diff --git a/ec2-test-instance/README.md b/ec2-test-instance/README.md
index 1876f18..16f72b6 100644
--- a/ec2-test-instance/README.md
+++ b/ec2-test-instance/README.md
@@ -20,6 +20,7 @@
| Name | Source | Version |
|------|--------|---------|
| [role](#module\_role) | git@github.e.it.census.gov:terraform-modules/aws-iam-role.git | tf-upgrade |
+| [sg](#module\_sg) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//custom | tf-upgrade |
## Resources
@@ -27,6 +28,8 @@
|------|------|
| [aws_instance.test](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
| [aws_key_pair.keypair](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/key_pair) | resource |
+| [local_file.ip_addresses_full](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
+| [local_file.ip_addresses_full_json](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
| [local_file.test_addresses](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
| [null_resource.generate_keypair](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [aws_ami.test_arm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
@@ -38,23 +41,9 @@
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [account\_alias](#input\_account\_alias) | AWS Account Alias (default: will pull from current account\_alias) | `string` | `""` | no |
-| [account\_id](#input\_account\_id) | AWS Account ID (default: will pull from current user) | `string` | `""` | no |
-| [availability\_zones](#input\_availability\_zones) | AWS Availability Zones to use (by default will use all available) | `list(string)` | `[]` | no |
-| [bootstrap\_commands](#input\_bootstrap\_commands) | List of commands to pass to the instance over SSH | `list(string)` | `[]` | no |
| [enable\_bootstrap](#input\_enable\_bootstrap) | Flag to enable or disable bootstrap (yum and awscli setup) | `bool` | `true` | no |
| [enable\_instances](#input\_enable\_instances) | Flag to enable or disable creation of EC2 key and instances | `bool` | `true` | no |
| [instance\_count](#input\_instance\_count) | Number to indicate how many instances (up to subnet-count x az-count) | `number` | `null` | no |
-| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
-| [private\_subnets\_ids](#input\_private\_subnets\_ids) | List of private subnet objects including: subnet, label, availability\_zone, id | list(object({
subnet = string
label = string
availability_zone = string
id = string
})) | `[]` | no |
-| [public\_subnets\_ids](#input\_public\_subnets\_ids) | List of public subnet objects including: subnet, label, availability\_zone, id | list(object({
subnet = string
label = string
availability_zone = string
id = string
})) | `[]` | no |
-| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
-| [vpc\_environment](#input\_vpc\_environment) | VPC environment purpose (infrastructure, common, shared, dev, stage, ite, prod) | `string` | `null` | no |
-| [vpc\_full\_name](#input\_vpc\_full\_name) | VPC full name component (vpc{index}-{vpc\_name}) | `string` | `null` | no |
-| [vpc\_id](#input\_vpc\_id) | VPC ID | `string` | n/a | yes |
-| [vpc\_index](#input\_vpc\_index) | VPC index number (integer starting at 1) | `number` | `null` | no |
-| [vpc\_name](#input\_vpc\_name) | VPC name component used through the VPC descrbing its purpose (ex: dice-dev) | `string` | `null` | no |
-| [vpc\_short\_name](#input\_vpc\_short\_name) | VPC short name component (vpc{index}) | `string` | `null` | no |
## Outputs
diff --git a/ec2-test-instance/bin/install-ssm.sh b/ec2-test-instance/bin/install-ssm.sh
old mode 100755
new mode 100644
index 3717088..89d244a
--- a/ec2-test-instance/bin/install-ssm.sh
+++ b/ec2-test-instance/bin/install-ssm.sh
@@ -1,6 +1,6 @@
#!/bin/bash -x
-VERSION="1.3.0"
+VERSION="1.3.2"
echo "# starring install-ssm.sh v$VERSION at $(date)"
@@ -8,7 +8,7 @@ echo "# disabling root password"
passwd -d root
echo "# installing packages"
-sudo yum install -y iperf3 bind-utils curl nc awscli jq lsof policycoreutils-python
+sudo yum install -y --skip-broken iperf3 bind-utils curl nc awscli jq lsof policycoreutils-python
echo "# configuring AWS CLI"
REGION=$(curl --silent http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region)
@@ -24,7 +24,17 @@ sudo systemctl enable amazon-ssm-agent
sudo systemctl start amazon-ssm-agent
sudo systemctl status amazon-ssm-agent
-echo "# setp iperf3 service"
+echo "# setup sysctl"
+cat > /etc/sysctl.d/10-iperf3-sysctl.conf < /tmp/iperf3.service < tgw-route-table $rt"
+ aws --profile $PROFILE --region $REGION ec2 search-transit-gateway-routes --transit-gateway-route-table-id $rt --filters Name=type,Values=propagated --output text|grep ^ROUTE
+ done
elif [ "$FULL" == "json" ]
then
echo "## VPN.json"
aws --profile $PROFILE --region $REGION ec2 describe-vpn-connections --filters Name=tag:Name,Values="$VPC" --output json
echo "## Routes.json"
- aws --profile $PROFILE --region $REGION ec2 describe-route-tables --filters Name=tag:Name,Values="${VPC}private*" --output json
+ aws --profile $PROFILE --region $REGION ec2 describe-route-tables --filters Name=tag:Name,Values="${VPC}*private*" --output json
+ echo "## TGW Routes.json"
+# aws --profile $PROFILE --region $REGION ec2 describe-transit-gateway-route-tables --filters Name=tag:Name,Values="*vpn*${VPC}*" --output json
+ for rt in $(aws --profile $PROFILE --region $REGION ec2 describe-transit-gateway-route-tables --filters Name=tag:Name,Values="*vpn*${VPC}*" --output text|grep ^TRA|awk '{print $7}')
+ do
+ echo "> tgw-route-table $rt"
+ aws --profile $PROFILE --region $REGION ec2 search-transit-gateway-routes --transit-gateway-route-table-id $rt --filters Name=type,Values=propagated --output json
+ done
else
echo "## VPN.full"
aws --profile $PROFILE --region $REGION ec2 describe-vpn-connections --filters Name=tag:Name,Values="$VPC" --output text
echo "## Routes.full"
- aws --profile $PROFILE --region $REGION ec2 describe-route-tables --filters Name=tag:Name,Values="${VPC}private*" --output text
+ aws --profile $PROFILE --region $REGION ec2 describe-route-tables --filters Name=tag:Name,Values="${VPC}*private*" --output text
+ echo "## TGW Routes.full"
+# aws --profile $PROFILE --region $REGION ec2 describe-transit-gateway-route-tables --filters Name=tag:Name,Values="*vpn*${VPC}*" --output text
+ for rt in $(aws --profile $PROFILE --region $REGION ec2 describe-transit-gateway-route-tables --filters Name=tag:Name,Values="*vpn*${VPC}*" --output text|grep ^TRA|awk '{print $7}')
+ do
+ echo "> tgw-route-table $rt"
+ aws --profile $PROFILE --region $REGION ec2 search-transit-gateway-routes --transit-gateway-route-table-id $rt --filters Name=type,Values=propagated --output text
+ done
fi
diff --git a/ec2-test-instance/ec2-role.tf b/ec2-test-instance/ec2-role.tf
index f51d483..020b1da 100644
--- a/ec2-test-instance/ec2-role.tf
+++ b/ec2-test-instance/ec2-role.tf
@@ -10,11 +10,16 @@ data "aws_iam_policy" "ssm_policies" {
name = each.key
}
+#data "aws_iam_policy" "bucket" {
+# name = "p-tgw-testing"
+#}
+
module "role" {
source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"
- role_name = local.ec2_role_name
- create = var.enable_instances
+ role_name = local.ec2_role_name
+ create = var.enable_instances
+ # attached_policies = concat([for k, v in data.aws_iam_policy.ssm_policies : v.arn],[data.aws_iam_policy.bucket.arn])
attached_policies = [for k, v in data.aws_iam_policy.ssm_policies : v.arn]
enable_instance_profile = true
assume_policy_document = data.terraform_remote_state.common.outputs.custom_policy_documents["ec2_assume"].policy
diff --git a/ec2-test-instance/ec2.tf b/ec2-test-instance/ec2.tf
index 780d5c0..5789090 100644
--- a/ec2-test-instance/ec2.tf
+++ b/ec2-test-instance/ec2.tf
@@ -1,5 +1,18 @@
# https://cloudanddevopstech.com/2020/11/01/terraform-aws-ec2-with-ssm-agent-installed/
+locals {
+ bootstrap_commands = [
+ # "sudo bash /tmp/bootstrap.sh /tmp/${var.git_deploy_path} ${local.bootstrap_args} |& tee /tmp/bootstrap.log",
+ "sleep 60",
+ "sudo yum install -y iperf3 bind-utils curl nc awscli",
+ # set region in default profile
+ "aws configure --profile default set region ${local.region}",
+ "aws configure --profile default set output json",
+ "sudo aws configure --profile default set region ${local.region}",
+ "sudo aws configure --profile default set output json",
+ ]
+}
+
resource "aws_instance" "test" {
for_each = var.enable_instances ? { for k, v in local.private_subnets_id_list : k => local.private_subnets_id_map[v.label] } : {}
@@ -8,7 +21,7 @@ resource "aws_instance" "test" {
availability_zone = each.value.availability_zone
key_name = local.key_name
subnet_id = each.value.id
- vpc_security_group_ids = local.security_groups
+ vpc_security_group_ids = concat(local.security_groups, [module.sg.this_security_group_id])
iam_instance_profile = module.role.instance_profile_name
root_block_device {
@@ -19,7 +32,7 @@ resource "aws_instance" "test" {
}
provisioner "remote-exec" {
- inline = var.enable_bootstrap && length(var.bootstrap_commands) > 0 ? var.bootstrap_commands : []
+ inline = var.enable_bootstrap ? local.bootstrap_commands : []
on_failure = continue
connection {
@@ -28,11 +41,11 @@ resource "aws_instance" "test" {
host = self.private_ip
agent = false
private_key = file("${path.root}/setup/${local.key_name}")
- timeout = var.enable_bootstrap && length(var.bootstrap_commands) > 0 ? "5m" : "5s"
+ timeout = var.enable_bootstrap && length(local.bootstrap_commands) > 0 ? "5m" : "5s"
}
}
- user_data = file("${path.module}/bin/install-ssm.sh")
+ user_data = file("${path.root}/install-ssm.sh")
volume_tags = merge(
local.common_tags,
@@ -43,6 +56,10 @@ resource "aws_instance" "test" {
local.common_tags,
tomap({ "Name" = format("%v-test-%v.%v", local.vpc_short_name, each.key, var.vpc_domain_name) }),
)
+
+ lifecycle {
+ ignore_changes = [ami]
+ }
}
output "test_instances" {
@@ -56,6 +73,39 @@ output "test_instances" {
}
resource "local_file" "test_addresses" {
- content = templatefile("${path.root}/templates/test-ips.txt.tpl", { instances = aws_instance.test })
- filename = "${path.root}/test-ips.txt"
+ content = templatefile("${path.root}/templates/test-ips.txt.tpl", {
+ instances = aws_instance.test
+ account_id = var.account_id
+ account_alias = var.account_alias
+ region = local.region
+ vpc_name = local.vpc_short_name
+ })
+ filename = "${path.root}/test-ips.txt"
+ file_permission = "0644"
+}
+
+resource "local_file" "ip_addresses_full" {
+ content = templatefile("${path.root}/templates/ip-addresses-full.txt.tpl", {
+ instances = aws_instance.test
+ account_id = var.account_id
+ account_alias = var.account_alias
+ region = local.region
+ vpc_name = local.vpc_short_name
+ name_prefix = "test"
+ })
+ filename = "${path.root}/ip-addresses-full.txt"
+ file_permission = "0644"
+}
+
+resource "local_file" "ip_addresses_full_json" {
+ content = templatefile("${path.root}/templates/ip-addresses-full.json.tpl", {
+ instances = aws_instance.test
+ account_id = var.account_id
+ account_alias = var.account_alias
+ region = local.region
+ vpc_name = local.vpc_short_name
+ name_prefix = "test"
+ })
+ filename = "${path.root}/ip-addresses-full.json"
+ file_permission = "0644"
}
diff --git a/ec2-test-instance/etc/sysctl.d/10-iperf3-sysctl.conf b/ec2-test-instance/etc/sysctl.d/10-iperf3-sysctl.conf
new file mode 100644
index 0000000..f4b4a5e
--- /dev/null
+++ b/ec2-test-instance/etc/sysctl.d/10-iperf3-sysctl.conf
@@ -0,0 +1,4 @@
+net.core.wmem_max = 4194304
+net.core.rmem_max = 12582912
+net.ipv4.tcp_rmem = 4096 87380 4194304
+net.ipv4.tcp_wmem = 4096 87380 4194304
diff --git a/ec2-test-instance/systemd/iperf3.service b/ec2-test-instance/etc/systemd/iperf3.service
similarity index 100%
rename from ec2-test-instance/systemd/iperf3.service
rename to ec2-test-instance/etc/systemd/iperf3.service
diff --git a/ec2-test-instance/systemd/iperf3@.service b/ec2-test-instance/etc/systemd/iperf3@.service
similarity index 100%
rename from ec2-test-instance/systemd/iperf3@.service
rename to ec2-test-instance/etc/systemd/iperf3@.service
diff --git a/ec2-test-instance/locals.tf b/ec2-test-instance/locals.tf
index 0ef3672..7341179 100644
--- a/ec2-test-instance/locals.tf
+++ b/ec2-test-instance/locals.tf
@@ -1,3 +1,4 @@
locals {
- vpc_outputs = data.terraform_remote_state.vpc_west_vpc1.outputs
+ vpc_outputs = data.terraform_remote_state.vpc_east_vpc1.outputs
+ account_id = data.aws_caller_identity.current.account_id
}
diff --git a/ec2-test-instance/region.tf b/ec2-test-instance/region.tf
index b7b1696..f617506 100644
--- a/ec2-test-instance/region.tf
+++ b/ec2-test-instance/region.tf
@@ -1,4 +1,3 @@
locals {
region = var.region
}
-
diff --git a/ec2-test-instance/settings.tf b/ec2-test-instance/settings.tf
index d18313e..e8ce594 100644
--- a/ec2-test-instance/settings.tf
+++ b/ec2-test-instance/settings.tf
@@ -1,4 +1,5 @@
locals {
+ vpc_outputs = data.terraform_remote_state.vpc_east_vpc1.outputs
vpc_short_name = local.vpc_outputs.vpc_info["vpc_short_name"]
private_subnets_ids = local.vpc_outputs.private_subnets_ids
diff --git a/ec2-test-instance/sg.tf b/ec2-test-instance/sg.tf
new file mode 100644
index 0000000..cbd9626
--- /dev/null
+++ b/ec2-test-instance/sg.tf
@@ -0,0 +1,18 @@
+module "sg" {
+ source = "git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//custom?ref=tf-upgrade"
+
+ vpc_id = local.vpc_id
+ name = format("%v-test", local.vpc_short_name)
+ description = format("Security group for %v-test", local.vpc_short_name)
+ short_description = "testing"
+ ingress_port_list = [
+ [5201, 5210, "tcp", "iperf3", ["0.0.0.0/0"]],
+ [5201, 5210, "udp", "iperf3", ["0.0.0.0/0"]],
+ [8080, 8080, "tcp", "http", ["0.0.0.0/0"]],
+ [8443, 8443, "tcp", "https", ["0.0.0.0/0"]],
+ ]
+ tags = merge(
+ local.common_tags,
+ tomap({ "Name" = format("%v-test", local.vpc_short_name) }),
+ )
+}
diff --git a/ec2-test-instance/templates/ip-addresses-full.json.tpl b/ec2-test-instance/templates/ip-addresses-full.json.tpl
new file mode 100644
index 0000000..04daf7d
--- /dev/null
+++ b/ec2-test-instance/templates/ip-addresses-full.json.tpl
@@ -0,0 +1,17 @@
+[
+%{ for k,v in instances ~}
+ {
+ "label": "${k}",
+ "hostname": "${vpc_name}-${name_prefix}-${k}",
+ "fqdn": "${v.tags.Name}",
+ "account_id": "${account_id}",
+ "account_alias": "${account_alias}",
+ "region": "${region}",
+ "vpc_name": "${vpc_name}"
+ "availability_zone": "${v.availability_zone}",
+ "ip_address": "${v.private_ip}",
+ "instance_id": "${v.id}"
+ }
+%{ if length(instances)>1 },%{ endif ~}
+%{ endfor ~}
+]
diff --git a/ec2-test-instance/templates/ip-addresses-full.txt.tpl b/ec2-test-instance/templates/ip-addresses-full.txt.tpl
new file mode 100644
index 0000000..abe9ea4
--- /dev/null
+++ b/ec2-test-instance/templates/ip-addresses-full.txt.tpl
@@ -0,0 +1,3 @@
+%{ for k,v in instances ~}
+${account_id} ${account_alias} ${region} ${vpc_name} ${v.availability_zone} ${v.private_ip} ${vpc_name}-${name_prefix}-${k} ${v.id}
+%{ endfor ~}
diff --git a/ec2-test-instance/tf-run.data b/ec2-test-instance/tf-run.data
index 3d26174..c58f6e2 100644
--- a/ec2-test-instance/tf-run.data
+++ b/ec2-test-instance/tf-run.data
@@ -1,4 +1,4 @@
-VERSION 1.1.3
+VERSION 1.1.7
REMOTE-STATE
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
@@ -6,12 +6,15 @@ COMMAND tf-init -upgrade
null_resource.generate_keypair
COMMAND tf-directory-setup.py -l s3
+COMMAND rm provider.infoblox.*
COMMAND ln -sf ../variables.vpc.auto.tfvars .
COMMAND ln -sf ../variables.vpc.tf .
LINKTOP provider_configs.d/provider.ldap_new.auto.tfvars
LINKTOP provider_configs.d/provider.ldap_new.tf
LINKTOP provider_configs.d/provider.ldap_new.variables.tf
+## LINKTOP vpc/apps/tgw-testing/remote_state.vpc_apps_tgw-testing.tf
+module.sg
ALL
COMMENT echo *-keypair >> .gitignore
diff --git a/ec2-test-instance/variables.common.availability_zones.tf b/ec2-test-instance/variables.common.availability_zones.tf
deleted file mode 120000
index dca20a3..0000000
--- a/ec2-test-instance/variables.common.availability_zones.tf
+++ /dev/null
@@ -1 +0,0 @@
-../common/variables.common.availability_zones.tf
\ No newline at end of file
diff --git a/ec2-test-instance/variables.common.subnet_ids.tf b/ec2-test-instance/variables.common.subnet_ids.tf
deleted file mode 120000
index 3d70185..0000000
--- a/ec2-test-instance/variables.common.subnet_ids.tf
+++ /dev/null
@@ -1 +0,0 @@
-../common/variables.common.subnet_ids.tf
\ No newline at end of file
diff --git a/ec2-test-instance/variables.common.tf b/ec2-test-instance/variables.common.tf
deleted file mode 120000
index 7439ed8..0000000
--- a/ec2-test-instance/variables.common.tf
+++ /dev/null
@@ -1 +0,0 @@
-../common/variables.common.tf
\ No newline at end of file
diff --git a/ec2-test-instance/variables.common.vpc.tf b/ec2-test-instance/variables.common.vpc.tf
deleted file mode 120000
index 5e77d37..0000000
--- a/ec2-test-instance/variables.common.vpc.tf
+++ /dev/null
@@ -1 +0,0 @@
-../common/variables.common.vpc.tf
\ No newline at end of file
diff --git a/ec2-test-instance/variables.common.vpc_id.tf b/ec2-test-instance/variables.common.vpc_id.tf
deleted file mode 120000
index bc2e061..0000000
--- a/ec2-test-instance/variables.common.vpc_id.tf
+++ /dev/null
@@ -1 +0,0 @@
-../common/variables.common.vpc_id.tf
\ No newline at end of file
diff --git a/ec2-test-instance/variables.tf b/ec2-test-instance/variables.tf
index 208ce61..a2c9cda 100644
--- a/ec2-test-instance/variables.tf
+++ b/ec2-test-instance/variables.tf
@@ -10,12 +10,6 @@ variable "enable_bootstrap" {
default = true
}
-variable "bootstrap_commands" {
- description = "List of commands to pass to the instance over SSH"
- type = list(string)
- default = []
-}
-
variable "instance_count" {
description = "Number to indicate how many instances (up to subnet-count x az-count)"
type = number
diff --git a/ec2-test-instance/write-bucket.tf.off b/ec2-test-instance/write-bucket.tf.off
new file mode 100644
index 0000000..dee7877
--- /dev/null
+++ b/ec2-test-instance/write-bucket.tf.off
@@ -0,0 +1,71 @@
+locals {
+ file_prefixes = [
+ format("data/%v", local.account_id),
+ format("data/%v/%v", local.account_id, local.region),
+ format("data/%v/%v/%v", local.account_id, local.region, var.vpc_full_name),
+ ]
+ file_names = { for f in [
+ local_file.test_addresses.filename,
+ local_file.ip_addresses_full.filename,
+ local_file.ip_addresses_full_json.filename] : format("%v-%v.%v", local.region, var.vpc_short_name, basename(f)) => f
+ }
+ all_files = { for p in setproduct(local.file_prefixes, keys(local.file_names)) : format("%v__%v", p[0], p[1]) => { prefix = p[0], file = p[1], source = local.file_names[p[1]] } }
+}
+
+#---
+# write ip address files to both buckets
+#---
+resource "aws_s3_object" "bucket_east_files" {
+ for_each = local.all_files
+ provider = aws.east
+ bucket = data.terraform_remote_state.vpc_apps_tgw-testing.outputs.bucket_east.id
+ key = format("%v/%v", each.value.prefix, each.value.file)
+ source = each.value.source
+ etag = fileexists(each.value.source) ? filemd5(each.value.source) : ""
+
+ depends_on = [ local_file.test_addresses,local_file.ip_addresses_full,local_file.ip_addresses_full_json]
+}
+
+resource "aws_s3_object" "bucket_west_files" {
+ for_each = local.all_files
+ provider = aws.west
+ bucket = data.terraform_remote_state.vpc_apps_tgw-testing.outputs.bucket_west.id
+ key = format("%v/%v", each.value.prefix, each.value.file)
+ source = each.value.source
+ etag = fileexists(each.value.source) ? filemd5(each.value.source) : ""
+
+ depends_on = [ local_file.test_addresses,local_file.ip_addresses_full,local_file.ip_addresses_full_json]
+}
+
+
+locals {
+ ssh_keys = { for f in fileset(path.root, format("setup/%v*", try(null_resource.generate_keypair[0].triggers.keypair_name,"not-enabled"))) : basename(f) =>
+ {
+ prefix = format("data/%v/%v/%v/ssh", local.account_id, local.region, var.vpc_full_name),
+ file = basename(f),
+ source = f
+ }
+ }
+}
+
+resource "aws_s3_object" "bucket_east_ssh_keys" {
+ for_each = var.enable_instances ? local.ssh_keys : {}
+ provider = aws.east
+ bucket = data.terraform_remote_state.vpc_apps_tgw-testing.outputs.bucket_east.id
+ key = format("%v/%v", each.value.prefix, each.value.file)
+ source = each.value.source
+ etag = filemd5(each.value.source)
+
+ depends_on = [null_resource.generate_keypair]
+}
+
+resource "aws_s3_object" "bucket_west_ssh_keys" {
+ for_each = var.enable_instances ? local.ssh_keys : {}
+ provider = aws.west
+ bucket = data.terraform_remote_state.vpc_apps_tgw-testing.outputs.bucket_west.id
+ key = format("%v/%v", each.value.prefix, each.value.file)
+ source = each.value.source
+ etag = filemd5(each.value.source)
+
+ depends_on = [null_resource.generate_keypair]
+}