-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Loading status checks…
AWS RAM Module (#105)
* added ram module and org setting * chore: terraform fmt and terraform-docs --------- Co-authored-by: zachreborn <zachreborn@users.noreply.github.com>
- Loading branch information
1 parent
33f56c0
commit 3cacbb6
Showing
4 changed files
with
276 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,174 @@ | ||
<!-- Blank module readme template: Do a search and replace with your text editor for the following: `module_name`, `module_description` --> | ||
<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 --> | ||
|
||
<a name="readme-top"></a> | ||
|
||
<!-- PROJECT SHIELDS --> | ||
<!-- | ||
*** I'm using markdown "reference style" links for readability. | ||
*** Reference links are enclosed in brackets [ ] instead of parentheses ( ). | ||
*** See the bottom of this document for the declaration of the reference variables | ||
*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use. | ||
*** https://www.markdownguide.org/basic-syntax/#reference-style-links | ||
--> | ||
|
||
[![Contributors][contributors-shield]][contributors-url] | ||
[![Forks][forks-shield]][forks-url] | ||
[![Stargazers][stars-shield]][stars-url] | ||
[![Issues][issues-shield]][issues-url] | ||
[![MIT License][license-shield]][license-url] | ||
[![LinkedIn][linkedin-shield]][linkedin-url] | ||
|
||
<!-- PROJECT LOGO --> | ||
<br /> | ||
<div align="center"> | ||
<a href="https://github.com/zachreborn/terraform-modules"> | ||
<img src="/images/terraform_modules_logo.webp" alt="Logo" width="300" height="300"> | ||
</a> | ||
|
||
<h3 align="center">AWS Resource Access Manager (RAM)</h3> | ||
<p align="center"> | ||
This modules creates and configures RAM resources, allowing for existing resources to be shared with your organization or other AWS accounts. | ||
<br /> | ||
<a href="https://github.com/zachreborn/terraform-modules"><strong>Explore the docs »</strong></a> | ||
<br /> | ||
<br /> | ||
<a href="https://zacharyhill.co">Zachary Hill</a> | ||
· | ||
<a href="https://github.com/zachreborn/terraform-modules/issues">Report Bug</a> | ||
· | ||
<a href="https://github.com/zachreborn/terraform-modules/issues">Request Feature</a> | ||
</p> | ||
</div> | ||
|
||
<!-- TABLE OF CONTENTS --> | ||
<details> | ||
<summary>Table of Contents</summary> | ||
<ol> | ||
<li><a href="#usage">Usage</a></li> | ||
<li><a href="#requirements">Requirements</a></li> | ||
<li><a href="#providers">Providers</a></li> | ||
<li><a href="#modules">Modules</a></li> | ||
<li><a href="#Resources">Resources</a></li> | ||
<li><a href="#inputs">Inputs</a></li> | ||
<li><a href="#outputs">Outputs</a></li> | ||
<li><a href="#license">License</a></li> | ||
<li><a href="#contact">Contact</a></li> | ||
<li><a href="#acknowledgments">Acknowledgments</a></li> | ||
</ol> | ||
</details> | ||
|
||
<!-- USAGE EXAMPLES --> | ||
|
||
## Usage | ||
|
||
### Simple Example | ||
|
||
This example shares a transit gateway with the current AWS organization. This allows all accounts in the organization to use the transit gateway and attach VPCs from other accounts. | ||
|
||
``` | ||
module "tgw_ram_share" { | ||
source = "github.com/zachreborn/terraform-modules//modules/aws/ram" | ||
name = "transit_tgw" | ||
resource_arn = module.transit_gateway.arn | ||
} | ||
``` | ||
|
||
_For more examples, please refer to the [Documentation](https://github.com/zachreborn/terraform-modules)_ | ||
|
||
<p align="right">(<a href="#readme-top">back to top</a>)</p> | ||
|
||
<!-- terraform-docs output will be input automatically below--> | ||
<!-- terraform-docs markdown table --output-file README.md --output-mode inject .--> | ||
<!-- BEGIN_TF_DOCS --> | ||
## Requirements | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 | | ||
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0.0 | | ||
|
||
## Providers | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0.0 | | ||
|
||
## Modules | ||
|
||
No modules. | ||
|
||
## Resources | ||
|
||
| Name | Type | | ||
|------|------| | ||
| [aws_ram_principal_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_principal_association) | resource | | ||
| [aws_ram_resource_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_association) | resource | | ||
| [aws_ram_resource_share.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_share) | resource | | ||
| [aws_organizations_organization.current_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source | | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_allow_external_principals"></a> [allow\_external\_principals](#input\_allow\_external\_principals) | Indicates whether principals outside your AWS organization can be associated with a resource share. | `bool` | `false` | no | | ||
| <a name="input_name"></a> [name](#input\_name) | The name of the resource share. | `string` | n/a | yes | | ||
| <a name="input_permission_arns"></a> [permission\_arns](#input\_permission\_arns) | The ARNs of the permissions to associate with the resource share. | `list(string)` | `null` | no | | ||
| <a name="input_principal"></a> [principal](#input\_principal) | The principal to associate with the resource share. | `string` | `null` | no | | ||
| <a name="input_resource_arn"></a> [resource\_arn](#input\_resource\_arn) | The ARN of the resource to associate with the resource share. | `string` | n/a | yes | | ||
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource share. | `map(string)` | <pre>{<br/> "created_by": "terraform",<br/> "environment": "prod",<br/> "terraform": "true"<br/>}</pre> | no | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
|------|-------------| | ||
| <a name="output_arn"></a> [arn](#output\_arn) | The ARN of the resource share. | | ||
| <a name="output_id"></a> [id](#output\_id) | The ID of the resource share. | | ||
<!-- END_TF_DOCS --> | ||
|
||
<!-- LICENSE --> | ||
|
||
## License | ||
|
||
Distributed under the MIT License. See `LICENSE.txt` for more information. | ||
|
||
<p align="right">(<a href="#readme-top">back to top</a>)</p> | ||
|
||
<!-- CONTACT --> | ||
|
||
## Contact | ||
|
||
Zachary Hill - [![LinkedIn][linkedin-shield]][linkedin-url] - zhill@zacharyhill.co | ||
|
||
Project Link: [https://github.com/zachreborn/terraform-modules](https://github.com/zachreborn/terraform-modules) | ||
|
||
<p align="right">(<a href="#readme-top">back to top</a>)</p> | ||
|
||
<!-- ACKNOWLEDGMENTS --> | ||
|
||
## Acknowledgments | ||
|
||
- [Zachary Hill](https://zacharyhill.co) | ||
- [Jake Jones](https://github.com/jakeasarus) | ||
|
||
<p align="right">(<a href="#readme-top">back to top</a>)</p> | ||
|
||
<!-- MARKDOWN LINKS & IMAGES --> | ||
<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links --> | ||
|
||
[contributors-shield]: https://img.shields.io/github/contributors/zachreborn/terraform-modules.svg?style=for-the-badge | ||
[contributors-url]: https://github.com/zachreborn/terraform-modules/graphs/contributors | ||
[forks-shield]: https://img.shields.io/github/forks/zachreborn/terraform-modules.svg?style=for-the-badge | ||
[forks-url]: https://github.com/zachreborn/terraform-modules/network/members | ||
[stars-shield]: https://img.shields.io/github/stars/zachreborn/terraform-modules.svg?style=for-the-badge | ||
[stars-url]: https://github.com/zachreborn/terraform-modules/stargazers | ||
[issues-shield]: https://img.shields.io/github/issues/zachreborn/terraform-modules.svg?style=for-the-badge | ||
[issues-url]: https://github.com/zachreborn/terraform-modules/issues | ||
[license-shield]: https://img.shields.io/github/license/zachreborn/terraform-modules.svg?style=for-the-badge | ||
[license-url]: https://github.com/zachreborn/terraform-modules/blob/master/LICENSE.txt | ||
[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=555 | ||
[linkedin-url]: https://www.linkedin.com/in/zachary-hill-5524257a/ | ||
[product-screenshot]: /images/screenshot.webp | ||
[Terraform.io]: https://img.shields.io/badge/Terraform-7B42BC?style=for-the-badge&logo=terraform | ||
[Terraform-url]: https://terraform.io |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
########################### | ||
# Provider Configuration | ||
########################### | ||
terraform { | ||
required_version = ">= 1.0.0" | ||
required_providers { | ||
aws = { | ||
source = "hashicorp/aws" | ||
version = ">= 4.0.0" | ||
} | ||
} | ||
} | ||
|
||
########################### | ||
# Data Sources | ||
########################### | ||
|
||
data "aws_organizations_organization" "current_org" {} | ||
|
||
########################### | ||
# Locals | ||
########################### | ||
|
||
|
||
########################### | ||
# Module Configuration | ||
########################### | ||
|
||
resource "aws_ram_resource_share" "this" { | ||
allow_external_principals = var.allow_external_principals | ||
name = var.name | ||
permission_arns = var.permission_arns | ||
tags = var.tags | ||
} | ||
|
||
resource "aws_ram_resource_association" "this" { | ||
resource_arn = var.resource_arn | ||
resource_share_arn = aws_ram_resource_share.this.arn | ||
} | ||
|
||
resource "aws_ram_principal_association" "this" { | ||
principal = var.principal != null ? var.principal : data.aws_organizations_organization.current_org.arn | ||
resource_share_arn = aws_ram_resource_share.this.arn | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
########################### | ||
# Resource Outputs | ||
########################### | ||
|
||
output "arn" { | ||
description = "The ARN of the resource share." | ||
value = aws_ram_resource_share.this.arn | ||
} | ||
|
||
output "id" { | ||
description = "The ID of the resource share." | ||
value = aws_ram_resource_share.this.id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
########################### | ||
# Resource Variables | ||
########################### | ||
|
||
variable "allow_external_principals" { | ||
description = "Indicates whether principals outside your AWS organization can be associated with a resource share." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "name" { | ||
description = "The name of the resource share." | ||
type = string | ||
} | ||
|
||
variable "permission_arns" { | ||
description = "The ARNs of the permissions to associate with the resource share." | ||
type = list(string) | ||
default = null | ||
} | ||
|
||
variable "principal" { | ||
description = "The principal to associate with the resource share." | ||
type = string | ||
default = null | ||
} | ||
|
||
variable "resource_arn" { | ||
description = "The ARN of the resource to associate with the resource share." | ||
type = string | ||
} | ||
|
||
########################### | ||
# General Variables | ||
########################### | ||
|
||
variable "tags" { | ||
description = "A mapping of tags to assign to the resource share." | ||
type = map(string) | ||
default = { | ||
created_by = "terraform" # Your name goes here | ||
terraform = "true" | ||
environment = "prod" | ||
} | ||
} |