automated terminal push
This commit is contained in:
lenape
@@ -68,7 +68,7 @@ resource "aws_subnet" "private" {
|
|||||||
resource "aws_eip" "nat" {
|
resource "aws_eip" "nat" {
|
||||||
count = var.enable_private_subnets && var.enable_nat_gateway ? (var.single_nat_gateway ? 1 : 2) : 0
|
count = var.enable_private_subnets && var.enable_nat_gateway ? (var.single_nat_gateway ? 1 : 2) : 0
|
||||||
|
|
||||||
domain = "vpc"
|
domain = "vpc"
|
||||||
depends_on = [aws_internet_gateway.main]
|
depends_on = [aws_internet_gateway.main]
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
@@ -118,7 +118,7 @@ resource "aws_route_table" "private" {
|
|||||||
dynamic "route" {
|
dynamic "route" {
|
||||||
for_each = var.enable_nat_gateway ? [1] : []
|
for_each = var.enable_nat_gateway ? [1] : []
|
||||||
content {
|
content {
|
||||||
cidr_block = "0.0.0.0/0"
|
cidr_block = "0.0.0.0/0"
|
||||||
# If single NAT gateway, all route tables use index 0, otherwise use the route table's index
|
# If single NAT gateway, all route tables use index 0, otherwise use the route table's index
|
||||||
nat_gateway_id = aws_nat_gateway.main[var.single_nat_gateway ? 0 : count.index].id
|
nat_gateway_id = aws_nat_gateway.main[var.single_nat_gateway ? 0 : count.index].id
|
||||||
}
|
}
|
||||||
@@ -264,68 +264,3 @@ resource "aws_vpc_endpoint" "s3" {
|
|||||||
Project = var.project_name
|
Project = var.project_name
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# S3 Bucket for Terraform State
|
|
||||||
resource "aws_s3_bucket" "terraform_state" {
|
|
||||||
bucket = "${var.project_name}-terraform-state-${random_string.bucket_suffix.result}"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
Name = "${var.project_name}-terraform-state"
|
|
||||||
Environment = var.environment
|
|
||||||
Project = var.project_name
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Random string for bucket uniqueness
|
|
||||||
resource "random_string" "bucket_suffix" {
|
|
||||||
length = 8
|
|
||||||
special = false
|
|
||||||
upper = false
|
|
||||||
}
|
|
||||||
|
|
||||||
# S3 Bucket Versioning
|
|
||||||
resource "aws_s3_bucket_versioning" "terraform_state" {
|
|
||||||
bucket = aws_s3_bucket.terraform_state.id
|
|
||||||
versioning_configuration {
|
|
||||||
status = "Enabled"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# S3 Bucket Server Side Encryption
|
|
||||||
resource "aws_s3_bucket_server_side_encryption_configuration" "terraform_state" {
|
|
||||||
bucket = aws_s3_bucket.terraform_state.id
|
|
||||||
|
|
||||||
rule {
|
|
||||||
apply_server_side_encryption_by_default {
|
|
||||||
sse_algorithm = "AES256"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# S3 Bucket Public Access Block
|
|
||||||
resource "aws_s3_bucket_public_access_block" "terraform_state" {
|
|
||||||
bucket = aws_s3_bucket.terraform_state.id
|
|
||||||
|
|
||||||
block_public_acls = true
|
|
||||||
block_public_policy = true
|
|
||||||
ignore_public_acls = true
|
|
||||||
restrict_public_buckets = true
|
|
||||||
}
|
|
||||||
|
|
||||||
# DynamoDB Table for Terraform State Locking
|
|
||||||
resource "aws_dynamodb_table" "terraform_locks" {
|
|
||||||
name = "${var.project_name}-terraform-locks"
|
|
||||||
billing_mode = "PAY_PER_REQUEST"
|
|
||||||
hash_key = "LockID"
|
|
||||||
|
|
||||||
attribute {
|
|
||||||
name = "LockID"
|
|
||||||
type = "S"
|
|
||||||
}
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
Name = "${var.project_name}-terraform-locks"
|
|
||||||
Environment = var.environment
|
|
||||||
Project = var.project_name
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Reference in New Issue
Block a user