From a7015e6e8cba74ae849f6574d7865f21cd55029b Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 11 Mar 2021 16:56:48 -0500
Subject: [PATCH] mark unfinished

---
 .../README.md                                 |  7 +-
 .../data.tf                                   |  0
 .../defaults.tf                               |  0
 .../inf-roles.tf                              |  0
 .../main.tf                                   | 67 +++++--------------
 .../outputs.tf                                |  0
 .../policies.sts.tf                           |  0
 .../policies.tf                               |  0
 .../policy_data.tf                            |  0
 .../prefixes.tf                               |  0
 .../variables.common.tf                       |  0
 .../variables.tf                              |  0
 .../version.tf                                |  0
 13 files changed, 19 insertions(+), 55 deletions(-)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/README.md (89%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/data.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/defaults.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/inf-roles.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/main.tf (59%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/outputs.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/policies.sts.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/policies.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/policy_data.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/prefixes.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/variables.common.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/variables.tf (100%)
 rename {iam-cloud-admin => iam-cloud-admin.unfinished}/version.tf (100%)

diff --git a/iam-cloud-admin/README.md b/iam-cloud-admin.unfinished/README.md
similarity index 89%
rename from iam-cloud-admin/README.md
rename to iam-cloud-admin.unfinished/README.md
index e73c37a..bf5d988 100644
--- a/iam-cloud-admin/README.md
+++ b/iam-cloud-admin.unfinished/README.md
@@ -50,7 +50,9 @@ No requirements.
 
 ## Modules
 
-No Modules.
+| Name | Source | Version |
+|------|--------|---------|
+| test-role | git@github.e.it.census.gov:terraform-modules/aws-iam-role.git |  |
 
 ## Resources
 
@@ -62,9 +64,6 @@ No Modules.
 | [aws_iam_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) |
 | [aws_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) |
 | [aws_region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) |
-| [aws_s3_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) |
-| [aws_s3_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) |
-| [aws_s3_bucket_public_access_block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) |
 
 ## Inputs
 
diff --git a/iam-cloud-admin/data.tf b/iam-cloud-admin.unfinished/data.tf
similarity index 100%
rename from iam-cloud-admin/data.tf
rename to iam-cloud-admin.unfinished/data.tf
diff --git a/iam-cloud-admin/defaults.tf b/iam-cloud-admin.unfinished/defaults.tf
similarity index 100%
rename from iam-cloud-admin/defaults.tf
rename to iam-cloud-admin.unfinished/defaults.tf
diff --git a/iam-cloud-admin/inf-roles.tf b/iam-cloud-admin.unfinished/inf-roles.tf
similarity index 100%
rename from iam-cloud-admin/inf-roles.tf
rename to iam-cloud-admin.unfinished/inf-roles.tf
diff --git a/iam-cloud-admin/main.tf b/iam-cloud-admin.unfinished/main.tf
similarity index 59%
rename from iam-cloud-admin/main.tf
rename to iam-cloud-admin.unfinished/main.tf
index 5ef71a5..2b0a8b7 100644
--- a/iam-cloud-admin/main.tf
+++ b/iam-cloud-admin.unfinished/main.tf
@@ -54,57 +54,22 @@ locals {
   }
 }
 
-#---
-# s3
-#---
-resource "aws_s3_bucket" "flowlogs" {
-  bucket = local.bucket_name
-  acl    = "log-delivery-write"
+module "test-role" {
+  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
 
-  # need to create the inf_ key used for infrastucture things like
-  # vpc flow, cloudtrail, config, sns, sqs
+  role_name              = "test-role"
+  saml_provider_arn      = data.terraform_remote_state.common.outputs.inf_saml_provider
+  enable_ldap_creation   = true
+  assume_policy_document = data.terraform_remote_state.common.outputs.inf_saml_assume_policy_document
+  #  attached_policies          = ["arn1", "arn2"]
+  ldap_user     = var.edir_ldap_user
+  ldap_password = var.edir_ldap_password
 
-  server_side_encryption_configuration {
-    rule {
-      apply_server_side_encryption_by_default {
-        #        kms_master_key_id = local.inf_key_arn
-        sse_algorithm = "aws:kms"
-      }
-    }
-  }
-
-  versioning {
-    enabled = false
-  }
-
-  lifecycle {
-    prevent_destroy = true
-  }
-
-  # probably want some migration of old data to some other location
-  # like glacier
-
-  tags = merge(
-    var.tags,
-    local.base_tags,
-    lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
-  )
-
-  provisioner "local-exec" {
-    command = "sleep 30"
-  }
-}
-
-resource "aws_s3_bucket_public_access_block" "flowlogs" {
-  bucket                  = aws_s3_bucket.flowlogs.id
-  block_public_acls       = true
-  block_public_policy     = true
-  ignore_public_acls      = true
-  restrict_public_buckets = true
-}
-
-resource "aws_s3_bucket_policy" "flowlogs" {
-  bucket = aws_s3_bucket.flowlogs.id
-  policy = data.aws_iam_policy_document.flowlogs_s3.json
+  #  # optional
+  #  ec2_role_name         = "my-role-other"
+  #  enable_instance_role  = false
+  #  ec2_assume_policy_document = "X"
+  #  ec2_attached_policies = []
+  #  ldap_host             = "ldap.e.tco.census.gov"
+  #  ldap_port             = 389
 }
diff --git a/iam-cloud-admin/outputs.tf b/iam-cloud-admin.unfinished/outputs.tf
similarity index 100%
rename from iam-cloud-admin/outputs.tf
rename to iam-cloud-admin.unfinished/outputs.tf
diff --git a/iam-cloud-admin/policies.sts.tf b/iam-cloud-admin.unfinished/policies.sts.tf
similarity index 100%
rename from iam-cloud-admin/policies.sts.tf
rename to iam-cloud-admin.unfinished/policies.sts.tf
diff --git a/iam-cloud-admin/policies.tf b/iam-cloud-admin.unfinished/policies.tf
similarity index 100%
rename from iam-cloud-admin/policies.tf
rename to iam-cloud-admin.unfinished/policies.tf
diff --git a/iam-cloud-admin/policy_data.tf b/iam-cloud-admin.unfinished/policy_data.tf
similarity index 100%
rename from iam-cloud-admin/policy_data.tf
rename to iam-cloud-admin.unfinished/policy_data.tf
diff --git a/iam-cloud-admin/prefixes.tf b/iam-cloud-admin.unfinished/prefixes.tf
similarity index 100%
rename from iam-cloud-admin/prefixes.tf
rename to iam-cloud-admin.unfinished/prefixes.tf
diff --git a/iam-cloud-admin/variables.common.tf b/iam-cloud-admin.unfinished/variables.common.tf
similarity index 100%
rename from iam-cloud-admin/variables.common.tf
rename to iam-cloud-admin.unfinished/variables.common.tf
diff --git a/iam-cloud-admin/variables.tf b/iam-cloud-admin.unfinished/variables.tf
similarity index 100%
rename from iam-cloud-admin/variables.tf
rename to iam-cloud-admin.unfinished/variables.tf
diff --git a/iam-cloud-admin/version.tf b/iam-cloud-admin.unfinished/version.tf
similarity index 100%
rename from iam-cloud-admin/version.tf
rename to iam-cloud-admin.unfinished/version.tf