 585 | "new": "MyServer Security Group", 586 | "old": "", 587 | }, 588 | "egress.#": { 589 | "computed": false, 590 | "new": "1", 591 | "old": "", 592 | }, 593 | "egress.0.%": { 594 | "computed": false, 595 | "new": "9", 596 | "old": "", 597 | }, 598 | "egress.0.cidr_blocks.#": { 599 | "computed": false, 600 | "new": "1", 601 | "old": "", 602 | }, 603 | "egress.0.cidr_blocks.0": { 604 | "computed": false, 605 | "new": "0.0.0.0/0", 606 | "old": "", 607 | }, 608 | "egress.0.description": { 609 | "computed": false, 610 | "new": "outgoing traffic", 611 | "old": "", 612 | }, 613 | "egress.0.from_port": { 614 | "computed": false, 615 | "new": "0", 616 | "old": "", 617 | }, 618 | "egress.0.ipv6_cidr_blocks.#": { 619 | "computed": false, 620 | "new": "1", 621 | "old": "", 622 | }, 623 | "egress.0.ipv6_cidr_blocks.0": { 624 | "computed": false, 625 | "new": "::/0", 626 | "old": "", 627 | }, 628 | "egress.0.prefix_list_ids.#": { 629 | "computed": false, 630 | "new": "0", 631 | "old": "", 632 | }, 633 | "egress.0.protocol": { 634 | "computed": false, 635 | "new": "-1", 636 | "old": "", 637 | }, 638 | "egress.0.security_groups.#": { 639 | "computed": false, 640 | "new": "0", 641 | "old": "", 642 | }, 643 | "egress.0.self": { 644 | "computed": false, 645 | "new": "false", 646 | "old": "", 647 | }, 648 | "egress.0.to_port": { 649 | "computed": false, 650 | "new": "0", 651 | "old": "", 652 | }, 653 | "id": { 654 | "computed": true, 655 | "new": "", 656 | "old": "", 657 | }, 658 | "ingress.#": { 659 | "computed": false, 660 | "new": "2", 661 | "old": "", 662 | }, 663 | "ingress.0.%": { 664 | "computed": false, 665 | "new": "9", 666 | "old": "", 667 | }, 668 | "ingress.0.cidr_blocks.#": { 669 | "computed": false, 670 | "new": "1", 671 | "old": "", 672 | }, 673 | "ingress.0.cidr_blocks.0": { 674 | "computed": false, 675 | "new": "0.0.0.0/0", 676 | "old": "", 677 | }, 678 | "ingress.0.description": { 679 | "computed": false, 680 | "new": "HTTP", 681 | "old": "", 682 | }, 683 | "ingress.0.from_port": { 684 | "computed": false, 685 | "new": "80", 686 | "old": "", 687 | }, 688 | "ingress.0.ipv6_cidr_blocks.#": { 689 | "computed": false, 690 | "new": "0", 691 | "old": "", 692 | }, 693 | "ingress.0.prefix_list_ids.#": { 694 | "computed": false, 695 | "new": "0", 696 | "old": "", 697 | }, 698 | "ingress.0.protocol": { 699 | "computed": false, 700 | "new": "tcp", 701 | "old": "", 702 | }, 703 | "ingress.0.security_groups.#": { 704 | "computed": false, 705 | "new": "0", 706 | "old": "", 707 | }, 708 | "ingress.0.self": { 709 | "computed": false, 710 | "new": "false", 711 | "old": "", 712 | }, 713 | "ingress.0.to_port": { 714 | "computed": false, 715 | "new": "80", 716 | "old": "", 717 | }, 718 | "ingress.1.%": { 719 | "computed": false, 720 | "new": "9", 721 | "old": "", 722 | }, 723 | "ingress.1.cidr_blocks.#": { 724 | "computed": false, 725 | "new": "1", 726 | "old": "", 727 | }, 728 | "ingress.1.cidr_blocks.0": { 729 | "computed": false, 730 | "new": "104.194.51.113/32", 731 | "old": "", 732 | }, 733 | "ingress.1.description": { 734 | "computed": false, 735 | "new": "SSH", 736 | "old": "", 737 | }, 738 | "ingress.1.from_port": { 739 | "computed": false, 740 | "new": "22", 741 | "old": "", 742 | }, 743 | "ingress.1.ipv6_cidr_blocks.#": { 744 | "computed": false, 745 | "new": "0", 746 | "old": "", 747 | }, 748 | "ingress.1.prefix_list_ids.#": { 749 | "computed": false, 750 | "new": "0", 751 | "old": "", 752 | }, 753 | "ingress.1.protocol": { 754 | "computed": false, 755 | "new": "tcp", 756 | "old": "", 757 | }, 758 | "ingress.1.security_groups.#": { 759 | "computed": false, 760 | "new": "0", 761 | "old": "", 762 | }, 763 | "ingress.1.self": { 764 | "computed": false, 765 | "new": "false", 766 | "old": "", 767 | }, 768 | "ingress.1.to_port": { 769 | "computed": false, 770 | "new": "22", 771 | "old": "", 772 | }, 773 | "name": { 774 | "computed": false, 775 | "new": "sg_my_server", 776 | "old": "", 777 | }, 778 | "name_prefix": { 779 | "computed": true, 780 | "new": "", 781 | "old": "", 782 | }, 783 | "owner_id": { 784 | "computed": true, 785 | "new": "", 786 | "old": "", 787 | }, 788 | "revoke_rules_on_delete": { 789 | "computed": false, 790 | "new": "false", 791 | "old": "", 792 | }, 793 | "tags": { 794 | "computed": false, 795 | "new": "", 796 | "old": "", 797 | }, 798 | "tags_all.%": { 799 | "computed": true, 800 | "new": "", 801 | "old": "", 802 | }, 803 | "timeouts": { 804 | "computed": false, 805 | "new": "", 806 | "old": "", 807 | }, 808 | "vpc_id": { 809 | "computed": false, 810 | "new": "vpc-bd9bdcc7", 811 | "old": "", 812 | }, 813 | }, 814 | "requires_new": false, 815 | }, 816 | }, 817 | }, 818 | }, 819 | }, 820 | } 821 | 822 | module_paths = [ 823 | [], 824 | [ 825 | "apache", 826 | ], 827 | ] 828 | 829 | terraform_version = "1.0.7" 830 | 831 | variables = { 832 | "bucket": "320489324827429471210198", 833 | "instance_type": "t2.micro", 834 | "my_ip_with_cidr": "104.194.51.113/32", 835 | "public_key": "REDACTED_SENSITIVE", 836 | "server_name": "Apache Example Server", 837 | "vpc_id": "vpc-bd9bdcc7", 838 | } 839 | 840 | module = func(path) { 841 | if types.type_of(path) is not "list" { 842 | error("expected list, got", types.type_of(path)) 843 | } 844 | 845 | if length(path) < 1 { 846 | return _modules.root 847 | } 848 | 849 | addr = [] 850 | for path as p { 851 | append(addr, "module") 852 | append(addr, p) 853 | } 854 | 855 | return _modules[strings.join(addr, ".")] 856 | } 857 | 858 | data = _modules.root.data 859 | path = _modules.root.path 860 | resources = _modules.root.resources 861 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfrun.sentinel: -------------------------------------------------------------------------------- 1 | id = "run-yLXFH1tv3w6dfsKu" 2 | created_at = "2021-09-21T14:53:49.273Z" 3 | message = "Merge branch 'main' of github.com:omenking/vcs-terraform into main" 4 | commit_sha = "9340731e3543d63213eacb18570883d01081bfce" 5 | speculative = false 6 | is_destroy = false 7 | refresh = true 8 | refresh_only = false 9 | replace_addrs = null 10 | target_addrs = null 11 | 12 | variables = { 13 | "AWS_ACCESS_KEY_ID": { 14 | "category": "env", 15 | "sensitive": true, 16 | }, 17 | "AWS_DEFAULT_REGION": { 18 | "category": "env", 19 | "sensitive": false, 20 | }, 21 | "AWS_SECRET_ACCESS_KEY": { 22 | "category": "env", 23 | "sensitive": true, 24 | }, 25 | "instance_type": { 26 | "category": "terraform", 27 | "sensitive": false, 28 | }, 29 | "my_ip_with_cidr": { 30 | "category": "terraform", 31 | "sensitive": false, 32 | }, 33 | "public_key": { 34 | "category": "terraform", 35 | "sensitive": true, 36 | }, 37 | "server_name": { 38 | "category": "terraform", 39 | "sensitive": false, 40 | }, 41 | "vpc_id": { 42 | "category": "terraform", 43 | "sensitive": false, 44 | }, 45 | } 46 | 47 | organization = { 48 | "name": "ExamPro", 49 | } 50 | 51 | workspace = { 52 | "auto_apply": true, 53 | "created_at": "2021-09-20T02:36:27.044Z", 54 | "description": null, 55 | "id": "ws-NuDgjwJAVJ8JNdYe", 56 | "name": "vcs-terraform", 57 | "tags": [], 58 | "vcs_repo": { 59 | "branch": "", 60 | "display_identifier": "omenking/vcs-terraform", 61 | "identifier": "omenking/vcs-terraform", 62 | "ingress_submodules": false, 63 | }, 64 | "working_directory": "", 65 | } 66 | 67 | cost_estimate = { 68 | "delta_monthly_cost": "8.352", 69 | "prior_monthly_cost": "0.0", 70 | "proposed_monthly_cost": "8.352", 71 | } 72 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfstate-v2.sentinel: -------------------------------------------------------------------------------- 1 | terraform_version = "1.0.7" 2 | 3 | outputs = {} 4 | 5 | resources = { 6 | "module.apache.aws_ami.amazon-linux-2": { 7 | "address": "module.apache.aws_ami.amazon-linux-2", 8 | "depends_on": [], 9 | "deposed_key": "", 10 | "index": null, 11 | "mode": "data", 12 | "module_address": "module.apache", 13 | "name": "amazon-linux-2", 14 | "provider_name": "registry.terraform.io/hashicorp/aws", 15 | "tainted": false, 16 | "type": "aws_ami", 17 | "values": { 18 | "architecture": "x86_64", 19 | "arn": "arn:aws:ec2:us-east-1::image/ami-087c17d1fe0178315", 20 | "block_device_mappings": [ 21 | { 22 | "device_name": "/dev/xvda", 23 | "ebs": { 24 | "delete_on_termination": "true", 25 | "encrypted": "false", 26 | "iops": "0", 27 | "snapshot_id": "snap-0699a041095ac5492", 28 | "throughput": "0", 29 | "volume_size": "8", 30 | "volume_type": "gp2", 31 | }, 32 | "no_device": "", 33 | "virtual_name": "", 34 | }, 35 | ], 36 | "creation_date": "2021-08-25T06:57:27.000Z", 37 | "description": "Amazon Linux 2 AMI 2.0.20210813.1 x86_64 HVM gp2", 38 | "ena_support": true, 39 | "executable_users": null, 40 | "filter": [ 41 | { 42 | "name": "name", 43 | "values": [ 44 | "amzn2-ami-hvm*", 45 | ], 46 | }, 47 | { 48 | "name": "owner-alias", 49 | "values": [ 50 | "amazon", 51 | ], 52 | }, 53 | ], 54 | "hypervisor": "xen", 55 | "id": "ami-087c17d1fe0178315", 56 | "image_id": "ami-087c17d1fe0178315", 57 | "image_location": "amazon/amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 58 | "image_owner_alias": "amazon", 59 | "image_type": "machine", 60 | "kernel_id": null, 61 | "most_recent": true, 62 | "name": "amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 63 | "name_regex": null, 64 | "owner_id": "137112412989", 65 | "owners": [ 66 | "amazon", 67 | ], 68 | "platform": null, 69 | "platform_details": "Linux/UNIX", 70 | "product_codes": [], 71 | "public": true, 72 | "ramdisk_id": null, 73 | "root_device_name": "/dev/xvda", 74 | "root_device_type": "ebs", 75 | "root_snapshot_id": "snap-0699a041095ac5492", 76 | "sriov_net_support": "simple", 77 | "state": "available", 78 | "state_reason": { 79 | "code": "UNSET", 80 | "message": "UNSET", 81 | }, 82 | "tags": {}, 83 | "usage_operation": "RunInstances", 84 | "virtualization_type": "hvm", 85 | }, 86 | }, 87 | "module.apache.aws_vpc.main": { 88 | "address": "module.apache.aws_vpc.main", 89 | "depends_on": [], 90 | "deposed_key": "", 91 | "index": null, 92 | "mode": "data", 93 | "module_address": "module.apache", 94 | "name": "main", 95 | "provider_name": "registry.terraform.io/hashicorp/aws", 96 | "tainted": false, 97 | "type": "aws_vpc", 98 | "values": { 99 | "arn": "arn:aws:ec2:us-east-1:318412259206:vpc/vpc-bd9bdcc7", 100 | "cidr_block": "172.31.0.0/16", 101 | "cidr_block_associations": [ 102 | { 103 | "association_id": "vpc-cidr-assoc-f5bfef99", 104 | "cidr_block": "172.31.0.0/16", 105 | "state": "associated", 106 | }, 107 | ], 108 | "default": true, 109 | "dhcp_options_id": "dopt-04cf2f7e", 110 | "enable_dns_hostnames": true, 111 | "enable_dns_support": true, 112 | "filter": null, 113 | "id": "vpc-bd9bdcc7", 114 | "instance_tenancy": "default", 115 | "ipv6_association_id": null, 116 | "ipv6_cidr_block": null, 117 | "main_route_table_id": "rtb-8922e0f7", 118 | "owner_id": "318412259206", 119 | "state": "available", 120 | "tags": {}, 121 | }, 122 | }, 123 | "module.apache.template_file.user_data": { 124 | "address": "module.apache.template_file.user_data", 125 | "depends_on": [], 126 | "deposed_key": "", 127 | "index": null, 128 | "mode": "data", 129 | "module_address": "module.apache", 130 | "name": "user_data", 131 | "provider_name": "registry.terraform.io/hashicorp/template", 132 | "tainted": false, 133 | "type": "template_file", 134 | "values": { 135 | "filename": null, 136 | "id": "6544751e306996908c68e0b0d21fe63b3db093fa9730b8828fbdc4d2eba46816", 137 | "rendered": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 138 | "template": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 139 | "vars": null, 140 | }, 141 | }, 142 | } 143 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/mock-tfstate.sentinel: -------------------------------------------------------------------------------- 1 | import "strings" 2 | import "types" 3 | 4 | outputs = {} 5 | 6 | _modules = { 7 | "root": { 8 | "data": {}, 9 | "path": [], 10 | "resources": {}, 11 | }, 12 | 13 | "module.apache": { 14 | "data": { 15 | "aws_ami": { 16 | "amazon-linux-2": { 17 | 0: { 18 | "attr": { 19 | "architecture": "x86_64", 20 | "arn": "arn:aws:ec2:us-east-1::image/ami-087c17d1fe0178315", 21 | "block_device_mappings": [ 22 | { 23 | "device_name": "/dev/xvda", 24 | "ebs": { 25 | "delete_on_termination": "true", 26 | "encrypted": "false", 27 | "iops": "0", 28 | "snapshot_id": "snap-0699a041095ac5492", 29 | "throughput": "0", 30 | "volume_size": "8", 31 | "volume_type": "gp2", 32 | }, 33 | "no_device": "", 34 | "virtual_name": "", 35 | }, 36 | ], 37 | "creation_date": "2021-08-25T06:57:27.000Z", 38 | "description": "Amazon Linux 2 AMI 2.0.20210813.1 x86_64 HVM gp2", 39 | "ena_support": true, 40 | "executable_users": null, 41 | "filter": [ 42 | { 43 | "name": "name", 44 | "values": [ 45 | "amzn2-ami-hvm*", 46 | ], 47 | }, 48 | { 49 | "name": "owner-alias", 50 | "values": [ 51 | "amazon", 52 | ], 53 | }, 54 | ], 55 | "hypervisor": "xen", 56 | "id": "ami-087c17d1fe0178315", 57 | "image_id": "ami-087c17d1fe0178315", 58 | "image_location": "amazon/amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 59 | "image_owner_alias": "amazon", 60 | "image_type": "machine", 61 | "kernel_id": null, 62 | "most_recent": true, 63 | "name": "amzn2-ami-hvm-2.0.20210813.1-x86_64-gp2", 64 | "name_regex": null, 65 | "owner_id": "137112412989", 66 | "owners": [ 67 | "amazon", 68 | ], 69 | "platform": null, 70 | "platform_details": "Linux/UNIX", 71 | "product_codes": [], 72 | "public": true, 73 | "ramdisk_id": null, 74 | "root_device_name": "/dev/xvda", 75 | "root_device_type": "ebs", 76 | "root_snapshot_id": "snap-0699a041095ac5492", 77 | "sriov_net_support": "simple", 78 | "state": "available", 79 | "state_reason": { 80 | "code": "UNSET", 81 | "message": "UNSET", 82 | }, 83 | "tags": {}, 84 | "usage_operation": "RunInstances", 85 | "virtualization_type": "hvm", 86 | }, 87 | "depends_on": [], 88 | "id": "ami-087c17d1fe0178315", 89 | "tainted": false, 90 | }, 91 | }, 92 | }, 93 | "aws_vpc": { 94 | "main": { 95 | 0: { 96 | "attr": { 97 | "arn": "arn:aws:ec2:us-east-1:318412259206:vpc/vpc-bd9bdcc7", 98 | "cidr_block": "172.31.0.0/16", 99 | "cidr_block_associations": [ 100 | { 101 | "association_id": "vpc-cidr-assoc-f5bfef99", 102 | "cidr_block": "172.31.0.0/16", 103 | "state": "associated", 104 | }, 105 | ], 106 | "default": true, 107 | "dhcp_options_id": "dopt-04cf2f7e", 108 | "enable_dns_hostnames": true, 109 | "enable_dns_support": true, 110 | "filter": null, 111 | "id": "vpc-bd9bdcc7", 112 | "instance_tenancy": "default", 113 | "ipv6_association_id": null, 114 | "ipv6_cidr_block": null, 115 | "main_route_table_id": "rtb-8922e0f7", 116 | "owner_id": "318412259206", 117 | "state": "available", 118 | "tags": {}, 119 | }, 120 | "depends_on": [], 121 | "id": "vpc-bd9bdcc7", 122 | "tainted": false, 123 | }, 124 | }, 125 | }, 126 | "template_file": { 127 | "user_data": { 128 | 0: { 129 | "attr": { 130 | "filename": null, 131 | "id": "6544751e306996908c68e0b0d21fe63b3db093fa9730b8828fbdc4d2eba46816", 132 | "rendered": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 133 | "template": "#cloud-config\r\npackages:\r\n - httpd\r\nruncmd:\r\n - systemctl start httpd\r\n - sudo systemctl enable httpd", 134 | "vars": null, 135 | }, 136 | "depends_on": [], 137 | "id": "6544751e306996908c68e0b0d21fe63b3db093fa9730b8828fbdc4d2eba46816", 138 | "tainted": false, 139 | }, 140 | }, 141 | }, 142 | }, 143 | "path": [ 144 | "apache", 145 | ], 146 | "resources": {}, 147 | }, 148 | } 149 | 150 | module_paths = [ 151 | [], 152 | [ 153 | "apache", 154 | ], 155 | ] 156 | 157 | terraform_version = "1.0.7" 158 | 159 | module = func(path) { 160 | if types.type_of(path) is not "list" { 161 | error("expected list, got", types.type_of(path)) 162 | } 163 | 164 | if length(path) < 1 { 165 | return _modules.root 166 | } 167 | 168 | addr = [] 169 | for path as p { 170 | append(addr, "module") 171 | append(addr, p) 172 | } 173 | 174 | return _modules[strings.join(addr, ".")] 175 | } 176 | 177 | data = _modules.root.data 178 | path = _modules.root.path 179 | resources = _modules.root.resources 180 | -------------------------------------------------------------------------------- /180_sentinel/sentinel_mocks/sentinel.hcl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ExamProCo/Terraform-Associate-Labs/9edaa82b5ca0d5d91d4b774476d090d04a6b4ea2/180_sentinel/sentinel_mocks/sentinel.hcl -------------------------------------------------------------------------------- /190_packer/apache.pkr.hcl: -------------------------------------------------------------------------------- 1 | variable "ami_id" { 2 | type = string 3 | default = "ami-087c17d1fe0178315" 4 | } 5 | 6 | locals { 7 | app_name = "httpd" 8 | } 9 | 10 | source "amazon-ebs" "httpd" { 11 | ami_name = "my-server-${local.app_name}" 12 | instance_type = "t2.micro" 13 | region = "us-east-1" 14 | source_ami = "${var.ami_id}" 15 | ssh_username = "ec2-user" 16 | tags = { 17 | Name = local.app_name 18 | } 19 | } 20 | 21 | build { 22 | sources = ["source.amazon-ebs.httpd"] 23 | provisioner "shell" { 24 | inline = [ 25 | "sudo yum install -y httpd", 26 | "sudo systemctl start httpd", 27 | "sudo systemctl enable httpd" 28 | ] 29 | } 30 | } -------------------------------------------------------------------------------- /190_packer/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | provider "aws" { 11 | profile = "default" 12 | region = "us-east-1" 13 | } 14 | 15 | data "aws_ami" "packer_image" { 16 | #name_regex = "my-server-httpd" 17 | filter { 18 | name = "name" 19 | values = ["my-server-httpd"] 20 | } 21 | owners = ["self"] 22 | } 23 | 24 | resource "aws_instance" "my_server" { 25 | ami = data.aws_ami.packer_image.id 26 | instance_type = "t2.micro" 27 | tags = { 28 | Name = "Server-Apache-Packer" 29 | } 30 | } 31 | 32 | output "public_ip" { 33 | value = aws_instance.my_server.public_ip 34 | } -------------------------------------------------------------------------------- /200_vault/Readme.md: -------------------------------------------------------------------------------- 1 | 2 | You may need to set the following environment variable: 3 | 4 | $ export VAULT_ADDR='http://127.0.0.1:8200' 5 | 6 | The unseal key and root token are displayed below in case you want to 7 | seal/unseal the Vault or re-authenticate. 8 | 9 | Unseal Key: kF/oaJhak7q4uoV5iyCodlCGJIP7wEsmlsgzzoZaD4I= 10 | Root Token: education -------------------------------------------------------------------------------- /200_vault/main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "3.58.0" 6 | } 7 | } 8 | } 9 | 10 | data "vault_generic_secret" "aws_creds" { 11 | path = "secret/aws" 12 | } 13 | 14 | provider "aws" { 15 | region = data.vault_generic_secret.aws_creds.data["region"] 16 | access_key = data.vault_generic_secret.aws_creds.data["aws_access_key_id"] 17 | secret_key = data.vault_generic_secret.aws_creds.data["aws_secret_access_key"] 18 | } 19 | 20 | 21 | resource "aws_instance" "my_server" { 22 | ami = "ami-087c17d1fe0178315" 23 | instance_type = "t2.nano" 24 | tags = { 25 | Name = "MyServerWithVault" 26 | } 27 | } -------------------------------------------------------------------------------- /Readme.md: -------------------------------------------------------------------------------- 1 | ## Install 2 | 3 | [Install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli#install-terraform) following the offical instructions 4 | 5 | [Install HashiCorp Terraform VSCode Instructions](https://marketplace.visualstudio.com/items?itemName=HashiCorp.terraform) 6 | 7 | We'll mostly be using AWS as the primary provider. 8 | If you want to follow along for all labs you'll need accounts for: 9 | 10 | - [Amazon Web Services (AWS)](https://aws.amazon.com/) 11 | - [Microsoft Azure](https://azure.microsoft.com) 12 | - [Google Cloud Platform (GCP)](https://cloud.google.com) 13 | - [Spotify](https://spotify.com) 14 | - [Minecraft Licence](https://www.minecraft.net/en-us) 15 | 16 | AWS CLI 17 | Azure CLI 18 | Google Cloud SDK 19 | 20 | ## Getting Started 21 | 22 | We are going to learn the basics of Terraform: 23 | - Creating main.tf 24 | - Add AWS Provider 25 | - Generate and configure AWS credentials 26 | - Configure an AWS Virtual Machine 27 | - Initialize terraform project 28 | - Terraform fmt 29 | - Terraform validate 30 | - Terraform plan 31 | - Terraform apply 32 | - Terraform apply (updateing) 33 | - Create Input Variables 34 | - Set Locals 35 | - Create Outputs 36 | - Use a Terraform Module 37 | - Divide project into multiple files 38 | - Terraform destroy 39 | - Create a Terraform Cloud workspace 40 | - Migrate local to remote workspace 41 | - Move AWS Credentials to Env Vars 42 | 43 | ## Provisioners 44 | 45 | - Cloud-Init 46 | - Local Exec 47 | - Remote Exec 48 | - File 49 | - Connection 50 | - Null Resource and Trigger 51 | 52 | ## Providers 53 | 54 | - Provision AWS Resource 55 | - Provision Azure Resource 56 | - Provision GCP Resource 57 | 58 | - Provision Spotify Playlist 59 | - Provision Minecraft Server 60 | 61 | 62 | ## Terraform Registry 63 | 64 | 65 | ## Variables and Outputs 66 | 67 | - terraform.tfvars 68 | - additional variable files and -var-file 69 | - additional autoloaded files 70 | - -var 71 | - TF_VAR_ 72 | - Ouputs CLI 73 | - Chaining outputs from a module 74 | - Local values 75 | - Data Sources 76 | 77 | ## Resource Meta Arguements 78 | 79 | - depends_on 80 | - count 81 | - for_each 82 | - provider and alias 83 | - lifecycle 84 | 85 | ## Expressions 86 | 87 | - String Templates 88 | - For Expressions 89 | - Splats 90 | - Dynamic Blocks 91 | - Versions Constraints 92 | 93 | ## Terraform State 94 | - terraform state list 95 | - terraform state mv 96 | - terraform state show 97 | - terraform state mv 98 | 99 | ## Plan and Apply 100 | 101 | - Speculative Plans 102 | - Saved Plans 103 | 104 | ## Manage Resource Drift 105 | 106 | - Replace 107 | - Import 108 | - Refresh 109 | 110 | ## Troubleshooting 111 | 112 | - Terraform Log 113 | - Terraform Crash log 114 | 115 | ## Modules 116 | 117 | - Create a module 118 | - Publish a module 119 | 120 | ## Terraform Workflows 121 | 122 | - individual Terraform Workflow 123 | 124 | ## Backends 125 | 126 | - Standard Backend with Amazon S3 127 | - Remote backend multiple workspaces 128 | - terraform_remote_state local 129 | - terraform_remote_state remote 130 | - force-unlock 131 | 132 | ## Resources 133 | 134 | - collection types 135 | - structual typeear 136 | 137 | ## Functions 138 | 139 | - Built In Functions 140 | 141 | ## Terraform CLoud 142 | 143 | - Terraform CLoud Permissions 144 | - Terraform Cloud API Token 145 | - Private Registry 146 | 147 | ## Workspaces 148 | 149 | - Multiple workspaces Terraform Cloud 150 | 151 | # Sentinel 152 | 153 | - Sentinel Mocks 154 | - Policy Set 155 | 156 | # Vault 157 | 158 | Vault with Terraform 159 | 160 | # Packer 161 | 162 | Packer with Terraform 163 | --------------------------------------------------------------------------------