SCT-Engineering · arnol377 · Sep 18, 2025 · Jun 4, 2026
Changes from all commits

Commits

Show all changes
2 commits

Select commit Hold shift + click to select a range

8da4b67
working on integrating service-catalog
Sep 18, 2025

cde4af0
chore: end-of-session commit (33 files changed)
Jun 4, 2026
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/.terraform_commits b/.terraform_commits
@@ -262,5 +262,179 @@
     "commit_message": "feat: Add customization instructions for Packer and Ansible configurations in README.md",
     "author": "Your Name",
     "timestamp": "2025-08-11T14:29:54.295056"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-19T13:54:28.016727"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-19T14:31:29.136264"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-19T14:44:51.628321"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-19T15:04:20.103382"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-19T17:24:31.032435"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-22T13:31:48.921602"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-22T14:32:18.815247"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-23T12:36:26.659427"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-23T12:58:40.290792"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-23T13:34:06.956070"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-23T13:46:15.205040"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T12:59:05.518278"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:05:19.715459"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:13:54.060601"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:16:29.480254"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:22:27.434354"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:25:20.564401"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T13:59:08.624845"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T15:03:40.259641"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T15:18:06.488429"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T15:49:01.712797"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-24T17:16:12.558888"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T12:20:14.274311"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T12:27:41.954264"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T13:26:42.598056"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T13:39:07.040787"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T16:06:06.073376"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T16:16:26.022357"
+  },
+  {
+    "commit_hash": "8da4b6740b654a919b7180f2080e24f76de6b0e9",
+    "commit_message": "working on integrating service-catalog",
+    "author": "Your Name",
+    "timestamp": "2025-09-25T16:27:24.953407"
   }
 ]
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,9 @@
+{
+    "python-envs.pythonProjects": [
+        {
+            "path": ".",
+            "envManager": "ms-python.python:venv",
+            "packageManager": "ms-python.python:pip"
+        }
+    ]
+}
diff --git a/MIGRATION_GUIDE.md b/MIGRATION_GUIDE.md
@@ -0,0 +1,159 @@
+# Migration Guide: Using terraform-cfn-service-catalog Module
+
+This guide outlines the migration from the existing aws-image-pipeline-cfn implementation to use the dedicated terraform-cfn-service-catalog module.
+
+## Benefits of Migration
+
+### 1. **Cleaner Architecture**
+- Separation of concerns between CloudFormation stack management and Service Catalog resources
+- Reduced code complexity in main.tf (from ~150 lines to ~130 lines with better organization)
+- Reusable Service Catalog module across multiple projects
+
+### 2. **Enhanced Flexibility**
+- Support for both creating new portfolios or using existing ones
+- Better template source handling (content vs URL)
+- More robust validation and error handling
+- Improved principal access management
+
+### 3. **Better Maintainability**
+- Service Catalog logic is centralized in a dedicated module
+- Easier to update Service Catalog configurations
+- Clear separation between infrastructure deployment and self-service catalog
+
+## Migration Steps
+
+### Step 1: Update Module Source Path
+Ensure the terraform-cfn-service-catalog module is available at the correct relative path:
+```
+source = "../terraform-cfn-service-catalog"
+```
+
+### Step 2: Update Terraform Configuration
+The main.tf has been updated to:
+- Use the terraform-cfn-service-catalog module instead of direct aws_servicecatalog_* resources
+- Pass the generated CloudFormation template content directly to the module
+- Maintain backward compatibility with existing variables
+
+### Step 3: Configure Service Catalog Variables
+Set the following variables in your terraform.tfvars:
+
+```hcl
+# Enable Service Catalog
+enable_service_catalog = true
+
+# Portfolio configuration
+portfolio_name           = "Your Portfolio Name"
+portfolio_description    = "Portfolio description"
+portfolio_provider_name  = "Your Team Name"
+
+# Product configuration
+product_name        = "Your Product Name"
+product_description = "Product description"
+product_owner       = "Product Owner"
+
+# Access control
+principal_arns = [
+  "arn:aws:iam::123456789012:role/YourRole",
+  "arn:aws:iam::123456789012:group/YourGroup"
+]
+```
+
+### Step 4: Initialize and Apply
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+## Key Changes
+
+### Before (Direct Resources)
+- Direct management of aws_servicecatalog_portfolio
+- Direct management of aws_servicecatalog_product
+- Direct management of aws_servicecatalog_product_portfolio_association
+- Direct management of aws_servicecatalog_principal_portfolio_association
+- Manual template URL construction
+
+### After (Module-Based)
+- Single module call with all Service Catalog configuration
+- Automatic template handling (content passed directly)
+- Built-in validation and error handling
+- Cleaner variable interface
+
+## Backward Compatibility
+
+The migration maintains full backward compatibility:
+- All existing variables are preserved
+- Service Catalog can still be disabled with `enable_service_catalog = false`
+- CloudFormation stack deployment works identically
+- All outputs are preserved and enhanced
+
+## Advanced Configuration Options
+
+The module supports additional configuration options:
+
+### Using Existing Portfolio
+```hcl
+module "service_catalog" {
+  # ... other configuration ...
+
+  create_portfolio      = false
+  existing_portfolio_id = "port-existing123"
+}
+```
+
+### Custom Provisioning Artifact
+```hcl
+module "service_catalog" {
+  # ... other configuration ...
+
+  provisioning_artifact_name        = "v2.0"
+  provisioning_artifact_description = "Updated version with new features"
+  disable_template_validation       = false
+}
+```
+
+### Support Information
+```hcl
+module "service_catalog" {
+  # ... other configuration ...
+
+  support_description = "Contact the Platform Engineering team for support"
+  support_email      = "platform-engineering@company.com"
+  support_url        = "https://wiki.company.com/platform-engineering"
+}
+```
+
+## Testing the Migration
+
+1. **Validate Configuration**
+   ```bash
+   terraform validate
+   ```
+
+2. **Review Plan**
+   ```bash
+   terraform plan -var-file="examples/service-catalog-migration.tfvars"
+   ```
+
+3. **Test Service Catalog Access**
+   After deployment, verify that:
+   - Portfolio is created/accessible
+   - Product appears in the portfolio
+   - Specified principals can access the portfolio
+   - Product can be launched successfully
+
+## Rollback Strategy
+
+If you need to rollback:
+1. Set `enable_service_catalog = false`
+2. Run `terraform apply` to remove Service Catalog resources
+3. Revert to the previous main.tf if needed
+
+## Additional Benefits
+
+- **Standardization**: All Service Catalog deployments use the same module
+- **Testing**: Module can be tested independently
+- **Documentation**: Centralized documentation for Service Catalog patterns
+- **Updates**: Easy to update Service Catalog logic across all projects
+- **Compliance**: Consistent implementation of access controls and tagging