From 539ecedf561c030e4d0d52d35fb654de3ccc2e15 Mon Sep 17 00:00:00 2001 From: badra001 Date: Tue, 4 Jan 2022 13:55:37 -0500 Subject: [PATCH] add dns stuff, readme for vpc-additional-peer --- .../apps/dns/.terraform-docs.yml | 44 ++++ .../dns-vpc-region-vpcN/apps/dns/README.md | 55 +++++ .../apps/dns/associate-shared.tf | 21 ++ .../dns-vpc-region-vpcN/apps/dns/locals.tf | 13 ++ .../apps/dns/provider.main_dns.tf | 11 + .../dns-vpc-region-vpcN/apps/dns/region.tf | 3 + .../dns-vpc-region-vpcN/apps/dns/sort-ip.py | 19 ++ .../dns-vpc-region-vpcN/apps/dns/tf-run.data | 10 + .../apps/dns/variables.dns.tf | 27 +++ .../dns-vpc-region-vpcN/apps/dns/zones.tf | 205 ++++++++++++++++++ examples/dns-vpc-region-vpcN/apps/region.tf | 4 + examples/dns-vpc-region-vpcN/apps/tf-run.data | 9 + examples/dns-vpc-region/apps/dns/data.tf | 10 + examples/dns-vpc-region/apps/dns/locals.tf | 5 + examples/dns-vpc-region/apps/dns/logging.tf | 27 +++ examples/dns-vpc-region/apps/dns/region.tf | 3 + examples/dns-vpc-region/apps/dns/tf-run.data | 7 + examples/dns-vpc-region/apps/region.tf | 3 + examples/dns-vpc-region/apps/tf-run.data | 7 + examples/vpc-additional-peer/peers/README.md | 25 +++ .../README.md | 29 +++ 21 files changed, 537 insertions(+) create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/.terraform-docs.yml create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/README.md create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/associate-shared.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/locals.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/provider.main_dns.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/region.tf create mode 100755 examples/dns-vpc-region-vpcN/apps/dns/sort-ip.py create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/tf-run.data create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/variables.dns.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/dns/zones.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/region.tf create mode 100644 examples/dns-vpc-region-vpcN/apps/tf-run.data create mode 100644 examples/dns-vpc-region/apps/dns/data.tf create mode 100644 examples/dns-vpc-region/apps/dns/locals.tf create mode 100644 examples/dns-vpc-region/apps/dns/logging.tf create mode 100644 examples/dns-vpc-region/apps/dns/region.tf create mode 100644 examples/dns-vpc-region/apps/dns/tf-run.data create mode 100644 examples/dns-vpc-region/apps/region.tf create mode 100644 examples/dns-vpc-region/apps/tf-run.data create mode 100644 examples/vpc-additional-peer/peers/README.md create mode 100644 examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/README.md diff --git a/examples/dns-vpc-region-vpcN/apps/dns/.terraform-docs.yml b/examples/dns-vpc-region-vpcN/apps/dns/.terraform-docs.yml new file mode 100644 index 0000000..8391b9d --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/.terraform-docs.yml @@ -0,0 +1,44 @@ +formatter: markdown table + +header-from: main.tf +footer-from: "" + +sections: +## hide: [] + show: + - data-sources + - header + - footer + - inputs + - modules + - outputs + - providers + - requirements + - resources + +output: + file: README.md + mode: inject + template: |- + + {{ .Content }} + + +## output-values: +## enabled: false +## from: "" +## +## sort: +## enabled: true +## by: name +## +## settings: +## anchor: true +## color: true +## default: true +## description: false +## escape: true +## indent: 2 +## required: true +## sensitive: true +## type: true diff --git a/examples/dns-vpc-region-vpcN/apps/dns/README.md b/examples/dns-vpc-region-vpcN/apps/dns/README.md new file mode 100644 index 0000000..0d006f9 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/README.md @@ -0,0 +1,55 @@ + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | +| [aws.east\_main\_dns](#provider\_aws.east\_main\_dns) | n/a | +| [aws.west\_main\_dns](#provider\_aws.west\_main\_dns) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_route53_resolver_rule_association.all_rules](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_resolver_rule_association) | resource | +| [aws_route53_vpc_association_authorization.east_domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | +| [aws_route53_vpc_association_authorization.east_ptr_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | +| [aws_route53_vpc_association_authorization.west_domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | +| [aws_route53_vpc_association_authorization.west_ptr_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | +| [aws_route53_zone.domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource | +| [aws_route53_zone.ptr_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource | +| [aws_route53_zone_association.east_domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource | +| [aws_route53_zone_association.east_ptr_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource | +| [aws_route53_zone_association.west_domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource | +| [aws_route53_zone_association.west_ptr_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource | +| [aws_route53_resolver_rules.all_rules](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_resolver_rules) | data source | +| [aws_route53_zone.domain_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [dns\_zone\_create](#input\_dns\_zone\_create) | Flag determing to create (true) or associate (false) the main forward zone. Used for the same VPC domain name across different regions or VPCs | `bool` | `true` | no | +| [dns\_zone\_description\_prefix](#input\_dns\_zone\_description\_prefix) | Zone description with the org-project-program-environment | `string` | `""` | no | +| [main\_dns\_profile](#input\_main\_dns\_profile) | Profile name for AWS for the main DNS central account | `string` | `"107742151971-do2-govcloud"` | no | +| [main\_dns\_vpcs](#input\_main\_dns\_vpcs) | Map of region and VPC ids of the vpc1-services in us-gov-west-1 and us-gov-east-1 for centralized DNS | `map(string)` | 
{
  "us-gov-east-1": "vpc-099a991da7c4eb8a5",
  "us-gov-west-1": "vpc-77877a12"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [all\_zones](#output\_all\_zones) | DNS zone list | +| [domain\_zone\_id](#output\_domain\_zone\_id) | DNS Zone ID | +| [domain\_zone\_ns](#output\_domain\_zone\_ns) | DNS Zone Nameservers | +| [ptr\_zone\_id](#output\_ptr\_zone\_id) | DNS PTR Zone IDs | +| [ptr\_zone\_info](#output\_ptr\_zone\_info) | DNS PTR Zone Info | +| [ptr\_zone\_ns](#output\_ptr\_zone\_ns) | DNS PTR Zone Nameservers | + \ No newline at end of file diff --git a/examples/dns-vpc-region-vpcN/apps/dns/associate-shared.tf b/examples/dns-vpc-region-vpcN/apps/dns/associate-shared.tf new file mode 100644 index 0000000..acf8736 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/associate-shared.tf @@ -0,0 +1,21 @@ +## locals { +## reverse_zones = flatten([ +## "10.in-addr.arpa", +## "168.192.in-addr.arpa", +## "129.148.in-addr.arpa", +## [for x in range(16, 32) : format("%v.172.in-addr.arpa", x)], +## ]) +## reverse_rules = formatlist("reverse-%v", local.reverse_zones) +## forward_rules = ["forward-all-onprem", "amazon"] +## all_main_rules = formatlist("resolver-%v", concat(local.forward_rules, local.reverse_rules)) +## } + +data "aws_route53_resolver_rules" "all_rules" { + share_status = "SHARED_WITH_ME" +} + +resource "aws_route53_resolver_rule_association" "all_rules" { + for_each = toset(data.aws_route53_resolver_rules.all_rules.resolver_rule_ids) + resolver_rule_id = each.key + vpc_id = local.vpc_id +} diff --git a/examples/dns-vpc-region-vpcN/apps/dns/locals.tf b/examples/dns-vpc-region-vpcN/apps/dns/locals.tf new file mode 100644 index 0000000..a0370a8 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/locals.tf @@ -0,0 +1,13 @@ +locals { + base_tags = { + "boc:created_by" = "terraform" + } +} + +locals { + vpc_info = data.terraform_remote_state.vpc_west_vpc1.outputs.vpc_info + vpc_id = local.vpc_info["vpc_id"] + domain_name = local.vpc_info["vpc_domain_name"] + dns_servers = local.vpc_info["vpc_dns_servers"] + vpc_short_name = local.vpc_info["vpc_short_name"] +} diff --git a/examples/dns-vpc-region-vpcN/apps/dns/provider.main_dns.tf b/examples/dns-vpc-region-vpcN/apps/dns/provider.main_dns.tf new file mode 100644 index 0000000..0e693d1 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/provider.main_dns.tf @@ -0,0 +1,11 @@ +provider "aws" { + alias = "east_main_dns" + region = var.region_map["east"] + profile = var.main_dns_profile +} + +provider "aws" { + alias = "west_main_dns" + region = var.region_map["west"] + profile = var.main_dns_profile +} diff --git a/examples/dns-vpc-region-vpcN/apps/dns/region.tf b/examples/dns-vpc-region-vpcN/apps/dns/region.tf new file mode 100644 index 0000000..f617506 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/region.tf @@ -0,0 +1,3 @@ +locals { + region = var.region +} diff --git a/examples/dns-vpc-region-vpcN/apps/dns/sort-ip.py b/examples/dns-vpc-region-vpcN/apps/dns/sort-ip.py new file mode 100755 index 0000000..293f723 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/sort-ip.py @@ -0,0 +1,19 @@ +#!/bin/env python + +import json +import sys +import ipaddress + +r=0 +outdata={'ip_addresses_sorted':''} +try: + indata=json.load(sys.stdin) + ipa=indata['ip_addresses'].split(',') + ips=sorted(ipa,key=ipaddress.ip_address) + outdata['ip_addresses_sorted']=','.join(ips) + print(json.dumps(outdata)) +except: + sys.stderr.write("unable to parse input address\n") + r=1 + +sys.exit(r) diff --git a/examples/dns-vpc-region-vpcN/apps/dns/tf-run.data b/examples/dns-vpc-region-vpcN/apps/dns/tf-run.data new file mode 100644 index 0000000..5621315 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/tf-run.data @@ -0,0 +1,10 @@ +VERSION 1.1.0 +REMOTE-STATE +COMMAND tf-directory-setup.py -l none -f +COMMAND setup-new-directory.sh +COMMAND tf-init -upgrade +# COMMAND mv records.tf records.tf.later +# ALL +# COMMAND mv records.tf.later records.tf +ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.tf b/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.tf new file mode 100644 index 0000000..68ed443 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.tf @@ -0,0 +1,27 @@ +variable "main_dns_vpcs" { + description = "Map of region and VPC ids of the vpc1-services in us-gov-west-1 and us-gov-east-1 for centralized DNS" + type = map(string) + default = { + "us-gov-west-1" = "vpc-77877a12" + "us-gov-east-1" = "vpc-099a991da7c4eb8a5" + } +} + +variable "main_dns_profile" { + description = "Profile name for AWS for the main DNS central account" + type = string + default = "107742151971-do2-govcloud" +} + + +variable "dns_zone_description_prefix" { + description = "Zone description with the org-project-program-environment" + type = string + default = "" +} + +variable "dns_zone_create" { + description = "Flag determing to create (true) or associate (false) the main forward zone. Used for the same VPC domain name across different regions or VPCs" + type = bool + default = true +} diff --git a/examples/dns-vpc-region-vpcN/apps/dns/zones.tf b/examples/dns-vpc-region-vpcN/apps/dns/zones.tf new file mode 100644 index 0000000..5e28b4d --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/dns/zones.tf @@ -0,0 +1,205 @@ +locals { + # calculate set of /24 blocks for PTR subnets from cidr bock size + vpc_cidr_block = local.vpc_info["vpc_cidr_block"] + bits = tonumber(split("/", local.vpc_cidr_block)[1]) + split_bits = 24 - local.bits + _ptr_zones = local.split_bits > 0 ? { for x in range(0, pow(2, local.split_bits)) : x => cidrsubnet(local.vpc_cidr_block, local.split_bits, x) } : {} + ptr_zones = { for x, s in local._ptr_zones : s => { + index = x + cidr = s + octets = split(".", split("/", s)[0]) + bits = tonumber(split("/", s)[1]) + ptr_zone = format("%v.in-addr.arpa", join(".", reverse(slice(split(".", split("/", s)[0]), 0, 3)))) + } + } + + zone_description = var.dns_zone_description_prefix == "" ? var.dns_zone_description_prefix : format("%v ", var.dns_zone_description_prefix) +} + +#--- +# domain (forward) zone +# need to pull this ando ther forward zones up to vpc/apps/dns +#--- +data "aws_route53_zone" "domain_zone" { + count = var.dns_zone_create ? 0 : 1 + name = local.domain_name +} + +resource "aws_route53_zone" "domain_zone" { + count = var.dns_zone_create ? 1 : 0 + name = local.domain_name + comment = format("%vDNS Forward Zone %v", local.zone_description, local.domain_name) + force_destroy = false + + vpc { + vpc_id = local.vpc_id + vpc_region = local.region + } + + lifecycle { + ignore_changes = [vpc] + } + + tags = merge( + local.base_tags, + local.common_tags, + var.application_tags, + tomap({ "Name" = local.domain_name }), + ) +} + +resource "aws_route53_vpc_association_authorization" "west_domain_zone" { + # provider = aws.west_main_dns + for_each = tomap({ "zone" = var.dns_zone_create ? aws_route53_zone.domain_zone[0] : data.aws_route53_zone.domain_zone[0] }) + zone_id = each.value.zone_id + vpc_region = "us-gov-west-1" + vpc_id = var.main_dns_vpcs["us-gov-west-1"] +} + +resource "aws_route53_zone_association" "west_domain_zone" { + provider = aws.west_main_dns + for_each = aws_route53_vpc_association_authorization.west_domain_zone + + zone_id = each.value.zone_id + vpc_id = each.value.vpc_id + vpc_region = each.value.vpc_region +} + +# resource "aws_route53_zone_association" "east_domain_zone" { +# for_each = tomap({"zone" = aws_route53_zone.domain_zone[0]}) +# zone_id = each.value.zone_id +# vpc_region = "us-gov-east-1" +# vpc_id = var.main_dns_vpcs["us-gov-east-1"] +# } + +resource "aws_route53_vpc_association_authorization" "east_domain_zone" { + # provider = aws.east_main_dns + for_each = tomap({ "zone" = var.dns_zone_create ? aws_route53_zone.domain_zone[0] : data.aws_route53_zone.domain_zone[0] }) + + zone_id = each.value.zone_id + vpc_region = "us-gov-east-1" + vpc_id = var.main_dns_vpcs["us-gov-east-1"] +} + +resource "aws_route53_zone_association" "east_domain_zone" { + provider = aws.east_main_dns + for_each = aws_route53_vpc_association_authorization.east_domain_zone + zone_id = each.value.zone_id + vpc_id = each.value.vpc_id + vpc_region = each.value.vpc_region +} + +output "domain_zone_id" { + description = "DNS Zone ID" + # value = aws_route53_zone.domain_zone[0].zone_id + value = var.dns_zone_create ? aws_route53_zone.domain_zone[0].zone_id : data.aws_route53_zone.domain_zone[0].zone_id +} + +output "domain_zone_ns" { + description = "DNS Zone Nameservers" + # value = aws_route53_zone.domain_zone[0].name_servers + value = var.dns_zone_create ? aws_route53_zone.domain_zone[0].name_servers : data.aws_route53_zone.domain_zone[0].name_servers +} + +#--- +# ptr (reverse) zones +#--- +resource "aws_route53_zone" "ptr_zone" { + for_each = local.ptr_zones + + name = each.value.ptr_zone + comment = format("%vDNS PTR Zone %v (%v)", local.zone_description, each.value.ptr_zone, each.value.cidr) + force_destroy = false + + vpc { + vpc_id = local.vpc_id + vpc_region = local.region + } + + lifecycle { + ignore_changes = [vpc] + } + + tags = merge( + local.base_tags, + local.common_tags, + var.application_tags, + tomap({ "Name" = each.value.ptr_zone }), + ) +} + +resource "aws_route53_vpc_association_authorization" "west_ptr_zone" { + # provider = aws.west_main_dns + for_each = aws_route53_zone.ptr_zone + + zone_id = each.value.zone_id + vpc_region = "us-gov-west-1" + vpc_id = var.main_dns_vpcs["us-gov-west-1"] +} + +resource "aws_route53_zone_association" "west_ptr_zone" { + provider = aws.west_main_dns + for_each = aws_route53_vpc_association_authorization.west_ptr_zone + + zone_id = each.value.zone_id + vpc_id = each.value.vpc_id + vpc_region = each.value.vpc_region +} + +resource "aws_route53_vpc_association_authorization" "east_ptr_zone" { + # provider = aws.east_main_dns + for_each = aws_route53_zone.ptr_zone + + zone_id = each.value.zone_id + vpc_region = "us-gov-east-1" + vpc_id = var.main_dns_vpcs["us-gov-east-1"] +} + +resource "aws_route53_zone_association" "east_ptr_zone" { + provider = aws.east_main_dns + for_each = aws_route53_vpc_association_authorization.east_ptr_zone + + zone_id = each.value.zone_id + vpc_id = each.value.vpc_id + vpc_region = each.value.vpc_region +} + +## resource "aws_route53_zone_association" "west_ptr_zone" { +## for_each = aws_route53_zone.ptr_zone +## zone_id = each.value.zone_id +## vpc_region = "us-gov-west-1" +## vpc_id = var.main_dns_vpcs["us-gov-west-1"] +## } +## +## resource "aws_route53_zone_association" "east_ptr_zone" { +## for_each = aws_route53_zone.ptr_zone +## zone_id = each.value.zone_id +## vpc_region = "us-gov-east-1" +## vpc_id = var.main_dns_vpcs["us-gov-east-1"] +## } +## + +output "ptr_zone_id" { + description = "DNS PTR Zone IDs" + value = { for x, s in local.ptr_zones : x => aws_route53_zone.ptr_zone[x].zone_id } +} + +output "ptr_zone_ns" { + description = "DNS PTR Zone Nameservers" + value = { for x, s in local.ptr_zones : x => aws_route53_zone.ptr_zone[x].name_servers } +} + +output "ptr_zone_info" { + description = "DNS PTR Zone Info" + value = { for x, s in local.ptr_zones : x => { + cidr = s.cidr + ptr_zone = s.ptr_zone + zone_id = aws_route53_zone.ptr_zone[x].zone_id + name_servers = aws_route53_zone.ptr_zone[x].name_servers + } } +} + +output "all_zones" { + description = "DNS zone list" + value = flatten(concat([local.domain_name], [for x, s in local.ptr_zones : s.ptr_zone])) +} diff --git a/examples/dns-vpc-region-vpcN/apps/region.tf b/examples/dns-vpc-region-vpcN/apps/region.tf new file mode 100644 index 0000000..b7b1696 --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/region.tf @@ -0,0 +1,4 @@ +locals { + region = var.region +} + diff --git a/examples/dns-vpc-region-vpcN/apps/tf-run.data b/examples/dns-vpc-region-vpcN/apps/tf-run.data new file mode 100644 index 0000000..bb11b5c --- /dev/null +++ b/examples/dns-vpc-region-vpcN/apps/tf-run.data @@ -0,0 +1,9 @@ +VERSION 1.0.1 +REMOTE-STATE +COMMAND tf-directory-setup.py -l none -f +COMMAND setup-new-directory.sh +COMMAND tf-init -upgrade +COMMAND ln -sf ../variables.vpc.auto.tfvars . +COMMAND ln -sf ../variables.vpc.tf . +ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/dns-vpc-region/apps/dns/data.tf b/examples/dns-vpc-region/apps/dns/data.tf new file mode 100644 index 0000000..29a90df --- /dev/null +++ b/examples/dns-vpc-region/apps/dns/data.tf @@ -0,0 +1,10 @@ +locals { + vpc_info = { for k, v in data.aws_vpc.all_vpcs : v.tags["Name"] => v } +} + +data "aws_vpcs" "all_vpcs" {} + +data "aws_vpc" "all_vpcs" { + for_each = toset(data.aws_vpcs.all_vpcs.ids) + id = each.key +} diff --git a/examples/dns-vpc-region/apps/dns/locals.tf b/examples/dns-vpc-region/apps/dns/locals.tf new file mode 100644 index 0000000..6e912e2 --- /dev/null +++ b/examples/dns-vpc-region/apps/dns/locals.tf @@ -0,0 +1,5 @@ +locals { + base_tags = { + "boc:created_by" = "terraform" + } +} diff --git a/examples/dns-vpc-region/apps/dns/logging.tf b/examples/dns-vpc-region/apps/dns/logging.tf new file mode 100644 index 0000000..53c24e1 --- /dev/null +++ b/examples/dns-vpc-region/apps/dns/logging.tf @@ -0,0 +1,27 @@ +resource "aws_route53_resolver_query_log_config" "dns" { + name = "dns-logging" + destination_arn = aws_cloudwatch_log_group.dns.arn + + tags = merge( + local.base_tags, + local.common_tags, + tomap({ "Name" = format("dns-logging-%v", local.region) }), + ) +} + +resource "aws_cloudwatch_log_group" "dns" { + name = format("%v%v-%v", "lg-", "dns", local.region) + retention_in_days = 90 + + tags = merge( + local.base_tags, + local.common_tags, + tomap({ "Name" = format("dns-logging-%v", local.region) }), + ) +} + +resource "aws_route53_resolver_query_log_config_association" "dns" { + for_each = toset(data.aws_vpcs.all_vpcs.ids) + resolver_query_log_config_id = aws_route53_resolver_query_log_config.dns.id + resource_id = each.key +} diff --git a/examples/dns-vpc-region/apps/dns/region.tf b/examples/dns-vpc-region/apps/dns/region.tf new file mode 100644 index 0000000..f617506 --- /dev/null +++ b/examples/dns-vpc-region/apps/dns/region.tf @@ -0,0 +1,3 @@ +locals { + region = var.region +} diff --git a/examples/dns-vpc-region/apps/dns/tf-run.data b/examples/dns-vpc-region/apps/dns/tf-run.data new file mode 100644 index 0000000..3697d5a --- /dev/null +++ b/examples/dns-vpc-region/apps/dns/tf-run.data @@ -0,0 +1,7 @@ +VERSION 1.1.0 +REMOTE-STATE +COMMAND tf-directory-setup.py -l none -f +COMMAND setup-new-directory.sh +COMMAND tf-init +ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/dns-vpc-region/apps/region.tf b/examples/dns-vpc-region/apps/region.tf new file mode 100644 index 0000000..f617506 --- /dev/null +++ b/examples/dns-vpc-region/apps/region.tf @@ -0,0 +1,3 @@ +locals { + region = var.region +} diff --git a/examples/dns-vpc-region/apps/tf-run.data b/examples/dns-vpc-region/apps/tf-run.data new file mode 100644 index 0000000..3697d5a --- /dev/null +++ b/examples/dns-vpc-region/apps/tf-run.data @@ -0,0 +1,7 @@ +VERSION 1.1.0 +REMOTE-STATE +COMMAND tf-directory-setup.py -l none -f +COMMAND setup-new-directory.sh +COMMAND tf-init +ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/vpc-additional-peer/peers/README.md b/examples/vpc-additional-peer/peers/README.md new file mode 100644 index 0000000..7e5d3c6 --- /dev/null +++ b/examples/vpc-additional-peer/peers/README.md @@ -0,0 +1,25 @@ +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +No modules. + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [peer\_settings](#input\_peer\_settings) | VPC Peering NACL settings to additional VPCs | 
object(
    {
      name           = string
      region         = string
      profile        = string
      vpc_index      = number
      vpc_name       = string
      vpc_short_name = string
      rule_number    = number
    }
  )
| `null` | no | + +## Outputs + +No outputs. diff --git a/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/README.md b/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/README.md new file mode 100644 index 0000000..85e8cde --- /dev/null +++ b/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/README.md @@ -0,0 +1,29 @@ +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws.peer](#provider\_aws.peer) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [peer](#module\_peer) | git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//peer | n/a | + +## Resources + +| Name | Type | +|------|------| +| [aws_vpc.peer_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | + +## Inputs + +No inputs. + +## Outputs + +No outputs.