forked from apparentlymart/terraform-aws-tf-registry
-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.tf
73 lines (59 loc) · 2.05 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
module "jwt" {
source = "./modules/registry-jwt"
secret_key_name = var.secret_key_name != null ? var.secret_key_name : "${var.name_prefix}-jwt"
kms_key_id = var.kms_key_id
tags = var.tags
}
module "store" {
source = "./modules/registry-store"
name_prefix = var.name_prefix
storage = var.storage
tags = var.tags
public_access = var.s3_public_access
enable_point_in_time_recovery = var.dynamodb_enable_point_in_time_recovery
}
module "authorizer" {
source = "./modules/registry-authorizer"
name_prefix = var.name_prefix
tags = var.tags
secret_key_name = module.jwt.name
secret_key_arn = module.jwt.arn
depends_on = [
module.jwt
]
}
module "download" {
source = "./modules/registry-download"
name_prefix = var.name_prefix
tags = var.tags
store_policy = module.store.store_policy
dynamodb_table_name = module.store.dynamodb_table_name
bucket_name = module.store.bucket_name
}
module "registry" {
source = "./modules/registry-service"
name_prefix = var.name_prefix
friendly_hostname = var.friendly_hostname
api_type = var.api_type
api_access_policy = var.api_access_policy
domain_security_policy = var.domain_security_policy
vpc_endpoint_ids = var.vpc_endpoint_ids
tags = var.tags
lambda_authorizer_name = module.authorizer.function_name
lambda_download_name = module.download.name
store_policy = module.store.store_policy
dynamodb_table_name = module.store.dynamodb_table_name
depends_on = [
module.authorizer
]
}
resource "null_resource" "apigateway_create_deployment" {
depends_on = [
module.registry
]
provisioner "local-exec" {
command = "aws apigateway create-deployment --rest-api-id ${module.registry.rest_api_id} --stage-name ${module.registry.rest_api_stage_name} "
interpreter = ["/bin/bash", "-c"]
on_failure = continue
}
}