Skip to content

Commit

Permalink
Add providers and schedules to nonprod, prod, and org examples
Browse files Browse the repository at this point in the history
Added HashiCorp providers (aws, archive, null, random) configurations to nonprod, prod, and organizations terraform files. Updated module configurations for domain_protect with scan and update schedules. Set IAM role for domain_protect in organizations example and changed default value of takeover variable to false.
  • Loading branch information
adampie committed Aug 20, 2024
1 parent 5ef6f38 commit 042862e
Show file tree
Hide file tree
Showing 6 changed files with 155 additions and 1 deletion.
38 changes: 38 additions & 0 deletions examples/nonprod/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.12.0"
}

archive = {
source = "hashicorp/archive"
version = "~> 2.2.0"
}

null = {
source = "hashicorp/null"
version = "~> 3.1.0"
}

random = {
source = "hashicorp/random"
version = "~> 3.1.0"
}
}
}

provider "aws" {
default_tags {
tags = {
"service" = "domain-protect"
"owner" = "security"
"environment" = "nonprod"
"managed_by" = "terraform"
}
}
}

provider "archive" {}
provider "null" {}
provider "random" {}
12 changes: 12 additions & 0 deletions examples/organizations/main.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,15 @@
module "domain_protect" {
source = "../../"

scan_schedule = "60 minutes"
update_schedule = "3 hours"
ip_scan_schedule = "24 hours"

takeover = true
}

resource "aws_iam_role" "domain_protect_org_role" {
provider = aws.org

assume_role_policy = "UPDATE FROM DOCS"
}
60 changes: 60 additions & 0 deletions examples/organizations/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.12.0"
}

archive = {
source = "hashicorp/archive"
version = "~> 2.2.0"
}

null = {
source = "hashicorp/null"
version = "~> 3.1.0"
}

random = {
source = "hashicorp/random"
version = "~> 3.1.0"
}
}
}

provider "aws" {

assume_role {
role_arn = "arn:aws:iam::1234567890:role/OrgRole"
}

default_tags {
tags = {
"service" = "domain-protect"
"owner" = "security"
"environment" = "nonprod"
"managed_by" = "terraform"
}
}
}

provider "aws" {
alias = "org"

assume_role {
role_arn = "arn:aws:iam::1234567890:role/OrgRole"
}

default_tags {
tags = {
"service" = "domain-protect"
"owner" = "security"
"environment" = "prod"
"managed_by" = "terraform"
}
}
}

provider "archive" {}
provider "null" {}
provider "random" {}
6 changes: 6 additions & 0 deletions examples/prod/main.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
module "domain_protect" {
source = "../../"

scan_schedule = "60 minutes"
update_schedule = "3 hours"
ip_scan_schedule = "24 hours"

takeover = true
}
38 changes: 38 additions & 0 deletions examples/prod/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.12.0"
}

archive = {
source = "hashicorp/archive"
version = "~> 2.2.0"
}

null = {
source = "hashicorp/null"
version = "~> 3.1.0"
}

random = {
source = "hashicorp/random"
version = "~> 3.1.0"
}
}
}

provider "aws" {
default_tags {
tags = {
"service" = "domain-protect"
"owner" = "security"
"environment" = "prod"
"managed_by" = "terraform"
}
}
}

provider "archive" {}
provider "null" {}
provider "random" {}
2 changes: 1 addition & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ variable "lambdas" {

variable "takeover" {
description = "Create supported resource types to prevent malicious subdomain takeover"
default = true
default = false
}

variable "update_lambdas" {
Expand Down

0 comments on commit 042862e

Please sign in to comment.