Skip to content

Commit

Permalink
Run linter and fix deprecation messages
Browse files Browse the repository at this point in the history
  • Loading branch information
Gabriel Martinez committed Nov 2, 2022
1 parent d2d8b27 commit a9a7ac7
Show file tree
Hide file tree
Showing 9 changed files with 85 additions and 73 deletions.
5 changes: 1 addition & 4 deletions modules/aws-asg/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,13 @@
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.50 |
| <a name="requirement_null"></a> [null](#requirement\_null) | ~> 3 |
| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.24.0 |
| <a name="provider_null"></a> [null](#provider\_null) | 3.1.1 |
| <a name="provider_random"></a> [random](#provider\_random) | 3.3.2 |

## Modules
Expand Down Expand Up @@ -43,7 +41,6 @@ No modules.
| [aws_security_group.inbound](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group.redis](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group.resources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [null_resource.tags_as_list_of_maps](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [random_string.prefix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
| [aws_ami.ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
Expand All @@ -68,7 +65,7 @@ No modules.
| <a name="input_cloudwatch_logs_enabled"></a> [cloudwatch\_logs\_enabled](#input\_cloudwatch\_logs\_enabled) | Set to true to send '/var/log/message' logs to CloudWatch | `bool` | `true` | no |
| <a name="input_launch_tmpl_associate_public_ip_address"></a> [launch\_tmpl\_associate\_public\_ip\_address](#input\_launch\_tmpl\_associate\_public\_ip\_address) | Associate a public ip address with an instance in a VPC | `bool` | `false` | no |
| <a name="input_launch_tmpl_instance_type"></a> [launch\_tmpl\_instance\_type](#input\_launch\_tmpl\_instance\_type) | The type of instance to use (e.g. t3.micro, t3.small, t3.medium, etc) | `string` | `"t3.small"` | no |
| <a name="input_module_version"></a> [module\_version](#input\_module\_version) | Terraform module version | `string` | `"v2.0.1"` | no |
| <a name="input_module_version"></a> [module\_version](#input\_module\_version) | Terraform module version | `string` | `"v2.0.2"` | no |
| <a name="input_nlb_enable_cross_zone_load_balancing"></a> [nlb\_enable\_cross\_zone\_load\_balancing](#input\_nlb\_enable\_cross\_zone\_load\_balancing) | Configure cross zone load balancing for the NLB | `bool` | `false` | no |
| <a name="input_nlb_subnets"></a> [nlb\_subnets](#input\_nlb\_subnets) | A list of public subnet IDs to attach to the LB. Use Public Subnets only | `list(string)` | n/a | yes |
| <a name="input_redis_subnets"></a> [redis\_subnets](#input\_redis\_subnets) | A list of subnet IDs to to use for the redis instances.<br> At least two subnets on different Availability Zones must be provided | `list(any)` | `[]` | no |
Expand Down
9 changes: 6 additions & 3 deletions modules/aws-asg/examples/cga-with-vpc/README.md
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Requirements

No requirements.
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.50 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.24.0 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.37.0 |

## Modules

| Name | Source | Version |
|------|--------|---------|
| <a name="module_cloudgen-access-proxy"></a> [cloudgen-access-proxy](#module\_cloudgen-access-proxy) | ../../ | n/a |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 3.0.0 |
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 3.18.1 |

## Resources

Expand Down
2 changes: 1 addition & 1 deletion modules/aws-asg/examples/cga-with-vpc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ output "Security_Group_for_Resources" {

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "3.0.0"
version = "3.18.1"

name = local.application

Expand Down
9 changes: 9 additions & 0 deletions modules/aws-asg/examples/cga-with-vpc/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.50"
}
}
required_version = ">= 0.14"
}
12 changes: 0 additions & 12 deletions modules/aws-asg/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,16 +14,4 @@ locals {
},
var.tags
)

common_tags_asg = null_resource.tags_as_list_of_maps.*.triggers
}

resource "null_resource" "tags_as_list_of_maps" {
count = length(keys(local.common_tags_map))

triggers = {
"key" = keys(local.common_tags_map)[count.index]
"value" = values(local.common_tags_map)[count.index]
"propagate_at_launch" = true
}
}
89 changes: 41 additions & 48 deletions modules/aws-asg/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ resource "random_string" "prefix" {
length = 6
lower = true
upper = true
number = true
numeric = true
special = false
}

Expand Down Expand Up @@ -187,16 +187,19 @@ resource "aws_autoscaling_group" "asg" {
create_before_destroy = true
}

tags = concat(
[
dynamic "tag" {
for_each = merge(
local.common_tags_map,
{
"key" = "Name"
"value" = aws_launch_template.launch_template.name
"propagate_at_launch" = true
},
],
local.common_tags_asg
)
Name = aws_launch_template.launch_template.name
}
)
content {
key = tag.key
value = tag.value
propagate_at_launch = true
}
}
}

#
Expand Down Expand Up @@ -283,32 +286,22 @@ resource "aws_launch_template" "launch_template" {
}
}

user_data = base64encode(<<-EOT
#!/bin/bash
%{~if var.cloudwatch_logs_enabled~}
# Install CloudWatch Agent
curl -sL "https://url.access.barracuda.com/config-ec2-cloudwatch-logs" | bash -s -- \
-l "${aws_cloudwatch_log_group.cloudgen_access_proxy[0].name}" \
-r "${var.aws_region}"
%{~endif~}
# Install CloudGen Access Proxy
curl -sL "https://url.access.barracuda.com/proxy-linux" | bash -s -- \
-u \
%{~if !var.ssm_parameter_store~}
-e "DISABLE_AWS_SSM=1" \
%{~endif~}
%{~if local.redis_enabled~}
-r "${aws_elasticache_replication_group.redis[0].primary_endpoint_address}" \
-s "${aws_elasticache_replication_group.redis[0].port}" \
%{~endif~}
-p "${var.cloudgen_access_proxy_public_port}" \
-l "${var.cloudgen_access_proxy_level}" \
-e "FYDE_PREFIX=cga_proxy_${random_string.prefix.result}_"
# Harden instance and reboot
curl -sL "https://url.access.barracuda.com/harden-linux" | bash -s --
shutdown -r now
EOT
)
# tflint-ignore: terraform_deprecated_index
user_data = base64encode(templatefile(
"${path.module}/templates/userdata.sh.tpl",
{
cloudwatch_logs_enabled = var.cloudwatch_logs_enabled,
aws_cloudwatch_log_group = aws_cloudwatch_log_group.cloudgen_access_proxy[0].name,
aws_region = var.aws_region,
ssm_parameter_store = var.ssm_parameter_store,
redis_enabled = local.redis_enabled,
redis_primary_endpoint_address = aws_elasticache_replication_group.redis[0].primary_endpoint_address,
redis_port = aws_elasticache_replication_group.redis[0].port,
cloudgen_access_proxy_public_port = var.cloudgen_access_proxy_public_port,
cloudgen_access_proxy_level = var.cloudgen_access_proxy_level,
random_string_prefix_result = random_string.prefix.result,
}
))

lifecycle {
create_before_destroy = true
Expand Down Expand Up @@ -465,18 +458,18 @@ resource "aws_cloudwatch_log_group" "cloudgen_access_proxy" { #tfsec:ignore:AWS0
resource "aws_elasticache_replication_group" "redis" {
count = local.redis_enabled ? 1 : 0

automatic_failover_enabled = true
engine = "redis"
replication_group_id = "cga-proxy-${random_string.prefix.result}"
replication_group_description = "Redis for CloudGen Access Proxy"
node_type = "cache.t2.micro"
number_cache_clusters = 2
subnet_group_name = aws_elasticache_subnet_group.redis[0].name
security_group_ids = [aws_security_group.redis[0].id]
port = 6379
at_rest_encryption_enabled = false #tfsec:ignore:AWS035
transit_encryption_enabled = false #tfsec:ignore:AWS036
multi_az_enabled = true
automatic_failover_enabled = true
engine = "redis"
replication_group_id = "cga-proxy-${random_string.prefix.result}"
description = "Redis for CloudGen Access Proxy"
node_type = "cache.t2.micro"
num_cache_clusters = 2
subnet_group_name = aws_elasticache_subnet_group.redis[0].name
security_group_ids = [aws_security_group.redis[0].id]
port = 6379
at_rest_encryption_enabled = false #tfsec:ignore:AWS035
transit_encryption_enabled = false #tfsec:ignore:AWS036
multi_az_enabled = true

tags = {
Name = "cga-proxy-${random_string.prefix.result}"
Expand Down
26 changes: 26 additions & 0 deletions modules/aws-asg/templates/userdata.sh.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
#!/bin/bash
%{if cloudwatch_logs_enabled~}

# Install CloudWatch Agent
curl -sL "https://url.access.barracuda.com/config-ec2-cloudwatch-logs" | bash -s -- \
-l "${aws_cloudwatch_log_group}" \
-r "${aws_region}"
%{endif~}

# Install CloudGen Access Proxy
curl -sL "https://url.access.barracuda.com/proxy-linux" | bash -s -- \
-u \
%{if !ssm_parameter_store~}
-e "DISABLE_AWS_SSM=1" \
%{endif~}
%{if redis_enabled~}
-r "${redis_primary_endpoint_address}" \
-s "${redis_port}" \
%{endif~}
-p "${cloudgen_access_proxy_public_port}" \
-l "${cloudgen_access_proxy_level}" \
-e "FYDE_PREFIX=cga_proxy_${random_string_prefix_result}_"

# Harden instance and reboot
curl -sL "https://url.access.barracuda.com/harden-linux" | bash -s --
shutdown -r now
2 changes: 1 addition & 1 deletion modules/aws-asg/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ variable "cloudgen_access_proxy_level" {
variable "module_version" {
description = "Terraform module version"
type = string
default = "v2.0.1"
default = "v2.0.2"
}

#
Expand Down
4 changes: 0 additions & 4 deletions modules/aws-asg/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,6 @@ terraform {
source = "hashicorp/aws"
version = ">= 3.50"
}
null = {
source = "hashicorp/null"
version = "~> 3"
}
random = {
source = "hashicorp/random"
version = "~> 3"
Expand Down

0 comments on commit a9a7ac7

Please sign in to comment.