Skip to content

Commit

Permalink
AWS RAM Module (#105)
Browse files Browse the repository at this point in the history
* added ram module and org setting

* chore: terraform fmt and terraform-docs

---------

Co-authored-by: zachreborn <zachreborn@users.noreply.github.com>
  • Loading branch information
zachreborn and zachreborn authored Dec 17, 2024
1 parent 33f56c0 commit 3cacbb6
Showing 4 changed files with 276 additions and 0 deletions.
174 changes: 174 additions & 0 deletions modules/aws/ram/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,174 @@
<!-- Blank module readme template: Do a search and replace with your text editor for the following: `module_name`, `module_description` -->
<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 -->

<a name="readme-top"></a>

<!-- PROJECT SHIELDS -->
<!--
*** I'm using markdown "reference style" links for readability.
*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
*** See the bottom of this document for the declaration of the reference variables
*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
*** https://www.markdownguide.org/basic-syntax/#reference-style-links
-->

[![Contributors][contributors-shield]][contributors-url]
[![Forks][forks-shield]][forks-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
[![MIT License][license-shield]][license-url]
[![LinkedIn][linkedin-shield]][linkedin-url]

<!-- PROJECT LOGO -->
<br />
<div align="center">
<a href="https://github.com/zachreborn/terraform-modules">
<img src="/images/terraform_modules_logo.webp" alt="Logo" width="300" height="300">
</a>

<h3 align="center">AWS Resource Access Manager (RAM)</h3>
<p align="center">
This modules creates and configures RAM resources, allowing for existing resources to be shared with your organization or other AWS accounts.
<br />
<a href="https://github.com/zachreborn/terraform-modules"><strong>Explore the docs »</strong></a>
<br />
<br />
<a href="https://zacharyhill.co">Zachary Hill</a>
·
<a href="https://github.com/zachreborn/terraform-modules/issues">Report Bug</a>
·
<a href="https://github.com/zachreborn/terraform-modules/issues">Request Feature</a>
</p>
</div>

<!-- TABLE OF CONTENTS -->
<details>
<summary>Table of Contents</summary>
<ol>
<li><a href="#usage">Usage</a></li>
<li><a href="#requirements">Requirements</a></li>
<li><a href="#providers">Providers</a></li>
<li><a href="#modules">Modules</a></li>
<li><a href="#Resources">Resources</a></li>
<li><a href="#inputs">Inputs</a></li>
<li><a href="#outputs">Outputs</a></li>
<li><a href="#license">License</a></li>
<li><a href="#contact">Contact</a></li>
<li><a href="#acknowledgments">Acknowledgments</a></li>
</ol>
</details>

<!-- USAGE EXAMPLES -->

## Usage

### Simple Example

This example shares a transit gateway with the current AWS organization. This allows all accounts in the organization to use the transit gateway and attach VPCs from other accounts.

```
module "tgw_ram_share" {
source = "github.com/zachreborn/terraform-modules//modules/aws/ram"
name = "transit_tgw"
resource_arn = module.transit_gateway.arn
}
```

_For more examples, please refer to the [Documentation](https://github.com/zachreborn/terraform-modules)_

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!-- terraform-docs output will be input automatically below-->
<!-- terraform-docs markdown table --output-file README.md --output-mode inject .-->
<!-- BEGIN_TF_DOCS -->
## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0.0 |

## Modules

No modules.

## Resources

| Name | Type |
|------|------|
| [aws_ram_principal_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_principal_association) | resource |
| [aws_ram_resource_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_association) | resource |
| [aws_ram_resource_share.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_share) | resource |
| [aws_organizations_organization.current_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_allow_external_principals"></a> [allow\_external\_principals](#input\_allow\_external\_principals) | Indicates whether principals outside your AWS organization can be associated with a resource share. | `bool` | `false` | no |
| <a name="input_name"></a> [name](#input\_name) | The name of the resource share. | `string` | n/a | yes |
| <a name="input_permission_arns"></a> [permission\_arns](#input\_permission\_arns) | The ARNs of the permissions to associate with the resource share. | `list(string)` | `null` | no |
| <a name="input_principal"></a> [principal](#input\_principal) | The principal to associate with the resource share. | `string` | `null` | no |
| <a name="input_resource_arn"></a> [resource\_arn](#input\_resource\_arn) | The ARN of the resource to associate with the resource share. | `string` | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource share. | `map(string)` | <pre>{<br/> "created_by": "terraform",<br/> "environment": "prod",<br/> "terraform": "true"<br/>}</pre> | no |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_arn"></a> [arn](#output\_arn) | The ARN of the resource share. |
| <a name="output_id"></a> [id](#output\_id) | The ID of the resource share. |
<!-- END_TF_DOCS -->

<!-- LICENSE -->

## License

Distributed under the MIT License. See `LICENSE.txt` for more information.

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!-- CONTACT -->

## Contact

Zachary Hill - [![LinkedIn][linkedin-shield]][linkedin-url] - zhill@zacharyhill.co

Project Link: [https://github.com/zachreborn/terraform-modules](https://github.com/zachreborn/terraform-modules)

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!-- ACKNOWLEDGMENTS -->

## Acknowledgments

- [Zachary Hill](https://zacharyhill.co)
- [Jake Jones](https://github.com/jakeasarus)

<p align="right">(<a href="#readme-top">back to top</a>)</p>

<!-- MARKDOWN LINKS & IMAGES -->
<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links -->

[contributors-shield]: https://img.shields.io/github/contributors/zachreborn/terraform-modules.svg?style=for-the-badge
[contributors-url]: https://github.com/zachreborn/terraform-modules/graphs/contributors
[forks-shield]: https://img.shields.io/github/forks/zachreborn/terraform-modules.svg?style=for-the-badge
[forks-url]: https://github.com/zachreborn/terraform-modules/network/members
[stars-shield]: https://img.shields.io/github/stars/zachreborn/terraform-modules.svg?style=for-the-badge
[stars-url]: https://github.com/zachreborn/terraform-modules/stargazers
[issues-shield]: https://img.shields.io/github/issues/zachreborn/terraform-modules.svg?style=for-the-badge
[issues-url]: https://github.com/zachreborn/terraform-modules/issues
[license-shield]: https://img.shields.io/github/license/zachreborn/terraform-modules.svg?style=for-the-badge
[license-url]: https://github.com/zachreborn/terraform-modules/blob/master/LICENSE.txt
[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=555
[linkedin-url]: https://www.linkedin.com/in/zachary-hill-5524257a/
[product-screenshot]: /images/screenshot.webp
[Terraform.io]: https://img.shields.io/badge/Terraform-7B42BC?style=for-the-badge&logo=terraform
[Terraform-url]: https://terraform.io
44 changes: 44 additions & 0 deletions modules/aws/ram/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
###########################
# Provider Configuration
###########################
terraform {
required_version = ">= 1.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.0.0"
}
}
}

###########################
# Data Sources
###########################

data "aws_organizations_organization" "current_org" {}

###########################
# Locals
###########################


###########################
# Module Configuration
###########################

resource "aws_ram_resource_share" "this" {
allow_external_principals = var.allow_external_principals
name = var.name
permission_arns = var.permission_arns
tags = var.tags
}

resource "aws_ram_resource_association" "this" {
resource_arn = var.resource_arn
resource_share_arn = aws_ram_resource_share.this.arn
}

resource "aws_ram_principal_association" "this" {
principal = var.principal != null ? var.principal : data.aws_organizations_organization.current_org.arn
resource_share_arn = aws_ram_resource_share.this.arn
}
13 changes: 13 additions & 0 deletions modules/aws/ram/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
###########################
# Resource Outputs
###########################

output "arn" {
description = "The ARN of the resource share."
value = aws_ram_resource_share.this.arn
}

output "id" {
description = "The ID of the resource share."
value = aws_ram_resource_share.this.id
}
45 changes: 45 additions & 0 deletions modules/aws/ram/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
###########################
# Resource Variables
###########################

variable "allow_external_principals" {
description = "Indicates whether principals outside your AWS organization can be associated with a resource share."
type = bool
default = false
}

variable "name" {
description = "The name of the resource share."
type = string
}

variable "permission_arns" {
description = "The ARNs of the permissions to associate with the resource share."
type = list(string)
default = null
}

variable "principal" {
description = "The principal to associate with the resource share."
type = string
default = null
}

variable "resource_arn" {
description = "The ARN of the resource to associate with the resource share."
type = string
}

###########################
# General Variables
###########################

variable "tags" {
description = "A mapping of tags to assign to the resource share."
type = map(string)
default = {
created_by = "terraform" # Your name goes here
terraform = "true"
environment = "prod"
}
}

0 comments on commit 3cacbb6

Please sign in to comment.