From c72377f86476e6c32a272d6eee345776d8efd46e Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Mon, 3 Apr 2023 17:14:30 -0400
Subject: [PATCH] add ssm_parameter

---
 route53-zone-association/vpc/README.md    |  2 ++
 route53-zone-association/vpc/main.tf      | 28 +++++++++++++----------
 route53-zone-association/vpc/outputs.tf   | 14 ++++++++++++
 route53-zone-association/vpc/variables.tf |  6 +++++
 4 files changed, 38 insertions(+), 12 deletions(-)
 create mode 100644 route53-zone-association/vpc/outputs.tf

diff --git a/route53-zone-association/vpc/README.md b/route53-zone-association/vpc/README.md
index 59ac6f9..165f7a6 100644
--- a/route53-zone-association/vpc/README.md
+++ b/route53-zone-association/vpc/README.md
@@ -34,6 +34,7 @@ No modules.
 | [aws_route53_vpc_association_authorization.peer_zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource |
 | [aws_route53_zone_association.peer_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
 | [aws_route53_zone_association.peer_zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
+| [aws_ssm_parameter.self_zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_arn.peer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_arn.self](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
@@ -54,6 +55,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_account_alias"></a> [account\_alias](#input\_account\_alias) | AWS Account Alias (default: will pull from current account\_alias) | `string` | `""` | no |
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | AWS Account ID (default: will pull from current user) | `string` | `""` | no |
+| <a name="input_enable_ssm_parameter"></a> [enable\_ssm\_parameter](#input\_enable\_ssm\_parameter) | Flag to enable SSM parameter to be set for zones in other accounts, used for finding the zone\_id | `bool` | `true` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_private_zone"></a> [private\_zone](#input\_private\_zone) | Selection either private or public (default: private) for named zones | `bool` | `true` | no |
 | <a name="input_region"></a> [region](#input\_region) | AWS Region to select for self (default: from provider aws.self) | `string` | `null` | no |
diff --git a/route53-zone-association/vpc/main.tf b/route53-zone-association/vpc/main.tf
index b6b8ac1..6349632 100644
--- a/route53-zone-association/vpc/main.tf
+++ b/route53-zone-association/vpc/main.tf
@@ -72,17 +72,21 @@ resource "aws_route53_zone_association" "peer_zones" {
   depends_on = [aws_route53_vpc_association_authorization.peer_zones]
 }
 
-output "zones" {
-  description = "Map of zone ids to zone names for PHZs"
-  value       = { for k, v in data.aws_route53_zone.zones : v.zone_id => k }
-}
-
-output "zones_account_id" {
-  description = "AWS Account ID where zone(s) is defined"
-  value       = data.aws_caller_identity.peer.account_id
-}
+resource "aws_ssm_parameter" "self_zones" {
+  for_each    = var.enable_ssm_parameter ? { for k, v in data.aws_route53_zone.zones : k => v.zone_id } : {}
+  name        = format("/local/%v/route53/zones/%v", local.region, each.key)
+  description = format("Route53 Zone Details for %v", each.key)
+  type        = "String"
+  value = jsonencode({
+    name       = var.vpc_domain_name
+    account_id = module.east_ma13_zones.zones_account_id
+    region     = module.east_ma13_zones.zones_region
+    zone_id    = each.value
+    #    create_time = try(time_static.vpce[0].unix, null)
+  })
 
-output "zones_region" {
-  description = "AWS Region where zone(s) is defined"
-  value       = data.aws_region.peer.name
+  tags = merge(
+    local.base_tags,
+    var.tags,
+  )
 }
diff --git a/route53-zone-association/vpc/outputs.tf b/route53-zone-association/vpc/outputs.tf
new file mode 100644
index 0000000..c36ed8d
--- /dev/null
+++ b/route53-zone-association/vpc/outputs.tf
@@ -0,0 +1,14 @@
+output "zones" {
+  description = "Map of zone ids to zone names for PHZs"
+  value       = { for k, v in data.aws_route53_zone.zones : v.zone_id => k }
+}
+
+output "zones_account_id" {
+  description = "AWS Account ID where zone(s) is defined"
+  value       = data.aws_caller_identity.peer.account_id
+}
+
+output "zones_region" {
+  description = "AWS Region where zone(s) is defined"
+  value       = data.aws_region.peer.name
+}
diff --git a/route53-zone-association/vpc/variables.tf b/route53-zone-association/vpc/variables.tf
index 9dcd809..66ef133 100644
--- a/route53-zone-association/vpc/variables.tf
+++ b/route53-zone-association/vpc/variables.tf
@@ -26,3 +26,9 @@ variable "region" {
   type        = string
   default     = null
 }
+
+variable "enable_ssm_parameter" {
+  description = "Flag to enable SSM parameter to be set for zones in other accounts, used for finding the zone_id"
+  type        = bool
+  default     = true
+}