feat: add tag variables to modules

LukaK · Oct 24, 2024 · b8d4d5e · b8d4d5e
1 parent 510279d
commit b8d4d5e
Show file tree

Hide file tree

Showing 14 changed files with 43 additions and 0 deletions.
diff --git a/infrastructure/modules/addons/1-variables.tf b/infrastructure/modules/addons/1-variables.tf
@@ -56,3 +56,8 @@ variable "argocd_chart_version" {
   description = "Helm chart version for argocd"
   default     = "7.6.12"
 }
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}
diff --git a/infrastructure/modules/addons/4-pod-identity.tf b/infrastructure/modules/addons/4-pod-identity.tf
@@ -2,4 +2,6 @@ resource "aws_eks_addon" "pod_identity" {
   cluster_name  = var.cluster_name
   addon_name    = "eks-pod-identity-agent"
   addon_version = var.pod_identity_version
+
+  tags = var.tags
 }
diff --git a/infrastructure/modules/addons/5-cluster-autoscaller.tf b/infrastructure/modules/addons/5-cluster-autoscaller.tf
@@ -16,6 +16,8 @@ resource "aws_iam_role" "cluster_autoscaler" {
       },
     ]
   })
+
+  tags = var.tags
 }
 
 resource "aws_iam_policy" "cluster_autoscaler" {
@@ -50,6 +52,8 @@ resource "aws_iam_policy" "cluster_autoscaler" {
       },
     ]
   })
+
+  tags = var.tags
 }
 
 resource "aws_iam_role_policy_attachment" "cluster_autoscaler" {

diff --git a/infrastructure/modules/addons/6-ebs-csi-driver.tf b/infrastructure/modules/addons/6-ebs-csi-driver.tf
@@ -17,6 +17,8 @@ resource "aws_iam_role" "ebs_csi_driver" {
     ]
   })
 
+  tags = var.tags
+
 }
 
 resource "aws_iam_role_policy_attachment" "ebs_csi_driver" {
@@ -41,6 +43,8 @@ resource "aws_iam_policy" "ebs_csi_driver_encryption" {
       },
     ]
   })
+
+  tags = var.tags
 }
 
 resource "aws_iam_role_policy_attachment" "ebs_csi_driver_encryption" {
@@ -60,4 +64,6 @@ resource "aws_eks_addon" "ebs_csi_driver" {
   addon_name               = "aws-ebs-csi-driver"
   addon_version            = var.ebs_csi_driver_version
   service_account_role_arn = aws_iam_role.ebs_csi_driver.arn
+
+  tags = var.tags
 }
diff --git a/infrastructure/modules/addons/7-efs-csi.tf b/infrastructure/modules/addons/7-efs-csi.tf
@@ -17,6 +17,7 @@ resource "aws_iam_role" "efs_csi_driver" {
     ]
   })
 
+  tags = var.tags
 }
 
 resource "aws_iam_role_policy_attachment" "efs_csi_driver" {

diff --git a/infrastructure/modules/addons/8-lbc.tf b/infrastructure/modules/addons/8-lbc.tf
@@ -16,11 +16,15 @@ resource "aws_iam_role" "aws_lbc" {
       },
     ]
   })
+
+  tags = var.tags
 }
 
 resource "aws_iam_policy" "aws_lbc" {
   policy = file("./iam/lbc-policy.json")
   name   = "AWSLoadBalancerController"
+
+  tags = var.tags
 }
 
 resource "aws_iam_role_policy_attachment" "aws_lbc" {

diff --git a/infrastructure/modules/addons/README.md b/infrastructure/modules/addons/README.md
@@ -52,6 +52,7 @@ No modules.
 | <a name="input_metric_server_chart_version"></a> [metric\_server\_chart\_version](#input\_metric\_server\_chart\_version) | Helm chart version for metric server | `string` | `"3.12.1"` | no |
 | <a name="input_pod_identity_version"></a> [pod\_identity\_version](#input\_pod\_identity\_version) | Version of the pod identity agent | `string` | `"v1.3.2-eksbuild.2"` | no |
 | <a name="input_region"></a> [region](#input\_region) | Aws region | `string` | `"eu-west-1"` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(string)` | `{}` | no |
 
 ## Outputs
 

diff --git a/infrastructure/modules/storage/1-variables.tf b/infrastructure/modules/storage/1-variables.tf
@@ -2,6 +2,7 @@ variable "cluster_name" {
   type        = string
   description = "Eks cluster name"
 }
+
 variable "efs_storage_configuration" {
   description = "Efs storage configuration"
   type = object({

diff --git a/infrastructure/modules/storage/3-eft.tf b/infrastructure/modules/storage/3-eft.tf
@@ -5,6 +5,8 @@ resource "aws_efs_file_system" "this" {
   performance_mode = "generalPurpose"
   throughput_mode  = "bursting"
   encrypted        = true
+
+  tags = var.tags
 }
 
 resource "aws_efs_mount_target" "zone" {

diff --git a/infrastructure/modules/users-iam/1-variables.tf b/infrastructure/modules/users-iam/1-variables.tf
@@ -16,3 +16,8 @@ variable "viewer_rbac_group_name" {
   description = "Kubernetes RBAC viewer group"
   default     = "viewer"
 }
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}
diff --git a/infrastructure/modules/users-iam/4-admin-iam.tf b/infrastructure/modules/users-iam/4-admin-iam.tf
@@ -14,6 +14,9 @@ resource "aws_iam_role" "eks_admin" {
       },
     ]
   })
+
+  tags = var.tags
+
 }
 
 resource "aws_iam_policy" "eks_admin" {
@@ -43,6 +46,9 @@ resource "aws_iam_policy" "eks_admin" {
       },
     ]
   })
+
+  tags = var.tags
+
 }
 
 # attach admin policy to the admin role

diff --git a/infrastructure/modules/users-iam/5-viewer-iam.tf b/infrastructure/modules/users-iam/5-viewer-iam.tf
@@ -14,6 +14,8 @@ resource "aws_iam_role" "eks_viewer" {
       },
     ]
   })
+
+  tags = var.tags
 }
 
 resource "aws_iam_policy" "eks_viewer" {
@@ -44,6 +46,7 @@ resource "aws_iam_policy" "eks_viewer" {
       },
     ]
   })
+  tags = var.tags
 }
 
 # attach viewer policy to the viewer role

diff --git a/infrastructure/modules/users-iam/6-iam-groups.tf b/infrastructure/modules/users-iam/6-iam-groups.tf
@@ -19,6 +19,7 @@ resource "aws_iam_policy" "eks_admin_group" {
       },
     ]
   })
+  tags = var.tags
 }
 
 # attach the policy to the eks admins group
@@ -49,6 +50,7 @@ resource "aws_iam_policy" "eks_viewer_group" {
       },
     ]
   })
+  tags = var.tags
 }
 
 # attach the policy to the eks viewers group

diff --git a/infrastructure/modules/users-iam/README.md b/infrastructure/modules/users-iam/README.md
@@ -36,6 +36,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_admin_rbac_group_name"></a> [admin\_rbac\_group\_name](#input\_admin\_rbac\_group\_name) | Kubernetes RBAC admin group | `string` | `"admin"` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Eks cluster name | `string` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(string)` | `{}` | no |
 | <a name="input_viewer_rbac_group_name"></a> [viewer\_rbac\_group\_name](#input\_viewer\_rbac\_group\_name) | Kubernetes RBAC viewer group | `string` | `"viewer"` | no |
 
 ## Outputs
-Original file line number
+Diff line change
@@ Expand Up / @@ -16,6 +16,8 @@ resource "aws_iam_role" "cluster_autoscaler" { @@
           },
         ]
       })
+      tags = var.tags
     }
     resource "aws_iam_policy" "cluster_autoscaler" {
@@ Expand Down Expand Up / @@ -50,6 +52,8 @@ resource "aws_iam_policy" "cluster_autoscaler" { @@
           },
         ]
       })
+      tags = var.tags
     }
     resource "aws_iam_role_policy_attachment" "cluster_autoscaler" {
@@ Expand Down @@