Merge pull request #17 from terraform-modules/backport-changes

backport module_name, map() and list() changes
terraform-modules · Jun 7, 2022 · f6cd361 · f6cd361
2 parents 6fe4430 + ea65651
commit f6cd361
Show file tree

Hide file tree

Showing 38 changed files with 165 additions and 43 deletions.
diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,4 @@ logs
 common/README.md
 
 OLD/
+X
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -122,4 +122,8 @@
   - flowlogs
     - change template to use account_alias
 
+* 1.6.5 -- 2022-06-07
+  - all
+    - backport module name and list(), map() changes
+
 ## Version 2.x
diff --git a/common/defaults.tf b/common/defaults.tf
@@ -47,5 +47,9 @@ locals {
       "peers"      = []
     }
     "transit-gateway-environments" = ["services", "dev", "test", "stage", "prod", "cre"]
+    "role" = {
+      "force_detach_policies" = false
+      "max_session_duration"  = 3600
+    }
   }
 }
diff --git a/common/module_name.tf b/common/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "aws-vpc-setup"
+}
diff --git a/common/version.tf b/common/version.tf
@@ -1,3 +1,19 @@
 locals {
-  _module_version = "1.6.4"
+  _module_version = "1.6.5"
+  _module_names = {
+    "_main_" = "aws-vpc-setup"
+
+    "flowlogs"               = "aws-vpc-setup/flowlogs"
+    "flowlogs-role"          = "aws-vpc-setup/flowlogs-role"
+    "nacl-rules"             = "aws-vpc-setup/nacl-rules"
+    "nacls"                  = "aws-vpc-setup/nacls"
+    "peer"                   = "aws-vpc-setup/peer"
+    "routing"                = "aws-vpc-setup/routing"
+    "security-groups"        = "aws-vpc-setup/security-groups"
+    "subnets"                = "aws-vpc-setup/subnets"
+    "vpc"                    = "aws-vpc-setup/vpc"
+    "vpc-interface-endpoint" = "aws-vpc-setup/vpc-interface-endpoint"
+    "vpn"                    = "aws-vpc-setup/vpn"
+    "vpn-transit-gateway"    = "aws-vpc-setup/vpn-transit-gateway"
+  }
 }
diff --git a/flowlogs-role/README.md b/flowlogs-role/README.md
@@ -15,19 +15,24 @@ module "role_flowlogs" {
 
 ## Requirements
 
-No requirements.
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.66.0 |
+| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
+| <a name="requirement_template"></a> [template](#requirement\_template) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.66.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_flowlogs"></a> [flowlogs](#module\_flowlogs) | git@github.e.it.census.gov:terraform-modules/aws-iam-role.git |  |
+| <a name="module_flowlogs"></a> [flowlogs](#module\_flowlogs) | git@github.e.it.census.gov:terraform-modules/aws-iam-role.git | n/a |
 
 ## Resources
 
@@ -50,6 +55,8 @@ No requirements.
 | <a name="input_attached_policies"></a> [attached\_policies](#input\_attached\_policies) | List of IAM Policy ARNs to attach to this role | `list(string)` | `[]` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_regions"></a> [regions](#input\_regions) | List of AWS Regions for which to grant Kinesis stream access | `list(string)` | `[]` | no |
+| <a name="input_role_description"></a> [role\_description](#input\_role\_description) | Role/application description | `string` | `""` | no |
+| <a name="input_role_name"></a> [role\_name](#input\_role\_name) | Role/application name without prefix | `string` | `"inf-flowlogs"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 
 ## Outputs

diff --git a/flowlogs-role/main.tf b/flowlogs-role/main.tf
@@ -21,6 +21,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 }

diff --git a/flowlogs-role/module_name.tf b/flowlogs-role/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "flowlogs-role"
+}
diff --git a/flowlogs-role/variables.tf b/flowlogs-role/variables.tf
@@ -9,3 +9,15 @@ variable "regions" {
   type        = list(string)
   default     = []
 }
+
+variable "role_name" {
+  description = "Role/application name without prefix"
+  type        = string
+  default     = "inf-flowlogs"
+}
+
+variable "role_description" {
+  description = "Role/application description"
+  type        = string
+  default     = ""
+}
diff --git a/flowlogs/README.md b/flowlogs/README.md
@@ -41,15 +41,20 @@ module "flowlogs" {
 
 ## Requirements
 
-No requirements.
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.66.0 |
+| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
+| <a name="requirement_template"></a> [template](#requirement\_template) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
-| <a name="provider_null"></a> [null](#provider\_null) | n/a |
-| <a name="provider_template"></a> [template](#provider\_template) | n/a |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.66.0 |
+| <a name="provider_null"></a> [null](#provider\_null) | >= 3.0 |
+| <a name="provider_template"></a> [template](#provider\_template) | >= 2.0 |
 
 ## Modules
 

diff --git a/flowlogs/main.tf b/flowlogs/main.tf
@@ -46,6 +46,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 

diff --git a/flowlogs/module_name.tf b/flowlogs/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "flowlogs"
+}
diff --git a/flowlogs/templates/aws_kinesis_tasks.conf.tpl b/flowlogs/templates/aws_kinesis_tasks.conf.tpl
@@ -1,5 +1,5 @@
 [${account_alias}-flowlogs-${region}_${flowlog_name}]
-# account_id = ${account_id} 
+# account_id = ${account_id}
 account = ${account_alias}
 format = CloudWatchLogs
 index = aws_vpc_flow_logs

diff --git a/nacl-rules/main.tf b/nacl-rules/main.tf
@@ -33,6 +33,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 }

diff --git a/nacl-rules/module_name.tf b/nacl-rules/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "nacl-rules"
+}
diff --git a/nacls/README.md b/nacls/README.md
@@ -25,13 +25,18 @@ module "nacls" {
 
 ## Requirements
 
-No requirements.
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.66.0 |
+| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
+| <a name="requirement_template"></a> [template](#requirement\_template) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.66.0 |
 
 ## Modules
 

diff --git a/nacls/main.tf b/nacls/main.tf
@@ -30,6 +30,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 
@@ -47,7 +48,7 @@ resource "aws_network_acl" "private" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["network-acl"], var.vpc_full_name, "private")),
+    { "Name" = format("%v%v-%v", local._prefixes["network-acl"], var.vpc_full_name, "private") },
   )
 }
 
@@ -61,6 +62,6 @@ resource "aws_network_acl" "public" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["network-acl"], var.vpc_full_name, "public")),
+    { "Name" = format("%v%v-%v", local._prefixes["network-acl"], var.vpc_full_name, "public") },
   )
 }
diff --git a/nacls/module_name.tf b/nacls/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "nacls"
+}
diff --git a/peer/main.tf b/peer/main.tf
@@ -89,6 +89,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 }

diff --git a/peer/module_name.tf b/peer/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "peer"
+}
diff --git a/routing/main.tf b/routing/main.tf
@@ -29,6 +29,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 
@@ -50,7 +51,7 @@ resource "aws_route_table" "public" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v-%v", local._prefixes["route-table"], var.vpc_full_name, var.public_route_table_label, each.key))
+    { "Name" = format("%v%v-%v-%v", local._prefixes["route-table"], var.vpc_full_name, var.public_route_table_label, each.key) },
   )
 }
 
@@ -70,7 +71,7 @@ resource "aws_route_table" "private" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v-%v", local._prefixes["route-table"], var.vpc_full_name, var.private_route_table_label, each.key))
+    { "Name" = format("%v%v-%v-%v", local._prefixes["route-table"], var.vpc_full_name, var.private_route_table_label, each.key) },
   )
 }
 
@@ -93,7 +94,7 @@ resource "aws_eip" "nat" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["elastic-ip"], var.vpc_full_name, each.key)),
+    { "Name" = format("%v%v-%v", local._prefixes["elastic-ip"], var.vpc_full_name, each.key) },
   )
 }
 
@@ -107,7 +108,7 @@ resource "aws_internet_gateway" "gateway" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v", local._prefixes["internet-gateway"], var.vpc_full_name)),
+    { "Name" = format("%v%v", local._prefixes["internet-gateway"], var.vpc_full_name) },
   )
 }
 
@@ -126,7 +127,7 @@ resource "aws_nat_gateway" "nat" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["nat-gateway"], var.vpc_full_name, each.key)),
+    { "Name" = format("%v%v-%v", local._prefixes["nat-gateway"], var.vpc_full_name, each.key) },
   )
 }
 

diff --git a/routing/module_name.tf b/routing/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "routing"
+}
diff --git a/routing/vpc-endpoints.tf b/routing/vpc-endpoints.tf
@@ -26,7 +26,7 @@ resource "aws_vpc_endpoint" "s3" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "s3", var.vpc_full_name)),
+    { "Name" = format("%v%v-%v", local._prefixes["vpc-endpoint"], "s3", var.vpc_full_name) },
   )
 }
 
@@ -54,7 +54,7 @@ resource "aws_vpc_endpoint" "dynamodb" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "dynamodb", var.vpc_full_name)),
+    { "Name" = format("%v%v-%v", local._prefixes["vpc-endpoint"], "dynamodb", var.vpc_full_name) },
   )
 }
 

diff --git a/security-groups/README.md b/security-groups/README.md
@@ -20,21 +20,26 @@ module "base-security-groups" {
 
 ## Requirements
 
-No requirements.
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.66.0 |
+| <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
+| <a name="requirement_template"></a> [template](#requirement\_template) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.66.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_sg-linux-base"></a> [sg-linux-base](#module\_sg-linux-base) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//it-linux-base |  |
-| <a name="module_sg-ois-scanner"></a> [sg-ois-scanner](#module\_sg-ois-scanner) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//ois-scanner |  |
-| <a name="module_sg-windows-base"></a> [sg-windows-base](#module\_sg-windows-base) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//it-windows-base |  |
+| <a name="module_sg-linux-base"></a> [sg-linux-base](#module\_sg-linux-base) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//it-linux-base | n/a |
+| <a name="module_sg-ois-scanner"></a> [sg-ois-scanner](#module\_sg-ois-scanner) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//ois-scanner | n/a |
+| <a name="module_sg-windows-base"></a> [sg-windows-base](#module\_sg-windows-base) | git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//it-windows-base | n/a |
 
 ## Resources
 

diff --git a/security-groups/main.tf b/security-groups/main.tf
@@ -26,6 +26,7 @@ locals {
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
+    "boc:tf_module_name"    = lookup(local._module_names, local._module_name, local._module_names["_main_"])
     "boc:created_by"        = "terraform"
   }
 }
@@ -39,8 +40,10 @@ resource "aws_default_security_group" "default" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Environment", var.vpc_environment),
-    map("Name", format("default-sg-%v", var.vpc_full_name))
+    {
+      "Environment" = var.vpc_environment
+      "Name"        = format("default-sg-%v", var.vpc_full_name)
+    }
   )
 }
 
@@ -56,7 +59,7 @@ module "sg-linux-base" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Environment", var.vpc_environment),
+    { "Environment" = var.vpc_environment },
   )
 }
 
@@ -69,7 +72,7 @@ module "sg-windows-base" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Environment", var.vpc_environment),
+    { "Environment" = var.vpc_environment },
   )
 }
 
@@ -82,6 +85,6 @@ module "sg-ois-scanner" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Environment", var.vpc_environment),
+    { "Environment" = var.vpc_environment },
   )
 }
diff --git a/security-groups/module_name.tf b/security-groups/module_name.tf
@@ -0,0 +1,3 @@
+locals {
+  _module_name = "security-groups"
+}