├── .gitignore ├── README-AWS.md ├── README.md ├── best-practices └── readme.md ├── bootcamp.md ├── checknov ├── checkov-tf-test.tf ├── install-checkov.md └── readme.md ├── commands.md ├── docs ├── backend-terraform.md ├── install-azure-cli.md ├── readme.md ├── run-terraform-in-aws-cross-account.md ├── semantic-release.md ├── tagging.md ├── terraform-aws-s3-backend.md ├── terraform-azurerm-backend.md ├── terraform-docs-generator.md ├── terraform-module-source-https-ssh.md ├── terraform-modules-doc.md ├── terraform-offline-initialize.md ├── terraform-on-docker.md ├── terraform-provider-registration-issue.md ├── terraform-variables-loops.md └── terraform-versions.md ├── framework └── README.md ├── pipelines ├── ado-pipelines │ └── ado-to-azure │ │ └── pipeline-ado-azure-terraform.yml └── scripts │ └── ado-terraform-azure.sh ├── providers ├── aws │ ├── modules │ │ ├── e2esa-module-aws-acm │ │ │ ├── acm-validation.tf │ │ │ ├── acm.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-apigw │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-cloudfront │ │ │ ├── cf-distribution.tf │ │ │ ├── cf_origin_access_control.tf │ │ │ ├── datasources.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── s3-bucket-policy.tf │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-cloudwatch │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-codebuild │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── role.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-codedeploy │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-codepipeline │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── role.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-cognito │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-dynamodb │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-ec2 │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-module-aws-ecs-cluster │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-ecs-service-v2 │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-ecs-service │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── template │ │ │ │ └── json.tpl │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-elb │ │ │ ├── datasource-ec2.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-iam-role │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-kms │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-lambda │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-natgw │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-rds │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-s3 │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-secgrp │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-aws-vpc │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── readme.md │ │ └── template-e2esa-module-aws │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ ├── packer │ │ ├── aws-ami.json │ │ ├── aws-ami.pkr.hcl │ │ ├── provision.sh │ │ └── readme.md │ ├── projects │ │ ├── e2esa-aws-acm │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-backup │ │ │ ├── app_tfvars │ │ │ ├── backup-plan.tf │ │ │ ├── backup-report-plan.tf │ │ │ ├── backup-role.tf │ │ │ ├── backup-selection.tf │ │ │ ├── backup-vault-notification.tf │ │ │ ├── backup-vault-policy.tf │ │ │ ├── backup-vault.tf │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-cloudfront │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-codedeploy │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-codepipeline │ │ │ ├── app_tfvars │ │ │ ├── buildspec │ │ │ │ ├── apply-buildspec.yml │ │ │ │ └── plan-buildspec.yml │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-datapipeline │ │ │ ├── common.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ec2-asg-eventbridge-lambda │ │ │ ├── app_tfvars │ │ │ ├── autoscaling.tf │ │ │ ├── cloudwatch.tf │ │ │ ├── datasource.tf │ │ │ ├── ec2-init.sh │ │ │ ├── eventbridge.tf │ │ │ ├── index.js │ │ │ ├── lambda.tf │ │ │ ├── launch-template.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── s3.tf │ │ │ ├── sns.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ec2-autoscaling │ │ │ ├── app_tfvars │ │ │ ├── autoscaling.tf │ │ │ ├── datasource.tf │ │ │ ├── ec2-init.sh │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ec2-v2 │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ec2 │ │ │ ├── app_tfvars │ │ │ ├── datasource-ec2.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ecs-cluster │ │ │ ├── app_tfvars │ │ │ ├── dev-backend.conf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── prd-backend.conf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-ecs-service │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-eks-bastion-ec2 │ │ │ ├── app_tfvars │ │ │ ├── eks-manager-ec2.tf │ │ │ ├── iam-instance-profile-role.tf │ │ │ ├── init.sh │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-eks-ec2-v1 │ │ │ ├── AWSLoadBalancerController.json │ │ │ ├── app_tfvars │ │ │ ├── cloudwatch.tf │ │ │ ├── eks-cluster.tf │ │ │ ├── eks-console-full-access.yaml │ │ │ ├── eks-manager-ec2.tf │ │ │ ├── eks-node-group-private.tf │ │ │ ├── eks-node-group-public.tf │ │ │ ├── helm.tf │ │ │ ├── iam-controller.tf │ │ │ ├── iam-instance-profile-role.tf │ │ │ ├── iam-oicd.tf │ │ │ ├── init.sh │ │ │ ├── k8s │ │ │ │ ├── alb1.yaml │ │ │ │ └── ingress-with-tls.yaml │ │ │ ├── main.tf │ │ │ ├── nat-gateway.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── role-eks-cluster.tf │ │ │ ├── role-eks-role-group.tf │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-eks-ec2 │ │ │ ├── alb.tf │ │ │ ├── app_tfvars │ │ │ ├── cloudwatch.tf │ │ │ ├── eks-cluster.tf │ │ │ ├── eks-console-full-access.yaml │ │ │ ├── eks-manager-ec2.tf │ │ │ ├── eks-node-group-private.tf │ │ │ ├── eks-node-group-public.tf │ │ │ ├── iam-instance-profile-role.tf │ │ │ ├── init.sh │ │ │ ├── main.tf │ │ │ ├── nat-gateway.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── role-eks-cluster.tf │ │ │ ├── role-eks-role-group.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-eks-fargate │ │ │ ├── app_tfvars │ │ │ ├── cloudwatch.tf │ │ │ ├── eks-cluster.tf │ │ │ ├── eks-fargate-profile.tf │ │ │ ├── iam-eks-cluster.tf │ │ │ ├── iam-oidc-provider.tf │ │ │ ├── main.tf │ │ │ ├── nat-gateway.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-eks-standard │ │ │ ├── alb.tf │ │ │ ├── app_tfvars │ │ │ ├── cloudwatch.tf │ │ │ ├── eks-cluster.tf │ │ │ ├── eks-manager-ec2.tf │ │ │ ├── eks-node-group-private.tf │ │ │ ├── eks-node-group-public.tf │ │ │ ├── iam-instance-profile-role.tf │ │ │ ├── iam-oidc-provider.tf │ │ │ ├── init.sh │ │ │ ├── main.tf │ │ │ ├── nat-gateway.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── role-eks-cluster.tf │ │ │ ├── role-eks-role-group.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-elb │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-fargate-blue-green │ │ │ ├── app_tfvars │ │ │ ├── codedeploy.tf │ │ │ ├── datasource.tf │ │ │ ├── ecs_autoscaling.tf │ │ │ ├── iam_role.tf │ │ │ ├── load_balancers.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── security_groups.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-jmeter-ecs │ │ │ ├── Dockerfile │ │ │ ├── readme.md │ │ │ └── tf-spec.md │ │ ├── e2esa-aws-lambda │ │ │ ├── app_tfvars │ │ │ ├── index.js │ │ │ ├── index.zip │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-nat-gateway │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-rds │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── rds.tf │ │ │ ├── readme.md │ │ │ ├── s3-import.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-redshift-cluster │ │ │ ├── common.tf │ │ │ ├── iam-roles-redshift.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-s3backend │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-static-webhosting │ │ │ ├── acm-certificate.tf │ │ │ ├── app_tfvars │ │ │ ├── cloudfront.tf │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── route53.tf │ │ │ ├── s3.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-aws-vpc │ │ │ ├── app_tfvars │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── readme.md │ │ └── template-e2esa-aws │ │ │ ├── common.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── providers.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ └── readme.md ├── azure │ ├── modules │ │ ├── e2esa-module-azure-rm │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-azure-storage-account │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── storage_acc.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-azure-storage-blob │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── resource_group.tf │ │ │ ├── storage_blob.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-module-azure-storage-container │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── storage_container.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── readme.md │ │ └── template-e2esa-module-azure │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ ├── projects │ │ ├── e2esa-azure-aks-cluster-monitor │ │ │ ├── local.tf │ │ │ ├── monitoring.tf │ │ │ ├── outputs.tf │ │ │ ├── provider.tf │ │ │ ├── readme.md │ │ │ ├── rg.tf │ │ │ ├── storage.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-azure-aks-cluster │ │ │ ├── acr.tf │ │ │ ├── aks.tf │ │ │ ├── app_tfvars │ │ │ ├── deploy │ │ │ │ └── nginx-deployment.yml │ │ │ ├── local.tf │ │ │ ├── monitoring.tf │ │ │ ├── outputs.tf │ │ │ ├── provider.tf │ │ │ ├── readme.md │ │ │ ├── resource-grp.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-azure-backup │ │ │ ├── backup.tf │ │ │ ├── cluster.tf │ │ │ ├── local.tf │ │ │ ├── outputs.tf │ │ │ ├── provider.tf │ │ │ ├── random.tf │ │ │ ├── readme.md │ │ │ ├── rg.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-azure-key-vault │ │ │ ├── app_tfvars │ │ │ ├── key-vault.tf │ │ │ ├── local.tf │ │ │ ├── outputs.tf │ │ │ ├── provider.tf │ │ │ ├── readme.md │ │ │ ├── resource-grp.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-azure-keyvault-monitor │ │ │ ├── keyvault.tf │ │ │ ├── local.tf │ │ │ ├── outputs.tf │ │ │ ├── provider.tf │ │ │ ├── readme.md │ │ │ ├── rg.tf │ │ │ ├── storage.tf │ │ │ ├── tf-spec.md │ │ │ └── variables.tf │ │ ├── e2esa-azure-rg │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── resource-group.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-azure-storage-acc │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── storage-account.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-azure-storage-blob │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── storage-blob.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-azure-storage-container │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── storage-container.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-azure-tf-backend │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-backend.tf │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── e2esa-azure-vm-hcp-packer │ │ │ ├── common.tf │ │ │ ├── data.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── readme.md │ │ └── template-e2esa-azure │ │ │ ├── common.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ └── readme.md ├── google-cloud │ ├── modules │ │ ├── e2esa-module-gc-vm │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ │ ├── readme.md │ │ └── template-e2esa-module-gc │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ ├── projects │ │ ├── e2esa-gc-vm │ │ │ ├── app_tfvars │ │ │ ├── common.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ ├── versions.tf │ │ │ └── vm.tf │ │ ├── readme.md │ │ └── template-e2esa-gc │ │ │ ├── common.tf │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── readme.md │ │ │ ├── tf-spec.md │ │ │ ├── variables.tf │ │ │ └── versions.tf │ └── readme.md └── readme.md ├── semantic-release-iac.md ├── terraform-aws-OIDC-guide.md ├── terraform-cloud ├── oidc-aws-iam-role.md ├── terraform-cloud-aws-github.md └── terraform-cloud.md ├── terragrunt └── readme.md ├── tf-aws-module-catalog.md └── troubleshoot ├── README.md └── terraform-cloud ├── Apply not allowed for workspace with a VCS connection.md ├── No valid credential sources found.md └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | *.terraform.lock.* 8 | 9 | # Crash log files 10 | crash.log 11 | 12 | # Ignore any .tfvars files that are generated automatically for each Terraform run. Most 13 | # .tfvars files are managed as part of configuration and so should be included in 14 | # version control. 15 | # 16 | # example.tfvars 17 | *.tfvars 18 | 19 | # Ignore override files as they are usually used to override resources locally and so 20 | # are not checked in 21 | override.tf 22 | override.tf.json 23 | *_override.tf 24 | *_override.tf.json 25 | 26 | # Include override files you do wish to add to version control using negated pattern 27 | # 28 | # !example_override.tf 29 | 30 | # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan 31 | # example: *tfplan* 32 | -------------------------------------------------------------------------------- /checknov/readme.md: -------------------------------------------------------------------------------- 1 | ## "Checkov" is an opensource IaC security scanning tool which is used with Terraform [Click here](https://www.checkov.io/1.Welcome/Quick%20Start.html) to know more. 2 | 3 | [![Checkov](https://user-images.githubusercontent.com/62712515/209595266-98463f53-fed6-4100-a7cc-f62231f99fbe.png)](https://www.youtube.com/watch?v=bAkwvmZ7OGA) 4 | 5 | ## Installation steps [Click here](https://www.checkov.io/2.Basics/Installing%20Checkov.html) 6 | -------------------------------------------------------------------------------- /docs/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ### Terraform documentation [click here](https://github.com/e2eSolutionArchitect/terraform/tree/main/docs) 3 | ### Terraform KEDB (Known Error Database , Problems and Resolutions) [Click here](https://github.com/e2eSolutionArchitect/KEDB/tree/main/terraform) 4 | 5 | - Terraform document generator [click here](https://github.com/e2eSolutionArchitect/terraform/blob/main/docs/terraform-docs-generator.md) 6 | - Terrraform s3 backend [click here](https://github.com/e2eSolutionArchitect/terraform/blob/main/docs/terraform-aws-s3-backend.md) 7 | - Terraform Air gap installation or Offile installation [click here](https://github.com/e2eSolutionArchitect/terraform/blob/main/docs/terraform-offline-initialize.md) 8 | - Run Terraform on docker [click here](https://github.com/e2eSolutionArchitect/terraform/blob/main/docs/terraform-on-docker.md) 9 | - Run Terraform cross account AWS [click here](https://github.com/e2eSolutionArchitect/terraform/blob/main/docs/run-terraform-in-aws-cross-account.md) 10 | -------------------------------------------------------------------------------- /docs/semantic-release.md: -------------------------------------------------------------------------------- 1 | https://semantic-release.gitbook.io/semantic-release/usage/configuration 2 | -------------------------------------------------------------------------------- /docs/terraform-modules-doc.md: -------------------------------------------------------------------------------- 1 | Please refer here for TF AWS modules https://github.com/terraform-aws-modules 2 | -------------------------------------------------------------------------------- /docs/terraform-versions.md: -------------------------------------------------------------------------------- 1 | 2 | Refer here https://developer.hashicorp.com/terraform/tutorials/configuration-language/versions 3 | 4 | Required Version Meaning Considerations 5 | 1.7.5 Only Terraform v1.7.5 exactly To upgrade Terraform, first edit the required_version setting 6 | >= 1.7.5 Any Terraform v1.7.5 or greater Includes Terraform v2.0.0 and above 7 | ~> 1.7.5 Any Terraform v1.7.x, but not v1.8 or later Minor version updates are intended to be non-disruptive 8 | >= 1.7.5, < 1.9.5 Terraform v1.7.5 or greater, but less than v1.9.5 Avoids specific version updates 9 | -------------------------------------------------------------------------------- /framework/README.md: -------------------------------------------------------------------------------- 1 | # Terraform Framework 2 | 3 | - Modules: Cloud resource definitions 4 | - Templates: Multiple modules integrated to build a solution 5 | - Applications: Instance of the solution for a target environment. dev, stg, prod. 6 | 7 | 8 | ## Module structure: 9 | - resources.tf : defines resources 10 | - locals.tf : defines custom vars 11 | - varibles.tf : defines variables 12 | - output.tf : defines only the outputs that should be exposed to the other modules or templates 13 | - README.md : module specification 14 | 15 | ## Template structure: 16 | - config.tf : define TF versions, providers & remote state management 17 | - resources.tf : defines resources 18 | - locals.tf : defines custom vars 19 | - varibles.tf : defines variables 20 | - output.tf : defines only the outputs that should be exposed 21 | - README.md : template specification 22 | -------------------------------------------------------------------------------- /pipelines/scripts/ado-terraform-azure.sh: -------------------------------------------------------------------------------- 1 | cd providers/azure/projects/e2esa-azure-rg/ 2 | terraform init 3 | terraform validate 4 | terraform plan -var-file="dev.tfvars" -var="createdby=som" 5 | terraform apply -var-file="dev.tfvars" -var="createdby=som" -auto-approve 6 | terraform destroy -var-file="dev.tfvars" -var="createdby=som" -auto-approve 7 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-acm/acm-validation.tf: -------------------------------------------------------------------------------- 1 | data "aws_route53_zone" "hz" { 2 | name = var.domain_name 3 | private_zone = false 4 | } 5 | 6 | resource "aws_route53_record" "r53" { 7 | for_each = { 8 | for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name => { 9 | name = dvo.resource_record_name 10 | record = dvo.resource_record_value 11 | type = dvo.resource_record_type 12 | } 13 | } 14 | 15 | allow_overwrite = true 16 | name = each.value.name 17 | records = [each.value.record] 18 | ttl = 60 19 | type = each.value.type 20 | zone_id = data.aws_route53_zone.hz.zone_id 21 | } 22 | 23 | resource "aws_acm_certificate_validation" "validation" { 24 | certificate_arn = aws_acm_certificate.cert.arn 25 | validation_record_fqdns = [for record in aws_route53_record.r53 : record.fqdn] 26 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-acm/acm.tf: -------------------------------------------------------------------------------- 1 | resource "aws_acm_certificate" "cert" { 2 | domain_name = var.domain_name #"example.com" 3 | subject_alternative_names = var.additional_domain_names 4 | validation_method = var.validation_method #"DNS" 5 | 6 | tags = merge( 7 | { "resourcename" = "${var.name}-cert" }, var.tags 8 | ) 9 | 10 | lifecycle { 11 | create_before_destroy = true 12 | } 13 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-acm/outputs.tf: -------------------------------------------------------------------------------- 1 | output "id" { 2 | description = "id" 3 | value = try(aws_acm_certificate.cert.id, "") 4 | } 5 | 6 | output "arn" { 7 | description = "arn" 8 | value = try(aws_acm_certificate.cert.arn, "") 9 | } 10 | 11 | output "tags_all" { 12 | description = " A map of tags assigned to the resource, including those inherited from the provider default_tags" 13 | value = try(aws_acm_certificate.cert.tags_all, "") 14 | } 15 | 16 | output "domain_name" { 17 | description = "domain_name" 18 | value = try(aws_acm_certificate.cert.domain_name, "") 19 | } 20 | 21 | output "status" { 22 | description = "status" 23 | value = try(aws_acm_certificate.cert.status, "") 24 | } 25 | 26 | output "type" { 27 | description = "type" 28 | value = try(aws_acm_certificate.cert.type, "") 29 | } 30 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-acm/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-acm/readme.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-acm/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-apigw/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-apigw/outputs.tf -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-apigw/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-apigw/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-apigw/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------- 2 | # Common Variables 3 | # ------------------------------------------- 4 | 5 | variable "aws_region" { 6 | description = "AWS infrastructure region" 7 | type = string 8 | default = null 9 | } 10 | 11 | 12 | variable "tags" { 13 | description = "Tag map for the resource" 14 | type = map(string) 15 | default = {} 16 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-apigw/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/cf_origin_access_control.tf: -------------------------------------------------------------------------------- 1 | resource "aws_cloudfront_origin_access_control" "oac" { 2 | name = "${var.name}-oac" 3 | description = "${var.name}-Origine Access Control Policy" 4 | origin_access_control_origin_type = "s3" 5 | signing_behavior = "always" 6 | signing_protocol = "sigv4" 7 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/datasources.tf: -------------------------------------------------------------------------------- 1 | #------------------------------------------------------------------------------ 2 | # ACM Certificate 3 | #------------------------------------------------------------------------------ 4 | # Find a certificate issued by (not imported into) ACM 5 | data "aws_acm_certificate" "amazon_issued" { 6 | domain = var.domain_name 7 | types = ["AMAZON_ISSUED"] 8 | most_recent = true 9 | } 10 | 11 | #------------------------------------------------------------------------------ 12 | # S3 13 | #------------------------------------------------------------------------------ 14 | # Find s3 bucket details 15 | data "aws_s3_bucket" "selected" { 16 | bucket = var.domain_name 17 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/outputs.tf: -------------------------------------------------------------------------------- 1 | # to get the Cloud front URL if doamin/alias is not configured 2 | 3 | output "id" { 4 | value = try(aws_cloudfront_distribution.cf.id, "") 5 | } 6 | 7 | output "arn" { 8 | value = try(aws_cloudfront_distribution.cf.arn, "") 9 | } 10 | 11 | output "domain_name" { 12 | value = try(aws_cloudfront_distribution.cf.domain_name, "") 13 | } 14 | 15 | output "hosted_zone_id" { 16 | value = try(aws_cloudfront_distribution.cf.hosted_zone_id, "") 17 | } 18 | 19 | output "status" { 20 | value = try(aws_cloudfront_distribution.cf.status, "") 21 | } 22 | 23 | output "tags_all" { 24 | value = try(aws_cloudfront_distribution.cf.tags_all, "") 25 | } 26 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-cloudfront/readme.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/s3-bucket-policy.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_s3_bucket_policy" "cdn-cf-policy" { 3 | bucket = data.aws_s3_bucket.selected.id 4 | policy = data.aws_iam_policy_document.my-cdn-cf-policy.json 5 | } 6 | 7 | data "aws_iam_policy_document" "my-cdn-cf-policy" { 8 | statement { 9 | sid = "1" 10 | principals { 11 | type = "AWS" 12 | identifiers = [aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn] 13 | } 14 | 15 | actions = [ 16 | "s3:GetObject" 17 | ] 18 | 19 | resources = [ 20 | "${data.aws_s3_bucket.selected.arn}/*" 21 | ] 22 | } 23 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudfront/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudwatch/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_cloudwatch_log_group" "group" { 2 | name = "${var.cw_name}-log-group" 3 | retention_in_days = var.retention_in_days 4 | tags = merge( 5 | { "ResourceName" = var.cw_name }, var.tags 6 | ) 7 | } 8 | 9 | resource "aws_cloudwatch_log_stream" "stream" { 10 | name = "${var.cw_name}-log-stream" 11 | log_group_name = aws_cloudwatch_log_group.group.name 12 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudwatch/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_cloudwatch_log_group_id" { 2 | value = try(aws_cloudwatch_log_group.group.arn, "") 3 | description = "cw group arn" 4 | } 5 | 6 | output "aws_cloudwatch_log_stream" { 7 | value = try(aws_cloudwatch_log_stream.stream.arn, "") 8 | description = "cw stream arn" 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudwatch/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-cloudwatch/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudwatch/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------- 2 | # Common Variables 3 | # ------------------------------------------- 4 | 5 | variable "aws_region" { 6 | description = "AWS infrastructure regio" 7 | type = string 8 | default = null 9 | } 10 | 11 | 12 | variable "tags" { 13 | description = "Tag map for the resource" 14 | type = map(string) 15 | default = {} 16 | } 17 | 18 | # ------------------------------------------- 19 | # AWS CloudWatch 20 | # ------------------------------------------- 21 | 22 | variable "cw_name" { 23 | description = "CW name" 24 | type = string 25 | default = null 26 | } 27 | 28 | variable "retention_in_days" { 29 | description = "CW retention_in_days" 30 | type = number 31 | default = 30 32 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cloudwatch/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codebuild/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_codebuild_project_arn" { 2 | value = aws_codebuild_project.this.arn 3 | description = "aws codebuild project arn" 4 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codebuild/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-codebuild/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codebuild/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codedeploy/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_codedeploy_app_arn" { 2 | description = "aws_codedeploy_app_arn" 3 | value = try(aws_codedeploy_app.this.arn, "") 4 | } 5 | 6 | output "aws_codedeploy_deployment_group_arn" { 7 | description = "aws_codedeploy_deployment_group" 8 | value = try(aws_codedeploy_deployment_group.this.arn, "") 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codedeploy/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | ## About the module 9 | - Provision Code deploy Application and Code deploy group for LAMBDA deployment -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codedeploy/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-codedeploy/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codedeploy/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codepipeline/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_codepipeline_arn" { 2 | value = aws_codepipeline.this.arn 3 | description = "aws codepipeline project arn" 4 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codepipeline/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-codepipeline/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-codepipeline/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cognito/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-cognito/outputs.tf -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cognito/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-cognito/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cognito/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------- 2 | # Common Variables 3 | # ------------------------------------------- 4 | 5 | variable "aws_region" { 6 | description = "AWS infrastructure region" 7 | type = string 8 | default = null 9 | } 10 | 11 | 12 | variable "tags" { 13 | description = "Tag map for the resource" 14 | type = map(string) 15 | default = {} 16 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-cognito/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-dynamodb/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_dynamodb_table" "this" { 2 | name = var.db_table_name 3 | billing_mode = var.billing_mode #"PROVISIONED" 4 | hash_key = var.hash_key #"LockId" 5 | attribute { 6 | name = var.attr_name #"LockId" 7 | type = var.attr_type #"S" 8 | } 9 | tags = merge({ "ResourceName" = var.db_table_name }, var.tags) 10 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-dynamodb/outputs.tf: -------------------------------------------------------------------------------- 1 | 2 | 3 | output "aws_dynamodb_table_id" { 4 | value = aws_dynamodb_table.this.id 5 | description = "s3 aws_dynamodb_table id" 6 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-dynamodb/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-dynamodb/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-dynamodb/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ec2/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_instance_arn" { 2 | value = aws_instance.this.arn 3 | description = "aws_instance arn" 4 | } 5 | 6 | output "aws_instance_public_dns" { 7 | value = aws_instance.this.public_dns 8 | description = "aws_instance public_dns" 9 | } 10 | 11 | output "aws_instance_public_ip" { 12 | value = aws_instance.this.public_ip 13 | description = "aws_instance public_ip" 14 | } 15 | 16 | output "aws_ebs_volume_id" { 17 | value = aws_ebs_volume.this.id 18 | description = "aws_ebs_volume volume_id" 19 | } 20 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-cluster/main.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_ecs_cluster" "this" { 3 | 4 | count = var.create_ecs_cluster ? 1 : 0 5 | name = var.ecs_cluster_name 6 | 7 | setting { 8 | name = "containerInsights" 9 | value = var.container_insights ? "enabled" : "disabled" 10 | } 11 | 12 | tags = merge( 13 | { "ResourceName" = var.ecs_cluster_name }, var.tags 14 | ) 15 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-cluster/outputs.tf: -------------------------------------------------------------------------------- 1 | output "ecs_cluster_id" { 2 | value = concat(aws_ecs_cluster.this.*.id, [""])[0] 3 | description = "ecs cluster id" 4 | } 5 | 6 | output "ecs_cluster_arn" { 7 | value = concat(aws_ecs_cluster.this.*.arn, [""])[0] 8 | description = "ecs cluster id" 9 | } 10 | 11 | output "ecs_cluster_name" { 12 | value = var.ecs_cluster_name 13 | description = "ecs cluster name" 14 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-cluster/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-ecs-cluster/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-cluster/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service-v2/outputs.tf: -------------------------------------------------------------------------------- 1 | output "ecs_cluster_id" { 2 | value = concat(aws_ecs_service.this.*.id, [""])[0] 3 | description = "ecs cluster id" 4 | } 5 | 6 | output "ecs_cluster_arn" { 7 | value = concat(aws_ecs_service.this.*.arn, [""])[0] 8 | description = "ecs cluster id" 9 | } 10 | 11 | output "ecs_cluster_name" { 12 | value = var.ecs_cluster_name 13 | description = "ecs cluster name" 14 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service-v2/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-ecs-service-v2/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service-v2/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service/outputs.tf: -------------------------------------------------------------------------------- 1 | output "ecs_cluster_id" { 2 | value = concat(aws_ecs_service.this.*.id, [""])[0] 3 | description = "ecs cluster id" 4 | } 5 | 6 | output "ecs_cluster_arn" { 7 | value = concat(aws_ecs_service.this.*.arn, [""])[0] 8 | description = "ecs cluster id" 9 | } 10 | 11 | output "ecs_cluster_name" { 12 | value = var.ecs_cluster_name 13 | description = "ecs cluster name" 14 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-ecs-service/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-ecs-service/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-elb/outputs.tf: -------------------------------------------------------------------------------- 1 | output "lb_id" { 2 | description = "LB id" 3 | value = try(aws_lb.this.id, "") 4 | } 5 | 6 | output "lb_arn" { 7 | description = "LB ARN" 8 | value = try(aws_lb.this.arn, "") 9 | } 10 | 11 | output "lb_tg_id" { 12 | description = "LB Target group id" 13 | value = try(aws_lb_target_group.this.id, "") 14 | } 15 | 16 | output "lb_tg_arn" { 17 | description = "LB Target group ARN" 18 | value = try(aws_lb_target_group.this.arn, "") 19 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-elb/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-elb/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-elb/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-iam-role/main.tf: -------------------------------------------------------------------------------- 1 | 2 | data "aws_iam_policy_document" "document" { 3 | version = "2012-10-17" 4 | statement { 5 | sid = "" 6 | effect = "Allow" 7 | actions = ["sts:AssumeRole"] 8 | 9 | principals { 10 | type = "Service" 11 | identifiers = var.iam_policy_identifiers #["ecs-tasks.amazonaws.com"] 12 | } 13 | } 14 | } 15 | 16 | resource "aws_iam_role" "role" { 17 | name = var.role_name 18 | assume_role_policy = data.aws_iam_policy_document.document.json 19 | } 20 | 21 | resource "aws_iam_policy_attachment" "attachment" { 22 | role = aws_iam_role.role.name 23 | policy_arn = var.policy_arn #"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" 24 | 25 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-iam-role/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_iam_role_arn" { 2 | value = try(aws_iam_role.role.arn, "") 3 | description = "role arn" 4 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-iam-role/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-iam-role/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-iam-role/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------- 2 | # Common Variables 3 | # ------------------------------------------- 4 | 5 | variable "aws_region" { 6 | description = "AWS infrastructure region" 7 | type = string 8 | default = null 9 | } 10 | 11 | 12 | variable "tags" { 13 | description = "Tag map for the resource" 14 | type = map(string) 15 | default = {} 16 | } 17 | 18 | # ------------------------------------------- 19 | # IAM Role 20 | # ------------------------------------------- 21 | 22 | variable "role_name" { 23 | description = "role_name" 24 | type = string 25 | default = "e2esa" 26 | } 27 | 28 | variable "iam_policy_identifiers" { 29 | description = "iam_policy_identifiers" 30 | type = list(string) 31 | default = [] 32 | } 33 | 34 | variable "policy_arn" { 35 | description = "policy_arn" 36 | type = string 37 | default = null 38 | } 39 | 40 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-iam-role/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-kms/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_kms_key" "kms" { 2 | description = "${var.name}-kms" 3 | customer_master_key_spec = var.customer_master_key_spec 4 | is_enabled = var.is_enabled 5 | enable_key_rotation = var.enable_key_rotation 6 | #deletion_window_in_days = var.deletion_window_in_days 7 | tags = merge({ "resourcename" = "${var.name}-kms" }, var.tags) 8 | } 9 | 10 | resource "aws_kms_alias" "alias" { 11 | target_key_id = aws_kms_key.kms.key_id 12 | name = "alias/${var.name}-kms" 13 | } 14 | 15 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-kms/outputs.tf: -------------------------------------------------------------------------------- 1 | output "arn" { 2 | description = "The Amazon Resource Name (ARN) of the key." 3 | value = try(aws_kms_key.kms.arn, "") 4 | } 5 | 6 | output "key_id" { 7 | description = "The globally unique identifier for the key." 8 | value = try(aws_kms_key.kms.key_id, "") 9 | } 10 | 11 | output "tags_all" { 12 | description = " A map of tags assigned to the resource, including those inherited from the provider default_tags" 13 | value = try(aws_kms_key.kms.tags_all, "") 14 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-kms/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-kms/readme.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-kms/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-lambda/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_lambda_arn" { 2 | description = "aws_lambda_function arn" 3 | value = try(aws_lambda_function.this.arn, "") 4 | } 5 | 6 | output "aws_lambda_invoke_arn" { 7 | description = "to be used in aws_api_gateway_integration for APIGW" 8 | value = try(aws_lambda_function.this.invoke_arn, "") 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-lambda/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | ## About the module 9 | - Provision a lambda function with IAM role 10 | - Publish Lambda and create alias -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-lambda/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-lambda/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-lambda/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-natgw/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-natgw/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-natgw/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-rds/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-rds/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-rds/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-s3/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-s3/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-s3/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-secgrp/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "this" { 2 | name = var.sg_name 3 | description = "Security group for ${var.aws_vpc_id}" 4 | vpc_id = var.aws_vpc_id 5 | 6 | ingress { 7 | description = "Ingress from VPC ${var.aws_vpc_id}" 8 | from_port = var.app_port #443 9 | to_port = var.app_port #443 10 | protocol = "tcp" 11 | cidr_blocks = var.aws_vpc_main_cidr_block #[aws_vpc.main.cidr_block] 12 | #ipv6_cidr_blocks = [aws_vpc.main.ipv6_cidr_block] 13 | } 14 | 15 | egress { 16 | from_port = 0 17 | to_port = 0 18 | protocol = "-1" # allow all outbound 19 | cidr_blocks = [var.allow_all_ips] #["0.0.0.0/0"] 20 | #ipv6_cidr_blocks = ["::/0"] 21 | } 22 | 23 | tags = merge( 24 | { "ResourceName" = var.sg_name }, var.tags 25 | ) 26 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-secgrp/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_security_group_id" { 2 | value = try(aws_security_group.this.id, "") 3 | description = "security group id" 4 | } 5 | 6 | output "aws_security_group_arn" { 7 | value = try(aws_security_group.this.arn, "") 8 | description = "security group arn" 9 | } -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-secgrp/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-secgrp/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-secgrp/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-vpc/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-vpc/outputs.tf -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-vpc/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/modules/e2esa-module-aws-vpc/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/modules/e2esa-module-aws-vpc/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/modules/readme.md: -------------------------------------------------------------------------------- 1 | Modules notes 2 | 3 | ``` 4 | module "module-name"{ 5 | source ="git::https://github.com/e2eSolutionArchitect/terraform.git//provider/aws/modules/e2esa-aws-vpc?ref=main" 6 | source ="git::https://github.com/e2eSolutionArchitect/terraform.git///?ref=" 7 | } 8 | 9 | ``` 10 | -------------------------------------------------------------------------------- /providers/aws/modules/template-e2esa-module-aws/main.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "name" "this" { 3 | name = "${var.name}-name" 4 | tags = merge( 5 | { "resourcename" = "${var.name}-name" }, var.tags 6 | ) 7 | } -------------------------------------------------------------------------------- /providers/aws/modules/template-e2esa-module-aws/outputs.tf: -------------------------------------------------------------------------------- 1 | output "id" { 2 | description = "id" 3 | value = try(aws_lb.this.id, "") 4 | } 5 | 6 | output "arn" { 7 | description = "arn" 8 | value = try(aws_lb.this.arn, "") 9 | } 10 | 11 | output "tags_all" { 12 | description = " A map of tags assigned to the resource, including those inherited from the provider default_tags" 13 | value = try(aws_lb.this.tags_all, "") 14 | } 15 | -------------------------------------------------------------------------------- /providers/aws/modules/template-e2esa-module-aws/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /providers/aws/packer/aws-ami.json: -------------------------------------------------------------------------------- 1 | { 2 | "builders": [ 3 | { 4 | "type": "amazon-ebs", 5 | "region": "us-east-1", 6 | "source_ami": "ami-09d56f8956ab235b3", 7 | "instance_type": "t2.micro", 8 | "ssh_username": "ubuntu", 9 | "ami_name": "e2esa-ami {{timestamp}}" 10 | } 11 | ], 12 | "provisioners": [ 13 | { 14 | "type": "shell", 15 | "script": "provision.sh" 16 | } 17 | ] 18 | } -------------------------------------------------------------------------------- /providers/aws/packer/aws-ami.pkr.hcl: -------------------------------------------------------------------------------- 1 | # If you have your default VPC available then 2 | 3 | packer { 4 | required_plugins { 5 | amazon = { 6 | version = ">= 0.0.2" 7 | source = "github.com/hashicorp/amazon" 8 | } 9 | } 10 | } 11 | 12 | source "amazon-ebs" "ubuntu" { 13 | ami_name = "e2esa-aws-ubuntu" 14 | instance_type = "t2.micro" 15 | region = "us-east-1" 16 | source_ami = "ami-0c4f7023847b90238" 17 | ssh_username = "ubuntu" 18 | } 19 | 20 | build { 21 | name = "e2esa-packer" 22 | sources = [ 23 | "source.amazon-ebs.ubuntu" 24 | ] 25 | } 26 | -------------------------------------------------------------------------------- /providers/aws/packer/provision.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | sudo apt-get -y update -------------------------------------------------------------------------------- /providers/aws/packer/readme.md: -------------------------------------------------------------------------------- 1 | Please check HashiCorp [packer repository here](https://github.com/e2eSolutionArchitect/hashicorp-packer) 2 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa" 3 | prefix = "acm" 4 | org_unit = "E2ESA" 5 | business_unit = "SMB-INT" # SMB-INT - Small & Medium Business in Org, "SMB-EXTR" - SMB External 6 | cost_center = "CCAWS0000" 7 | appid = "APP001" 8 | 9 | # General 10 | aws_region = "us-east-1" 11 | suffix = "01" 12 | 13 | # CF 14 | domain_name = "mydomain.com" -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/main.tf: -------------------------------------------------------------------------------- 1 | 2 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 3 | 4 | locals { 5 | name = "${var.project}-${var.prefix}" 6 | tags = { 7 | project = var.project 8 | orgunit = var.org_unit 9 | businessunit = var.business_unit 10 | costcenter = var.cost_center 11 | createdby = var.createdby 12 | createdon = timestamp() 13 | appid = var.appid 14 | environment = terraform.workspace 15 | } 16 | } 17 | 18 | module "acm" { 19 | source = "../../modules/e2esa-module-aws-acm" 20 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-acm?ref=main" 21 | name = "${local.name}-${var.suffix}" 22 | domain_name = var.domain_name 23 | additional_domain_names = var.additional_domain_names 24 | tags = merge({ "resourcename" = "${local.name}-${var.suffix}" }, local.tags) 25 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/outputs.tf: -------------------------------------------------------------------------------- 1 | output "acm_id" { 2 | value = try(module.acm.id, "") 3 | description = "id" 4 | } 5 | 6 | output "acm_arn" { 7 | value = try(module.acm.arn, "") 8 | description = "arn" 9 | } 10 | 11 | 12 | output "acm_domain_name" { 13 | value = try(module.acm.domain_name, "") 14 | description = "acm_domain_name" 15 | } 16 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-acm/readme.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-acm/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "prefix" {} 5 | variable "suffix" {} 6 | variable "createdby" {} 7 | variable "org_unit" {} 8 | variable "business_unit" {} 9 | variable "cost_center" {} 10 | variable "appid" {} 11 | 12 | # General 13 | variable "aws_region" {} 14 | 15 | variable "domain_name" {} 16 | variable "additional_domain_names" {} 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-acm/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | 10 | # TF State Management 11 | # Variables not allowed in backend block. 12 | backend "s3" { 13 | bucket = "e2esa-tf-states" 14 | key = "spm-acm/terraform.tfstate" 15 | region = "us-east-1" 16 | dynamodb_table = "e2esa-tf-locks" 17 | encrypt = true 18 | profile = "default2" 19 | } 20 | } 21 | 22 | # provider block 23 | 24 | provider "aws" { 25 | profile = "default2" 26 | region = var.aws_region 27 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-backup/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa-rds" 3 | prefix = "backup" 4 | org_unit = "E2ESA" 5 | business_unit = "SMB-INT" # SMB-INT - Small & Medium Business in Org, "SMB-EXTR" - SMB External 6 | cost_center = "CCAWS0000" 7 | appid = "APP001" 8 | # General 9 | aws_region = "us-east-1" 10 | 11 | # AWS Backup 12 | 13 | suffix = "bkup01" 14 | plan_schedule = "cron(0 12 * * ? *)" 15 | cold_storage_after = 1 16 | delete_after = 91 # must be 90 days greater than cold_storage_after 17 | s3_bucket_for_aws_backup="e2esa-bucket-for-aws-backup" 18 | kms_name="backup" 19 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-backup/backup-plan.tf: -------------------------------------------------------------------------------- 1 | resource "aws_backup_plan" "plan" { 2 | name = "${local.name}-baclup-plan-${var.suffix}" 3 | rule { 4 | rule_name = "${local.name}-baclup-rule-${var.suffix}" 5 | target_vault_name = aws_backup_vault.vault.name 6 | schedule = var.plan_schedule 7 | lifecycle { 8 | cold_storage_after = var.cold_storage_after 9 | delete_after = var.delete_after 10 | } 11 | } 12 | tags = merge({ "resourcename" = "${local.name}-backup-plan-${var.suffix}" }, local.tags) 13 | 14 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-backup/backup-report-plan.tf: -------------------------------------------------------------------------------- 1 | resource "aws_backup_report_plan" "example" { 2 | name = "${local.name}-backup-report-${var.suffix}" 3 | description = "${local.name}-backup-report-${var.suffix}" 4 | 5 | report_delivery_channel { 6 | formats = [ 7 | "CSV", 8 | "JSON" 9 | ] 10 | s3_bucket_name = var.s3_bucket_for_aws_backup 11 | s3_key_prefix = "reports" 12 | } 13 | 14 | report_setting { 15 | report_template = "RESTORE_JOB_REPORT" 16 | } 17 | 18 | tags = merge({ "resourcename" = "${local.name}-backup-plan-${var.suffix}" }, local.tags) 19 | 20 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-backup/backup-selection.tf: -------------------------------------------------------------------------------- 1 | resource "aws_backup_selection" "selection" { 2 | iam_role_arn = aws_iam_role.backup_role.arn 3 | name = "${local.name}-backup-selection-${var.suffix}" 4 | plan_id = aws_backup_plan.plan.id 5 | selection_tag { 6 | type = "STRINGEQUALS" 7 | key = "is-backup-enabled" 8 | value = "true" 9 | } 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-backup/backup-vault-policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_backup_vault_policy" "vault-policy" { 2 | backup_vault_name = aws_backup_vault.vault.name 3 | 4 | policy = < { 7 | var ssm= new aws.SSM(); 8 | console.log('Received event:',JSON.stringify(event,null,2)); 9 | const instanceId = event.detail.EC2InstanceId; 10 | console.log('instanceId:',instanceId); 11 | 12 | var params= { 13 | Documentation: "AWS-RunShellScript", 14 | InstanceIds: [instanceId], 15 | TimeoutSeconds: 30, 16 | Parameters: { 17 | 'commands' : 'sudo /usr/local/bin/aws --region us-east-1 s3 cp /var/log/cloud-init.log s3://mybucket'} 18 | } 19 | const data = await ssm.sendCommand(params).promise() 20 | const response = { 21 | statusCode: 200, 22 | body: JSON.stringify('Run Command executed'), 23 | }; 24 | console.log('data:',data); 25 | //return response; 26 | callback(null,'Finished') 27 | }; 28 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/lambda.tf: -------------------------------------------------------------------------------- 1 | module "aws_lambda" { 2 | source = "../../modules/e2esa-module-aws-lambda" 3 | lambda_filename_zip = var.lambda_filename_zip 4 | lambda_function_name = var.lambda_function_name 5 | lambda_role_arn = var.lambda_role_arn 6 | lambda_handler = var.lambda_handler 7 | lambda_runtime = var.lambda_runtime 8 | tags = local.tags 9 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/outputs.tf: -------------------------------------------------------------------------------- 1 | output "asg_arn" { 2 | description = "Auto Scaling Group ARN" 3 | value = try(aws_autoscaling_group.this.arn, "") 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/s3.tf: -------------------------------------------------------------------------------- 1 | module "aws_s3_bucket" { 2 | source = "../../modules/e2esa-module-aws-s3" 3 | s3_bucket_name = var.s3_bucket_name 4 | enable_lifecycle_rule = var.enable_lifecycle_rule 5 | s3_versioning = var.s3_versioning 6 | tags = local.tags 7 | } 8 | 9 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/sns.tf: -------------------------------------------------------------------------------- 1 | 2 | ## Create SNS module and invoke here -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-asg-eventbridge-lambda/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/datasource.tf: -------------------------------------------------------------------------------- 1 | # data "aws_network_interface" "this" { 2 | # count = length(var.lb_subnets) 3 | # filter { 4 | # name = "description" 5 | # values = ["ELB app/${var.project}/*"] # if Network LB then use 'net' ["ELB net/${var.project}/*"] 6 | # } 7 | 8 | # filter { 9 | # name = "subnet-id" 10 | # values = ["${element(var.lb_subnets, count.index)}"] 11 | # } 12 | 13 | # depends_on = [module.aws_lb] 14 | # } 15 | 16 | # resource "aws_security_group" "lb_sg" { 17 | # vpc_id = var.vpc_id 18 | # ingress { 19 | # cidr_blocks = formatlist("%s/32", flatten(data.aws_network_interface.this.*.private_ips)) 20 | # description = "Allow connection from load balancer" 21 | # from_port = 0 22 | # to_port = 0 23 | # protocol = "-1" 24 | # } 25 | # depends_on = [module.aws_lb] 26 | # } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/ec2-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | sudo apt-get update -y 3 | sudo apt install apache2 -y 4 | sudo systemctl status apache2 -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/outputs.tf: -------------------------------------------------------------------------------- 1 | output "asg_arn" { 2 | description = "Auto Scaling Group ARN" 3 | value = try(aws_autoscaling_group.this.arn, "") 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ec2-autoscaling/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "createdby" {} 5 | # General 6 | variable "aws_region" {} 7 | 8 | # Load Balancer 9 | variable "lb_name" {} 10 | variable "lb_internal" {} 11 | variable "lb_load_balancer_type" {} 12 | variable "lb_security_groups" {} 13 | variable "lb_subnets" {} 14 | variable "lb_enable_deletion_protection" {} 15 | variable "lb_target_port" {} 16 | variable "lb_protocol" {} 17 | variable "lb_target_type" {} 18 | variable "vpc_id" {} 19 | variable "lb_listener_port" {} 20 | variable "lb_listener_protocol" {} 21 | 22 | 23 | # Launch Template 24 | 25 | variable "image_id" {} 26 | variable "instance_type" {} 27 | variable "key_name" {} 28 | variable "vpc_security_group_ids" {} 29 | 30 | 31 | # Auto Scaling 32 | variable "max_size" {} 33 | variable "min_size" {} 34 | variable "desired_capacity" {} 35 | variable "asg_health_check_type" {} 36 | variable "target_group_arns" {} -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-autoscaling/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa-tutorials" 3 | 4 | # General 5 | aws_region = "us-east-1" 6 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_instance_arn" { 2 | value = module.ec2.aws_instance_arn 3 | description = "aws_instance arn" 4 | } 5 | 6 | output "aws_instance_public_dns" { 7 | value = module.ec2.aws_instance_public_dns 8 | description = "aws_instance public_dns" 9 | } 10 | 11 | output "aws_instance_public_ip" { 12 | value = module.ec2.aws_instance_public_ip 13 | description = "aws_instance public_ip" 14 | } 15 | 16 | output "aws_ebs_volume_volume_id" { 17 | value = module.ec2.aws_ebs_volume_volume_id 18 | description = "aws_ebs_volume volume_id" 19 | } 20 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ec2-v2/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "createdby" {} 5 | # General 6 | variable "aws_region" {} 7 | 8 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2-v2/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | # provider "aws" { 14 | # profile = "default" 15 | # region = var.aws_region 16 | # } 17 | 18 | provider "aws" { 19 | profile = "default" 20 | region = lookup(var.awsprops, "region") 21 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa-tutorials" 3 | 4 | # General 5 | aws_region = "us-east-1" 6 | 7 | ami = "ami-08d4ac5b634553e16" 8 | availability_zone = "us-east-1a" 9 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/main.tf: -------------------------------------------------------------------------------- 1 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 2 | 3 | locals { 4 | tags = { 5 | Project = var.project 6 | createdby = var.createdby 7 | CreatedOn = timestamp() 8 | Environment = terraform.workspace 9 | } 10 | } 11 | 12 | module "ec2" { 13 | source = "../../modules/e2esa-module-aws-ec2" 14 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-ec2?ref=main" 15 | #for_each = toset(var.ec2_names) # toset(["ec21","ec22"]) 16 | count = var.loop_cnt 17 | ami = var.ami 18 | availability_zone = var.availability_zone 19 | tags = merge({ "ResourceName" = "${var.project}-ec2" }, local.tags) 20 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_instance_arn" { 2 | value = module.ec2.*.aws_instance_arn #module.ec2.aws_instance_arn 3 | description = "aws_instance arn" 4 | } 5 | 6 | output "aws_instance_public_dns" { 7 | value = module.ec2.*.aws_instance_public_dns #module.ec2.aws_instance_public_dns 8 | description = "aws_instance public_dns" 9 | } 10 | 11 | output "aws_instance_public_ip" { 12 | value = module.ec2.*.aws_instance_public_ip #module.ec2.aws_instance_public_ip 13 | description = "aws_instance public_ip" 14 | } 15 | 16 | output "aws_ebs_volume_id" { 17 | value = module.ec2.*.aws_ebs_volume_id #module.ec2.aws_ebs_volume_id 18 | description = "aws_ebs_volume volume_id" 19 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ec2/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "createdby" {} 5 | # General 6 | variable "aws_region" {} 7 | 8 | # EC2 9 | variable "ami" {} 10 | variable "availability_zone" {} 11 | variable "ec2_names" {} 12 | variable "loop_cnt" {} 13 | 14 | variable "lb_target_tags_map" { 15 | description = "Tag map for the LB target resources" 16 | type = map(string) 17 | default = {} 18 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ec2/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | 18 | # terraform { 19 | # cloud { 20 | # organization = "e2esolutionarchitect" 21 | 22 | # workspaces { 23 | # name = "e2esa-ws-aws-ec2" 24 | # } 25 | # } 26 | # } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa-tutorials" 3 | 4 | # General 5 | aws_region = "us-east-1" 6 | profile = "development" 7 | environment = "dev" 8 | 9 | # Backend 10 | backend_s3_bucket = "tf_states" 11 | backend_dynamodb_table = "tf_locks" 12 | 13 | # ECS 14 | create_ecs_cluster = true 15 | ecs_cluster_name = "e2esa-cluster-dev" 16 | container_insights = false 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/dev-backend.conf: -------------------------------------------------------------------------------- 1 | bucket = "e2esa-tf-states" 2 | key = "ecs-cluster/terraform.tfstate" 3 | region = "us-east-1" 4 | dynamodb_table = "e2esa-tf-locks" 5 | encrypt = true 6 | profile = "development" -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/outputs.tf: -------------------------------------------------------------------------------- 1 | 2 | output "ecs_cluster_id" { 3 | value = module.ecs_cluster.ecs_cluster_id 4 | description = "ecs cluster id" 5 | } 6 | 7 | output "ecs_cluster_arn" { 8 | value = module.ecs_cluster.ecs_cluster_arn 9 | description = "ecs cluster id" 10 | } 11 | 12 | output "ecs_cluster_name" { 13 | value = module.ecs_cluster.ecs_cluster_name 14 | description = "ecs cluster name" 15 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/prd-backend.conf: -------------------------------------------------------------------------------- 1 | bucket = "somcloud-tf-states" 2 | key = "ecs-cluster/terraform.tfstate" 3 | region = "us-east-1" 4 | dynamodb_table = "somcloud-tf-locks" 5 | encrypt = true 6 | profile = "production" -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ecs-cluster/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/variables.tf: -------------------------------------------------------------------------------- 1 | # Tags 2 | variable "project" {} 3 | variable "createdby" {} 4 | 5 | # General 6 | variable "aws_region" {} 7 | variable "profile" {} 8 | variable "environment" {} 9 | 10 | # Backend 11 | variable "backend_s3_bucket" {} 12 | variable "backend_dynamodb_table" {} 13 | 14 | # ECS 15 | variable "create_ecs_cluster" {} 16 | variable "ecs_cluster_name" {} 17 | variable "container_insights" {} 18 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-cluster/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.1.6" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | #backend "s3" {} 10 | } 11 | 12 | # provider block 13 | 14 | provider "aws" { 15 | profile = var.profile 16 | region = var.aws_region 17 | } 18 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-service/outputs.tf: -------------------------------------------------------------------------------- 1 | 2 | output "ecs_cluster_id" { 3 | value = module.ecs_cluster.ecs_cluster_id 4 | description = "ecs cluster id" 5 | } 6 | 7 | output "ecs_cluster_arn" { 8 | value = module.ecs_cluster.ecs_cluster_arn 9 | description = "ecs cluster id" 10 | } 11 | 12 | output "ecs_cluster_name" { 13 | value = module.ecs_cluster.ecs_cluster_name 14 | description = "ecs cluster name" 15 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-service/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-service/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-ecs-service/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-ecs-service/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.1.6" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | 10 | # TF State Management 11 | 12 | backend "s3" { 13 | bucket = "e2esa-tf-states" 14 | key = "ecs-cluster/terraform.tfstate" 15 | region = var.aws_region 16 | dynamodb_table = var.backend_dynamodb_table 17 | encrypt = true 18 | profile = "default" 19 | } 20 | 21 | } 22 | 23 | # Provider block 24 | 25 | provider "aws" { 26 | profile = "default" 27 | region = var.aws_region 28 | sts_region = var.aws_region 29 | assume_role { 30 | role_arn = "arn:aws:iam:::role/" 31 | } 32 | endpoints { 33 | s3 = "s3.us-east-1.amazonaws.com" 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/app_tfvars: -------------------------------------------------------------------------------- 1 | # terraform apply -var-file="dev-app.tfvars" 2 | 3 | # Common 4 | project = "e2esa-demo" 5 | prefix ="kubectl" 6 | 7 | # General 8 | aws_region = "us-east-1" 9 | createdby = "e2esa" 10 | 11 | 12 | # EKS Manager 13 | ami = "ami-08c40ec9ead489470" #Canonical, Ubuntu, 22.04 LTS, amd64 jammy image build on 2022-09-12 14 | availability_zone = "us-east-1a" 15 | instance_type = "t2.medium" 16 | associate_public_ip_address = true 17 | subnet_id = "subnet-#####" 18 | vpc_security_group_ids = ["sg-######"] 19 | key_name = "e2esa-kp" 20 | iam_instance_profile = "manager_iam_profile" 21 | disable_api_termination = false 22 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/eks-manager-ec2.tf: -------------------------------------------------------------------------------- 1 | 2 | # this is a statis VM to execute kubectl commands in nodes 3 | 4 | resource "aws_instance" "eks-manager" { 5 | ami = var.ami 6 | instance_type = var.instance_type 7 | associate_public_ip_address = var.associate_public_ip_address 8 | availability_zone = var.availability_zone 9 | subnet_id = var.subnet_id 10 | vpc_security_group_ids = var.vpc_security_group_ids 11 | user_data = templatefile("${path.module}/init.sh", {}) 12 | key_name = var.key_name 13 | iam_instance_profile = "${local.name}-${var.iam_instance_profile}" 14 | disable_api_termination = var.disable_api_termination 15 | tags = merge({ "ResourceName" = "eks_manager" }, local.tags) 16 | depends_on = [aws_iam_role.role] 17 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/main.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | name = "${var.project}-${var.prefix}" 3 | tags = { 4 | Project = var.project 5 | createdby = var.createdby 6 | CreatedOn = timestamp() 7 | Environment = terraform.workspace 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_instance_arn" { 2 | value = aws_instance.eks-manager.arn 3 | description = "aws_instance arn" 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-eks-bastion-ec2/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/variables.tf: -------------------------------------------------------------------------------- 1 | # Tags 2 | variable "project" {} 3 | variable "prefix" {} 4 | variable "createdby" {} 5 | 6 | # General 7 | variable "aws_region" {} 8 | 9 | # EKS Manager 10 | variable "ami" {} 11 | variable "instance_type" {} 12 | variable "associate_public_ip_address" {} 13 | variable "availability_zone" {} 14 | variable "subnet_id" {} 15 | variable "vpc_security_group_ids" {} 16 | variable "iam_instance_profile" {} 17 | variable "disable_api_termination" {} 18 | variable "key_name" {} 19 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-bastion-ec2/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/cloudwatch.tf: -------------------------------------------------------------------------------- 1 | module "cloudwatch" { 2 | source = "../../modules/e2esa-module-aws-cloudwatch" 3 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-cloudwatch?ref=main" 4 | aws_region = var.aws_region 5 | # The log group name format is /aws/eks//cluster 6 | # Reference: https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html 7 | cw_name = "/aws/eks/${local.name}-${var.cluster_name}/cluster" 8 | retention_in_days = 30 9 | tags = merge({ "ResourceName" = "${local.name}-${var.cluster_name}" }, local.tags) 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/eks-console-full-access.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: eks-console-dashboard-full-access-clusterrole 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - nodes 10 | - namespaces 11 | - pods 12 | verbs: 13 | - get 14 | - list 15 | - apiGroups: 16 | - apps 17 | resources: 18 | - deployments 19 | - daemonsets 20 | - statefulsets 21 | - replicasets 22 | verbs: 23 | - get 24 | - list 25 | - apiGroups: 26 | - batch 27 | resources: 28 | - jobs 29 | verbs: 30 | - get 31 | - list 32 | --- 33 | apiVersion: rbac.authorization.k8s.io/v1 34 | kind: ClusterRoleBinding 35 | metadata: 36 | name: eks-console-dashboard-full-access-binding 37 | subjects: 38 | - kind: Group 39 | name: eks-console-dashboard-full-access-group 40 | apiGroup: rbac.authorization.k8s.io 41 | roleRef: 42 | kind: ClusterRole 43 | name: eks-console-dashboard-full-access-clusterrole 44 | apiGroup: rbac.authorization.k8s.io -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/eks-manager-ec2.tf: -------------------------------------------------------------------------------- 1 | 2 | # this is a statis VM to execute kubectl commands in nodes 3 | 4 | resource "aws_instance" "eks-manager" { 5 | ami = var.ami 6 | instance_type = var.instance_type 7 | associate_public_ip_address = var.associate_public_ip_address 8 | availability_zone = var.availability_zone 9 | subnet_id = var.subnet_id 10 | vpc_security_group_ids = var.vpc_security_group_ids 11 | user_data = templatefile("${path.module}/init.sh", {}) 12 | key_name = var.key_name 13 | iam_instance_profile = "${local.name}-${var.iam_instance_profile}" 14 | disable_api_termination = var.disable_api_termination 15 | tags = merge({ "ResourceName" = "eks_manager" }, local.tags) 16 | depends_on = [aws_iam_role.role] 17 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/iam-oicd.tf: -------------------------------------------------------------------------------- 1 | data "tls_certificate" "eks" { 2 | url = aws_eks_cluster.cluster.identity[0].oidc[0].issuer 3 | } 4 | 5 | resource "aws_iam_openid_connect_provider" "eks" { 6 | client_id_list = ["sts.amazonaws.com"] 7 | thumbprint_list = [data.tls_certificate.eks.certificates[0].sha1_fingerprint] 8 | url = aws_eks_cluster.cluster.identity[0].oidc[0].issuer 9 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/main.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | name = "${var.project}-${var.prefix}" 3 | tags = { 4 | Project = var.project 5 | createdby = var.createdby 6 | CreatedOn = timestamp() 7 | Environment = terraform.workspace 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/nat-gateway.tf: -------------------------------------------------------------------------------- 1 | module "aws_natgw" { 2 | prefix = local.name 3 | source = "../../modules/e2esa-module-aws-natgw" 4 | vpc_id = var.vpc_id 5 | nat_public_subnet_id = var.nat_public_subnet_id 6 | nat_private_subnet_id = var.nat_private_subnet_id 7 | tags = local.tags 8 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2-v1/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/alb.tf: -------------------------------------------------------------------------------- 1 | 2 | module "aws_lb" { 3 | source = "../../modules/e2esa-module-aws-elb" 4 | name = "${local.name}-${var.lb_name}" 5 | internal = var.lb_internal 6 | load_balancer_type = var.lb_load_balancer_type 7 | security_groups = var.lb_security_groups 8 | subnets = var.lb_subnets 9 | enable_deletion_protection = var.lb_enable_deletion_protection 10 | 11 | lb_target_port = var.lb_target_port 12 | lb_protocol = var.lb_protocol 13 | lb_target_type = var.lb_target_type 14 | vpc_id = var.vpc_id 15 | 16 | lb_listener_port = var.lb_listener_port 17 | lb_listener_protocol = var.lb_listener_protocol 18 | 19 | tags = local.tags 20 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/cloudwatch.tf: -------------------------------------------------------------------------------- 1 | module "cloudwatch" { 2 | source = "../../modules/e2esa-module-aws-cloudwatch" 3 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-cloudwatch?ref=main" 4 | aws_region = var.aws_region 5 | # The log group name format is /aws/eks//cluster 6 | # Reference: https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html 7 | cw_name = "/aws/eks/${local.name}-${var.cluster_name}/cluster" 8 | retention_in_days = 30 9 | tags = merge({ "ResourceName" = "${local.name}-${var.cluster_name}" }, local.tags) 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/eks-manager-ec2.tf: -------------------------------------------------------------------------------- 1 | 2 | # this is a statis VM to execute kubectl commands in nodes 3 | 4 | resource "aws_instance" "eks-manager" { 5 | ami = var.ami 6 | instance_type = var.instance_type 7 | associate_public_ip_address = var.associate_public_ip_address 8 | availability_zone = var.availability_zone 9 | subnet_id = var.subnet_id 10 | vpc_security_group_ids = var.vpc_security_group_ids 11 | user_data = templatefile("${path.module}/init.sh", {}) 12 | key_name = var.key_name 13 | iam_instance_profile = "${local.name}-${var.iam_instance_profile}" 14 | disable_api_termination = var.disable_api_termination 15 | tags = merge({ "ResourceName" = "eks_manager" }, local.tags) 16 | depends_on = [aws_iam_role.role] 17 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/main.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | name = "${var.project}-${var.prefix}" 3 | tags = { 4 | Project = var.project 5 | createdby = var.createdby 6 | CreatedOn = timestamp() 7 | Environment = terraform.workspace 8 | } 9 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/nat-gateway.tf: -------------------------------------------------------------------------------- 1 | module "aws_natgw" { 2 | prefix = local.name 3 | source = "../../modules/e2esa-module-aws-natgw" 4 | vpc_id = var.vpc_id 5 | nat_public_subnet_id = var.nat_public_subnet_id 6 | nat_private_subnet_id = var.nat_private_subnet_id 7 | tags = local.tags 8 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-eks-ec2/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-ec2/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-fargate/cloudwatch.tf: -------------------------------------------------------------------------------- 1 | module "cloudwatch" { 2 | source = "../../modules/e2esa-module-aws-cloudwatch" 3 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-cloudwatch?ref=main" 4 | aws_region = var.aws_region 5 | # The log group name format is /aws/eks//cluster 6 | # Reference: https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html 7 | cw_name = "/aws/eks/${local.name}-${var.cluster_name}/cluster" 8 | retention_in_days = 30 9 | tags = merge({ "ResourceName" = "${local.name}-${var.cluster_name}" }, local.tags) 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-fargate/main.tf: -------------------------------------------------------------------------------- 1 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 2 | 3 | locals { 4 | name = "${var.project}-${var.prefix}" 5 | tags = { 6 | project = var.project 7 | orgunit = var.org_unit 8 | businessunit = var.business_unit 9 | costcenter = var.cost_center 10 | createdby = var.createdby 11 | createdon = timestamp() 12 | appid = var.appid 13 | environment = terraform.workspace 14 | } 15 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-fargate/nat-gateway.tf: -------------------------------------------------------------------------------- 1 | module "aws_natgw" { 2 | prefix = local.name 3 | source = "../../modules/e2esa-module-aws-natgw" 4 | vpc_id = var.vpc_id 5 | nat_public_subnet_id = var.nat_public_subnet_id 6 | nat_private_subnet_id = var.nat_private_subnet_id 7 | tags = local.tags 8 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-fargate/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-eks-fargate/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-fargate/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/alb.tf: -------------------------------------------------------------------------------- 1 | 2 | module "aws_lb" { 3 | source = "../../modules/e2esa-module-aws-elb" 4 | name = "${local.name}-${var.lb_name}" 5 | internal = var.lb_internal 6 | load_balancer_type = var.lb_load_balancer_type 7 | security_groups = var.lb_security_groups 8 | subnets = var.lb_subnets 9 | enable_deletion_protection = var.lb_enable_deletion_protection 10 | 11 | lb_target_port = var.lb_target_port 12 | lb_protocol = var.lb_protocol 13 | lb_target_type = var.lb_target_type 14 | vpc_id = var.vpc_id 15 | 16 | lb_listener_port = var.lb_listener_port 17 | lb_listener_protocol = var.lb_listener_protocol 18 | lb_target_tags_map = var.lb_target_tags_map 19 | tags = local.tags 20 | # depends_on = [ 21 | # aws_eks_cluster.eks_cluster 22 | # ] 23 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/cloudwatch.tf: -------------------------------------------------------------------------------- 1 | module "cloudwatch" { 2 | source = "../../modules/e2esa-module-aws-cloudwatch" 3 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-cloudwatch?ref=main" 4 | aws_region = var.aws_region 5 | # The log group name format is /aws/eks//cluster 6 | # Reference: https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html 7 | cw_name = "/aws/eks/${local.name}-${var.cluster_name}/cluster" 8 | retention_in_days = 30 9 | tags = merge({ "ResourceName" = "${local.name}-${var.cluster_name}" }, local.tags) 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/eks-manager-ec2.tf: -------------------------------------------------------------------------------- 1 | 2 | # this is a statis VM to execute kubectl commands in nodes 3 | 4 | resource "aws_instance" "eks-manager" { 5 | ami = var.ami 6 | instance_type = var.instance_type 7 | associate_public_ip_address = var.associate_public_ip_address 8 | availability_zone = var.availability_zone 9 | subnet_id = var.subnet_id 10 | vpc_security_group_ids = var.vpc_security_group_ids 11 | user_data = templatefile("${path.module}/init.sh", {}) 12 | key_name = var.key_name 13 | iam_instance_profile = "${local.name}-${var.iam_instance_profile}" 14 | disable_api_termination = var.disable_api_termination 15 | tags = merge({ "ResourceName" = "eks_manager" }, local.tags) 16 | depends_on = [aws_iam_role.role] 17 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/main.tf: -------------------------------------------------------------------------------- 1 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 2 | 3 | locals { 4 | name = "${var.project}-${var.prefix}" 5 | tags = { 6 | project = var.project 7 | orgunit = var.org_unit 8 | businessunit = var.business_unit 9 | costcenter = var.cost_center 10 | createdby = var.createdby 11 | createdon = timestamp() 12 | appid = var.appid 13 | environment = terraform.workspace 14 | } 15 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/nat-gateway.tf: -------------------------------------------------------------------------------- 1 | # module "aws_natgw" { 2 | # prefix = local.name 3 | # source = "../../modules/e2esa-module-aws-natgw" 4 | # vpc_id = var.vpc_id 5 | # nat_public_subnet_id = var.nat_public_subnet_id 6 | # nat_private_subnet_id = var.nat_private_subnet_id 7 | # tags = local.tags 8 | # } 9 | 10 | # Creating two NATGWs to map two subnets from different AZs 11 | # nat_subnets is list of maps 12 | module "aws_natgw" { 13 | count = length(var.nat_subnets) 14 | prefix = local.name 15 | source = "../../modules/e2esa-module-aws-natgw" 16 | vpc_id = var.vpc_id 17 | nat_public_subnet_id = var.nat_subnets[count.index].public_sn 18 | nat_private_subnet_id = var.nat_subnets[count.index].private_sn 19 | tags = local.tags 20 | } 21 | 22 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-eks-standard/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-eks-standard/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "e2esa-tutorials" 3 | 4 | # General 5 | aws_region = "us-east-1" 6 | 7 | 8 | # Load Balancer 9 | lb_name = "mylb" 10 | lb_internal = false 11 | lb_load_balancer_type = "application" 12 | lb_security_groups = ["sg-####"] 13 | lb_subnets = ["subnet-####", "subnet-####"] 14 | lb_enable_deletion_protection = false 15 | lb_target_port = 80 16 | lb_protocol = "HTTP" 17 | lb_target_type = "instance" 18 | vpc_id = "vpc-####" 19 | lb_listener_port = 80 20 | lb_listener_protocol = "HTTP" -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-elb/outputs.tf -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-elb/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "createdby" {} 5 | variable "prefix" {} 6 | # General 7 | variable "aws_region" {} 8 | 9 | # Load Balancer 10 | variable "lb_name" {} 11 | variable "lb_internal" {} 12 | variable "lb_load_balancer_type" {} 13 | variable "lb_security_groups" {} 14 | variable "lb_subnets" {} 15 | variable "lb_enable_deletion_protection" {} 16 | variable "lb_target_port" {} 17 | variable "lb_protocol" {} 18 | variable "lb_target_type" {} 19 | variable "vpc_id" {} 20 | variable "lb_listener_port" {} 21 | variable "lb_listener_protocol" {} 22 | 23 | variable "lb_target_tags_map" { 24 | description = "Tag map for the LB target resources" 25 | type = map(string) 26 | default = {} 27 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-elb/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-fargate-blue-green/datasource.tf: -------------------------------------------------------------------------------- 1 | data "aws_network_interface" "this" { 2 | count = length(var.lb_subnets) 3 | filter { 4 | name = "description" 5 | values = ["ELB app/${var.project}/*"] # if Network LB then use 'net' ["ELB net/${var.project}/*"] 6 | } 7 | 8 | filter { 9 | name = "subnet-id" 10 | values = ["${element(var.lb_subnets, count.index)}"] 11 | } 12 | 13 | depends_on = [module.aws_lb] 14 | } 15 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-fargate-blue-green/iam_role.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_iam_role" "this" { 3 | name = "iam-${var.project}-codedeploy" 4 | 5 | assume_role_policy = < { 2 | // TODO implement 3 | const response = { 4 | statusCode: 200, 5 | body: JSON.stringify('Hello from NEW Lambda v5'), 6 | }; 7 | return response; 8 | }; 9 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/index.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-lambda/index.zip -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/main.tf: -------------------------------------------------------------------------------- 1 | 2 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 3 | 4 | locals { 5 | tags = { 6 | Project = var.project 7 | createdby = var.createdby 8 | CreatedOn = timestamp() 9 | Environment = terraform.workspace 10 | } 11 | } 12 | 13 | module "aws_lambda" { 14 | source = "../../modules/e2esa-module-aws-lambda" 15 | lambda_filename_zip = var.lambda_filename_zip 16 | lambda_function_name = var.lambda_function_name 17 | lambda_role_arn = var.lambda_role_arn 18 | lambda_handler = var.lambda_handler 19 | lambda_runtime = var.lambda_runtime 20 | tags = local.tags 21 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/outputs.tf: -------------------------------------------------------------------------------- 1 | output "aws_lambda_arn" { 2 | value = module.aws_lambda.aws_lambda_arn 3 | description = "aws_lambda arn" 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-lambda/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "createdby" {} 5 | # General 6 | variable "aws_region" {} 7 | 8 | #Lambda 9 | variable "lambda_filename_zip" {} 10 | variable "lambda_function_name" {} 11 | variable "lambda_role_arn" {} 12 | variable "lambda_handler" {} 13 | variable "lambda_runtime" {} 14 | 15 | variable "lambda_alias_name" {} 16 | variable "lambda_func_current_version" {} 17 | variable "lambda_func_target_version" {} 18 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-lambda/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.5.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-nat-gateway/main.tf: -------------------------------------------------------------------------------- 1 | 2 | 3 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 4 | 5 | locals { 6 | name = "${var.project}-${var.prefix}" 7 | tags = { 8 | Project = var.project 9 | createdby = var.createdby 10 | CreatedOn = timestamp() 11 | Environment = terraform.workspace 12 | } 13 | } 14 | 15 | module "aws_natgw" { 16 | prefix = local.name 17 | source = "../../modules/e2esa-module-aws-natgw" 18 | vpc_id = var.vpc_id 19 | nat_public_subnet_id = var.nat_public_subnet_id 20 | nat_private_subnet_id = var.nat_private_subnet_id 21 | tags = local.tags 22 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-nat-gateway/outputs.tf: -------------------------------------------------------------------------------- 1 | output "natgw_allocation_id" { 2 | value = module.aws_natgw.natgw_allocation_id 3 | description = "aws_natgw natgw_allocation_id" 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-nat-gateway/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-nat-gateway/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-nat-gateway/variables.tf: -------------------------------------------------------------------------------- 1 | # Tags 2 | variable "project" {} 3 | variable "prefix" {} 4 | variable "createdby" {} 5 | 6 | # General 7 | variable "aws_region" {} 8 | variable "vpc_id" {} 9 | 10 | # NAT gateway 11 | variable "nat_public_subnet_id" {} 12 | variable "nat_private_subnet_id" {} -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-nat-gateway/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/common.tf: -------------------------------------------------------------------------------- 1 | 2 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 3 | 4 | locals { 5 | name = "${var.project}-${var.prefix}" 6 | tags = { 7 | project = var.project 8 | orgunit = var.org_unit 9 | businessunit = var.business_unit 10 | costcenter = var.cost_center 11 | createdby = var.createdby 12 | createdon = timestamp() 13 | appid = var.appid 14 | environment = terraform.workspace 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/rds.tf: -------------------------------------------------------------------------------- 1 | module "aws_rds" { 2 | source = "../../modules/e2esa-module-aws-rds" 3 | allocated_storage = var.allocated_storage 4 | max_allocated_storage = var.max_allocated_storage 5 | engine = var.engine 6 | engine_version = var.engine_version 7 | instance_class = var.instance_class 8 | db_name = var.db_name 9 | username = var.username 10 | password = var.password 11 | skip_final_snapshot = var.skip_final_snapshot 12 | multi_az = var.multi_az 13 | publicly_accessible = var.publicly_accessible 14 | vpc_security_group_ids = var.vpc_security_group_ids 15 | 16 | db_subnet_group_name = var.db_subnet_group_name 17 | db_group_subnet_ids = var.db_group_subnet_ids 18 | 19 | iam_role_arn_for_option_group = var.iam_role_arn_for_option_group 20 | tags = local.tags 21 | } 22 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/s3-import.tf: -------------------------------------------------------------------------------- 1 | # resource "aws_db_instance" "s3_import_db" { 2 | # s3_import { 3 | # source_engine = var.engine 4 | # source_engine_version = var.engine_version 5 | # bucket_name = var.bucket_name 6 | # bucket_prefix = var.bucket_prefix 7 | # ingestion_role = var.ingestion_role 8 | # } 9 | # } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-rds/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "prefix" {} 5 | variable "createdby" {} 6 | variable "org_unit" {} 7 | variable "business_unit" {} 8 | variable "cost_center" {} 9 | variable "appid" {} 10 | 11 | # General 12 | variable "aws_region" {} 13 | 14 | # RDS variables 15 | variable "allocated_storage" {} 16 | variable "max_allocated_storage" {} 17 | variable "engine" {} 18 | variable "engine_version" {} 19 | variable "instance_class" {} 20 | variable "db_name" {} 21 | variable "username" {} 22 | variable "password" {} 23 | variable "skip_final_snapshot" {} 24 | variable "multi_az" {} 25 | variable "publicly_accessible" {} 26 | variable "db_subnet_group_name" {} 27 | variable "vpc_security_group_ids" {} 28 | variable "db_group_subnet_ids" {} 29 | variable "iam_role_arn_for_option_group" {} 30 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-rds/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-redshift-cluster/common.tf: -------------------------------------------------------------------------------- 1 | 2 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 3 | 4 | locals { 5 | name = "${var.project}-${var.prefix}" 6 | tags = { 7 | project = var.project 8 | orgunit = var.org_unit 9 | businessunit = var.business_unit 10 | costcenter = var.cost_center 11 | appid = var.appid 12 | appname = var.name 13 | desc = var.dec 14 | tier = var.tier 15 | createdby = var.created_by 16 | createdon = timestamp() 17 | env = var.env 18 | } 19 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-redshift-cluster/outputs.tf: -------------------------------------------------------------------------------- 1 | # output "datapipeline_name" { 2 | # value = try(module.aws_datapipeline.name, "") 3 | # description = "datapipeline name" 4 | # } 5 | 6 | 7 | output "aws_redshift_cluster_name" { 8 | value = try(aws_redshift_cluster.this.name, "") 9 | description = "aws_redshift_cluster name" 10 | } 11 | 12 | output "aws_redshift_cluster_id" { 13 | value = try(aws_redshift_cluster.this.id, "") 14 | description = "aws_redshift_cluster id" 15 | } 16 | 17 | output "aws_redshift_cluster_arn" { 18 | value = try(aws_redshift_cluster.this.arn, "") 19 | description = "aws_redshift_cluster arn" 20 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-redshift-cluster/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-redshift-cluster/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-redshift-cluster/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | } 10 | 11 | # provider block 12 | 13 | provider "aws" { 14 | profile = "default" 15 | region = var.aws_region 16 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/app_tfvars: -------------------------------------------------------------------------------- 1 | 2 | # Common 3 | project = "e2esa" 4 | prefix = "tf-backend" 5 | org_unit = "E2ESA" 6 | business_unit = "SMB-INT" # SMB-INT - Small & Medium Business in Org, "SMB-EXTR" - SMB External 7 | cost_center = "CCAWS0000" 8 | appid = "APP001" 9 | 10 | # General 11 | aws_region = "us-east-1" 12 | suffix = "01" 13 | 14 | # S3 15 | s3_bucket_names = ["myorg-tf-states"] 16 | s3_bucket_name = "myorg-tf-states" 17 | s3_versioning = "Enabled" 18 | enable_lifecycle_rule = false 19 | 20 | db_table_name = "myorg-tf-locks" 21 | billing_mode = "PAY_PER_REQUEST" 22 | hash_key = "LockID" 23 | attr_name = "LockID" 24 | attr_type = "S" -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/outputs.tf: -------------------------------------------------------------------------------- 1 | 2 | output "aws_s3_bucket_arn" { 3 | value = module.aws_s3_bucket.aws_s3_bucket_arn 4 | description = "s3 arn" 5 | } 6 | 7 | output "aws_s3_bucket_versioning_id" { 8 | value = module.aws_s3_bucket.aws_s3_bucket_versioning_id 9 | description = "s3 aws_s3_bucket_versioning id" 10 | } 11 | 12 | output "aws_dynamodb_table_id" { 13 | value = module.aws_dynamodb.aws_dynamodb_table_id 14 | description = "aws_dynamodb_table_id" 15 | } 16 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/readme.md: -------------------------------------------------------------------------------- 1 | 2 | ## README 3 | - end-to-end Solution Architect forum is contributing this as knowledge sharing. You are free to use and modify this. 4 | - Please check repository https://github.com/e2eSolutionArchitect/terraform 5 | - We encourage you to contribute your knowledge with us and create a stronger IT community. 6 | - Please feel free to contract us at https://e2esolutionarchitect.com/ 7 | 8 | # rename app_tfvars file name to as app.tfvars and then execute below command 9 | ``` 10 | terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 11 | ``` -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/tf-spec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e2eSolutionArchitect/terraform/a648473d2678fa0a4a0b24975b61f6013f55070f/providers/aws/projects/e2esa-aws-s3backend/tf-spec.md -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | # Tags 3 | variable "project" {} 4 | variable "prefix" {} 5 | variable "suffix" {} 6 | variable "createdby" {} 7 | variable "org_unit" {} 8 | variable "business_unit" {} 9 | variable "cost_center" {} 10 | variable "appid" {} 11 | 12 | # General 13 | variable "aws_region" {} 14 | 15 | # S3 16 | variable "s3_bucket_names" {} 17 | variable "s3_bucket_name" {} 18 | variable "s3_versioning" {} 19 | variable "enable_lifecycle_rule" {} 20 | 21 | variable "db_table_name" {} 22 | variable "billing_mode" {} 23 | variable "hash_key" {} 24 | variable "attr_name" {} 25 | variable "attr_type" {} -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-s3backend/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = "~> 1.3.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 4.37.0" 7 | } 8 | } 9 | 10 | # TF State Management 11 | # Variables not allowed in backend block. 12 | backend "s3" { 13 | bucket = "e2esa-tf-states" 14 | key = "s3-backend/terraform.tfstate" 15 | region = "us-east-1" 16 | dynamodb_table = "e2esa-tf-locks" 17 | encrypt = true 18 | profile = "default2" 19 | } 20 | } 21 | 22 | # provider block 23 | 24 | provider "aws" { 25 | profile = "default2" 26 | #shared_credentials_file ="/path/to/.aws/credentials" 27 | region = var.aws_region 28 | #alias = "us-east-1" 29 | } 30 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/acm-certificate.tf: -------------------------------------------------------------------------------- 1 | #------------------------------------------------------------------------------ 2 | # ACM Certificate 3 | #------------------------------------------------------------------------------ 4 | module "acm" { 5 | #source = "../../modules/e2esa-module-aws-acm" 6 | source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-acm?ref=main" 7 | name = "${local.name}-${var.suffix}" 8 | domain_name = var.domain_name 9 | additional_domain_names = var.cf_domain_names 10 | tags = merge({ "resourcename" = "${local.name}-${var.suffix}" }, local.tags) 11 | } 12 | 13 | 14 | # Find a certificate issued by (not imported into) ACM 15 | data "aws_acm_certificate" "amazon_issued" { 16 | domain = var.domain_name 17 | types = ["AMAZON_ISSUED"] 18 | most_recent = true 19 | depends_on = [module.acm] 20 | } 21 | 22 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/app_tfvars: -------------------------------------------------------------------------------- 1 | # Common 2 | project = "spm" 3 | prefix = "webapp" 4 | org_unit = "e2esa" 5 | business_unit = "SMB-INT" # SMB-INT - Small & Medium Business in Org, "SMB-EXTR" - SMB External 6 | cost_center = "CCAWS-2435" 7 | appid = "spm-web-app01" 8 | 9 | # General 10 | aws_region = "us-east-1" 11 | suffix = "01" 12 | 13 | # Backend 14 | backend_s3_bucket = "e2esa-tf-states" 15 | backend_dynamodb_table = "e2esa-tf-locks" 16 | 17 | 18 | s3_bucket_name = "mydomain.com" 19 | domain_name = "mydomain.com" 20 | acl = "public-read" 21 | 22 | create_route53_hosted_zone = false 23 | private_zone = false 24 | evaluate_target_health = false 25 | route53_record_type = "A" 26 | 27 | # ACM 28 | create_acm_certificate = true 29 | 30 | # CF 31 | cf_domain_names = ["mydomain.com", "www.mydomain.com"] 32 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/cloudfront.tf: -------------------------------------------------------------------------------- 1 | module "cloudfront" { 2 | source = "../../modules/e2esa-module-aws-cloudfront" 3 | #source = "git::https://github.com/e2eSolutionArchitect/terraform.git//providers/aws/modules/e2esa-module-aws-cloudfront?ref=main" 4 | name = "${local.name}-${var.suffix}" 5 | domain_name = var.domain_name 6 | cf_log_s3_bucket = "${var.s3_bucket_name}.s3.amazonaws.com" 7 | cf_domain_names = var.cf_domain_names 8 | tags = merge({ "resourcename" = "${local.name}-${var.suffix}" }, local.tags) 9 | depends_on = [module.acm] 10 | } -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/common.tf: -------------------------------------------------------------------------------- 1 | 2 | # terraform apply -var-file="app.tfvars" -var="createdby=e2esa" 3 | 4 | locals { 5 | name = "${var.project}-${var.prefix}" 6 | tags = { 7 | project = var.project 8 | orgunit = var.org_unit 9 | businessunit = var.business_unit 10 | costcenter = var.cost_center 11 | createdby = var.createdby 12 | createdon = timestamp() 13 | environment = terraform.workspace 14 | appid = var.appid 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/outputs.tf: -------------------------------------------------------------------------------- 1 | output "cf_id" { 2 | value = try(module.cloudfront.id, "") 3 | description = "CF id" 4 | } 5 | -------------------------------------------------------------------------------- /providers/aws/projects/e2esa-aws-static-webhosting/s3.tf: -------------------------------------------------------------------------------- 1 | 2 | # module "aws_s3_bucket" { 3 | # source = "../../modules/e2esa-module-aws-s3" 4 | # aws_region = var.aws_region 5 | # s3_bucket_name = var.s3_bucket_name 6 | # acl = var.acl 7 | # tags = merge({ "ResourceName" = var.s3_bucket_name }, local.tags) 8 | # } 9 | 10 | data "aws_s3_bucket" "selected" { 11 | bucket = var.s3_bucket_name 12 | } 13 | 14 | resource "aws_s3_bucket_website_configuration" "this" { 15 | bucket = data.aws_s3_bucket.selected.id 16 | 17 | index_document { 18 | suffix = "index.html" 19 | } 20 | 21 | error_document { 22 | key = "error.html" 23 | } 24 | 25 | # routing_rules = <