Merge branch 'feature/INFRA-1040'

apps/api_gateway_resource/main.tf

@@ -1,9 +1 @@
-provider "aws" {
-}
-
-module "aws_core_data" {
-  source = "../../data_providers/aws_account_core_data"
-  providers = {
-   aws = "aws"
-  } 
-}
+provider "aws" {}

apps/cloudwatch_lambda/main.tf

@@ -1,10 +1 @@
-provider "aws" {
-}
-
-module "aws_core_data" {	
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"	
-  source = "../../data_providers/aws_account_core_data"	
-  providers = {	
-   aws = "aws"	
-  } 	
-}
+provider "aws" {}

apps/cloudwatch_lambda_schedule/main.tf

@@ -1,11 +1,2 @@
-providers = {
-   aws = "aws"
-  } 
+provider "aws" {}
 
-module "aws_core_data" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
-  providers = {
-   aws = "aws"
-  } 
-}

apps/cluster/main.tf

@@ -1,16 +1,9 @@
-provider "aws" {
-}
+provider "aws" {}
 
 module "aws_core_data" {
-//  source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
+  source       = "../../data_providers/shared-vpc-data"
+  account_type = "${var.account_type}"
   providers = {
-   aws = "aws"
-  } 
+    aws = "aws"
+  }
 }
-
-// For local development use instead:
-//module "aws_core_data" {
-//  source = "../../data_providers/aws_account_core_data"
-//}
-

apps/cluster/variables.tf

@@ -1,9 +1,7 @@
 variable "region" {
   default = "eu-west-1"
 }
-variable "account_type" {
-  default = "sandbox"
-}
+variable "account_type" {}
 variable "tags_business_unit" {
   default = "Albumprinter"
 }
@@ -33,7 +31,7 @@ variable "private" {
 
 variable "response_template" {
   type = "map"
-  default ={
+  default = {
     "application/json" = ""
   }
 }
@@ -42,7 +40,7 @@ variable "instance_count" {
   default = 1
 }
 variable "iam_policy_document" {
-  default =<<EOF
+  default = <<EOF
 {
     "Version": "2012-10-17",
     "Statement": [
@@ -96,11 +94,11 @@ variable "chef_serverurl" {
 
 variable "SG_cidr_blocks" {
   type = "list"
-  default =  [""]
-  }
+  default = [""]
+}
 variable "SG_elb_cidr_blocks" {
   type = "list"
-  default =  [""]
+  default = [""]
 }
 
 variable "lb_port_outside" {
@@ -147,14 +145,14 @@ variable "elb_sg_ingress_protocol" {
   default = "-1"
 }
 
-variable "elb_healthcheck_target"  {
+variable "elb_healthcheck_target" {
   default = "TCP:22"
 }
 
-variable "chef_attributes_json"  {
+variable "chef_attributes_json" {
   default = <<-EOF
   {
     "key": "value"
   }
   EOF
-}
+}

apps/ec2/main.tf

@@ -1,17 +1,9 @@
-provider "aws" {
-}
-
+provider "aws" {}
 
 module "aws_core_data" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
+  source       = "../../data_providers/shared-vpc-data"
+  account_type = "${var.account_type}"
   providers = {
-   aws = "aws"
+    aws = "aws"
   }
 }
-
-// For local development use instead:
-//module "aws_core_data" {
-//  source = "../../data_providers/aws_account_core_data"
-//}
-

apps/ec2/variables.tf

@@ -1,9 +1,7 @@
 variable "region" {
   default = "eu-west-1"
 }
-variable "account_type" {
-  default = "sandbox"
-}
+variable "account_type" {}
 variable "tags_business_unit" {
   default = "Albumprinter"
 }
@@ -32,7 +30,7 @@ variable "private" {
 
 variable "response_template" {
   type = "map"
-  default ={
+  default = {
     "application/json" = ""
   }
 }
@@ -41,7 +39,7 @@ variable "instance_count" {
   default = 1
 }
 variable "iam_policy_document" {
-  default =<<EOF
+  default = <<EOF
 {
     "Version": "2012-10-17",
     "Statement": [
@@ -83,4 +81,4 @@ variable "tags_AutoOn" {
 
 variable "tags_AutoOff" {
   default = ""
-}
+}

apps/ec2_standalone/main.tf

@@ -1,12 +1,11 @@
-provider "aws" {
-}
+provider "aws" {}
 
-module "aws_account_core_data" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
+module "aws_core_data" {
+  source       = "../../data_providers/shared-vpc-data"
+  account_type = "${var.account_type}"
   providers = {
-   aws = "aws"
-  } 
+    aws = "aws"
+  }
 }
 
 resource "aws_key_pair" "ec2_key_pair" {

apps/elasticache_redis/README.md

@@ -1,4 +1,5 @@
 # Description
+
 An example terraform module to build simple application as aws lambda function triggered by cloudwatch event scheduleder.
 
 ## Code Example
@@ -26,4 +27,4 @@ module "cache" {
   project     = "Unknown"
   environment = "Unknown"
 }
-```
+```

apps/elasticache_redis/main.tf

@@ -1,10 +1,9 @@
-provider "aws" {
-}
+provider "aws" {}
 
 module "aws_core_data" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
+  source       = "../../data_providers/shared-vpc-data"
+  account_type = "${var.account_type}"
   providers = {
-   aws = "aws"
-  } 
+    aws = "aws"
+  }
 }

apps/elasticache_redis/redis.tf

@@ -2,23 +2,10 @@
 # Security group resources
 #
 resource "aws_security_group" "redis" {
-  vpc_id = "${module.aws_core_data.vpc_id}"
+  vpc_id      = "${module.aws_core_data.vpc_id}"
   description = "Allow all inbound traffic for the scheduled lambda function"
-  ingress {
-    from_port = 6379
-    to_port = 6379
-    protocol = "tcp"
-    cidr_blocks = ["192.168.0.0/16"]
-  }
-
-  egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
 
-  tags {
+  tags = {
     Domain          = "${var.tags_domain}"
     Name            = "${var.app_name}"
     "Business Unit" = "${var.tags_business_unit}"
@@ -30,8 +17,29 @@ resource "aws_security_group" "redis" {
   }
 }
 
+resource "aws_security_group_rule" "redis_ingress" {
+  type              = "ingress"
+  security_group_id = "${aws_security_group.redis.id}"
+  description       = "Allow access to Redis"
+  from_port         = 6379
+  to_port           = 6379
+  protocol          = "tcp"
+  cidr_blocks       = ["${var.redis_cidr}"]
+}
+resource "aws_security_group_rule" "redis_egress" {
+  security_group_id = "${aws_security_group.redis.id}"
+  description       = "Allow all outgoing"
+  type              = "egress"
+  from_port         = 0
+  to_port           = 0
+  protocol          = "-1"
+  cidr_blocks       = ["0.0.0.0/0"]
+}
+
+
+
 resource "aws_elasticache_subnet_group" "redis" {
-  name = "${var.app_name}"
+  name       = "${var.app_name}"
   subnet_ids = ["${split(",", join(",", module.aws_core_data.private_subnets))}"]
 }
 
@@ -52,7 +60,7 @@ resource "aws_elasticache_replication_group" "redis" {
   notification_topic_arn        = "${var.notification_topic_arn}"
   port                          = 6379
 
-  tags {
+  tags = {
     Domain          = "${var.tags_domain}"
     Name            = "${var.app_name}"
     "Business Unit" = "${var.tags_business_unit}"

apps/elasticache_redis/variables.tf

@@ -7,6 +7,10 @@ variable "account_type" {
 variable "tags_business_unit" {
   default = "Albumprinter"
 }
+variable "redis_cidr" {
+  description = "cidr range that has access to Redis. By default all the shared VPC ranges"
+  default     = "10.96.0.0/12"
+}
 variable "tags_cost_center" {}
 variable "tags_team" {}
 variable "tags_domain" {}
@@ -30,8 +34,8 @@ variable "costcenter" {
 variable "cache_identifier" {}
 
 variable "parameter_group" {
-  description= "For cluster mode override with: default.redis3.2.cluster.on"
-  default = "default.redis3.2"
+  description = "For cluster mode override with: default.redis3.2.cluster.on"
+  default     = "default.redis3.2"
 }
 
 variable "maintenance_window" {}
@@ -65,4 +69,4 @@ variable "alarm_memory_threshold" {
 
 variable "alarm_actions" {
   type = "list"
-}
+}

apps/lambda_function/cloudwatch.tf

@@ -1,19 +1,18 @@
 module "lambda_app_cloudwatch" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//apps/cloudwatch_lambda"
-  source = "../../apps/cloudwatch_lambda"
-  app_name = "${var.app_name}"
-  log_group_name = "/aws/lambda/${var.app_name}"
-  alarm_threshold = "${var.lambda_memory_alert_threshold}"
-  alarm_action_arn = "${var.alarm_action_arn}"
-  environment = "${var.environment}"
-  tags_team = "${var.tags_team}"
-  tags_domain = "${var.tags_domain}"
-  tags_purpose = "${var.tags_purpose}"
-  tags_cost_center = "${var.tags_cost_center}"
-  description = "${var.description}"
-  retention_days = "${var.retention_days}"
-  enable_cloudwatch_alarms = "${var.enable_cloudwatch_alarms}"    
+  source                   = "../../apps/cloudwatch_lambda"
+  app_name                 = "${var.app_name}"
+  log_group_name           = "/aws/lambda/${var.app_name}"
+  alarm_threshold          = "${var.lambda_memory_alert_threshold}"
+  alarm_action_arn         = "${var.alarm_action_arn}"
+  environment              = "${var.environment}"
+  tags_team                = "${var.tags_team}"
+  tags_domain              = "${var.tags_domain}"
+  tags_purpose             = "${var.tags_purpose}"
+  tags_cost_center         = "${var.tags_cost_center}"
+  description              = "${var.description}"
+  retention_days           = "${var.retention_days}"
+  enable_cloudwatch_alarms = "${var.enable_cloudwatch_alarms}"
   providers = {
-   aws = "aws"
+    aws = "aws"
   }
-}
+}

apps/lambda_function/main.tf

@@ -1,10 +1 @@
-provider "aws" {
-}
-
-module "aws_core_data" {
-  //source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-  source = "../../data_providers/aws_account_core_data"
-  providers = {
-   aws = "aws"
-  }
-}
+provider "aws" {}