From 72fd849ea2e77512757ca0c00b076ae86dadf7a4 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 19 Feb 2025 22:21:26 -0500 Subject: [PATCH 1/3] fix(main.tf): use explicit aws.self on resources to use correct assume_role --- .tflint.hcl | 26 +++++++++++++------------- README.md | 12 ++++++------ main.tf | 8 +++++--- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/.tflint.hcl b/.tflint.hcl index 684d807..ab8ea66 100644 --- a/.tflint.hcl +++ b/.tflint.hcl @@ -4,18 +4,18 @@ config { disabled_by_default = false } -rule "aws_instance_invalid_type" { - enabled = true -} +# rule "aws_instance_invalid_type" { +# enabled = true +# } -plugin "aws" { - enabled = true - version = "0.32.0" - source = "github.com/terraform-linters/tflint-ruleset-aws" -} +# plugin "aws" { +# enabled = true +# version = "0.32.0" +# source = "github.com/terraform-linters/tflint-ruleset-aws" +# } -plugin "terraform" { - enabled = true - version = "0.9.0" - source = "github.com/terraform-linters/tflint-ruleset-terraform" -} +# plugin "terraform" { +# enabled = true +# version = "0.9.0" +# source = "github.com/terraform-linters/tflint-ruleset-terraform" +# } diff --git a/README.md b/README.md index a429f21..9a596d4 100644 --- a/README.md +++ b/README.md @@ -27,10 +27,10 @@ Change logs are auto-generated with commitizen. | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.73.0 | -| [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | 5.73.0 | -| [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | 5.73.0 | -| [aws.self](#provider\_aws.self) | 5.73.0 | +| [aws](#provider\_aws) | 5.87.0 | +| [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | 5.87.0 | +| [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | 5.87.0 | +| [aws.self](#provider\_aws.self) | 5.87.0 | ## Modules @@ -64,8 +64,8 @@ No modules. | [os\_username](#input\_os\_username) | OS username from environment variable, ideally as $USER | `string` | `null` | no | | [profile](#input\_profile) | AWS config profile | `string` | `""` | no | | [region](#input\_region) | AWS config region | `string` | `""` | no | -| [region\_map](#input\_region\_map) | AWS region map | `map(string)` | 
{
  "east": "us-gov-east-1",
  "west": "us-gov-west-1"
}
| no | -| [route53\_endpoints](#input\_route53\_endpoints) | Map of target route53 endpoints (for inbound) central VPCs | `map(map(string))` | 
{
  "route53_main": {
    "account_id": "269244441389",
    "alias": "lab-gov-network-nonprod",
    "us-gov-east-1": "vpc-070595c5b133243dd",
    "us-gov-west-1": "vpc-08b7b4db6a5ddf9c1"
  }
}
| no | +| [region\_map](#input\_region\_map) | AWS region map | `map(string)` | 
{
  "east": "us-gov-east-1",
  "west": "us-gov-west-1"
}
| no | +| [route53\_endpoints](#input\_route53\_endpoints) | Map of target route53 endpoints (for inbound) central VPCs | `map(map(string))` | 
{
  "route53_main": {
    "account_id": "269244441389",
    "alias": "lab-gov-network-nonprod",
    "us-gov-east-1": "vpc-070595c5b133243dd",
    "us-gov-west-1": "vpc-08b7b4db6a5ddf9c1"
  }
}
| no | | [tags](#input\_tags) | AWS Tags to apply to appropriate resources | `map(string)` | `{}` | no | | [vpc\_domain\_name](#input\_vpc\_domain\_name) | The DNS domain name of the vpc the cluster is in. | `string` | n/a | yes | | [vpc\_name](#input\_vpc\_name) | Define the VPC name that will be used by this cluster | `string` | n/a | yes | diff --git a/main.tf b/main.tf index d0578de..3f85d8d 100644 --- a/main.tf +++ b/main.tf @@ -16,6 +16,7 @@ locals { #------------------------------------------------- resource "aws_route53_zone" "cluster_domain" { + provider = aws.self name = local.cluster_domain_name comment = local.cluster_domain_description force_destroy = false @@ -138,9 +139,10 @@ resource "aws_route53_zone_association" "central_zone_west" { ################################################################### resource "aws_route53_record" "entry" { - zone_id = aws_route53_zone.cluster_domain.zone_id - name = "*.${local.cluster_domain_name}" - type = "A" + provider = aws.self + zone_id = aws_route53_zone.cluster_domain.zone_id + name = "*.${local.cluster_domain_name}" + type = "A" alias { name = var.istio_ingress_lb.dns_name From 1cc01a296334fd6e4298dec8f0f741eba89a46cf Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 19 Feb 2025 23:57:46 -0500 Subject: [PATCH 2/3] nope --- main.tf | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/main.tf b/main.tf index 3f85d8d..d0578de 100644 --- a/main.tf +++ b/main.tf @@ -16,7 +16,6 @@ locals { #------------------------------------------------- resource "aws_route53_zone" "cluster_domain" { - provider = aws.self name = local.cluster_domain_name comment = local.cluster_domain_description force_destroy = false @@ -139,10 +138,9 @@ resource "aws_route53_zone_association" "central_zone_west" { ################################################################### resource "aws_route53_record" "entry" { - provider = aws.self - zone_id = aws_route53_zone.cluster_domain.zone_id - name = "*.${local.cluster_domain_name}" - type = "A" + zone_id = aws_route53_zone.cluster_domain.zone_id + name = "*.${local.cluster_domain_name}" + type = "A" alias { name = var.istio_ingress_lb.dns_name From bd57bc68e034878b134002612b15cb7ae540e09e Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Mon, 24 Feb 2025 17:19:18 -0500 Subject: [PATCH 3/3] commented because broken --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5a5c34b..ef52d70 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -37,7 +37,7 @@ repos: # Terraform Hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases + rev: v1.97.3 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases hooks: - id: terraform_fmt args: