From 6e2cb56466671a0c70a9f51101a3bd7fea2467eb Mon Sep 17 00:00:00 2001 From: Chad Beaulac Date: Wed, 6 Mar 2024 17:00:02 -0800 Subject: [PATCH 1/2] Creating base VPC. Added stub for base Service and imported remote VPC state --- devops-tooling/envs.makefile | 1 + devops-tooling/tf-basesvc.makefile | 20 +++++++++ devops-tooling/tf-basevpc.makefile | 23 ++++++++++ devops-tooling/tf.makefile | 2 + iac/terraform/hcl/basesvc/backends.tf | 16 +++++++ iac/terraform/hcl/basesvc/main.tf | 35 +++++++++++++++ iac/terraform/hcl/basesvc/variables.tf | 56 +++++++++++++++++++++++ iac/terraform/hcl/basevpc/backends.tf | 16 +++++++ iac/terraform/hcl/basevpc/main.tf | 32 +++++++++++++ iac/terraform/hcl/basevpc/variables.tf | 62 ++++++++++++++++++++++++++ makefile | 2 + 11 files changed, 265 insertions(+) create mode 100644 devops-tooling/tf-basesvc.makefile create mode 100644 devops-tooling/tf-basevpc.makefile create mode 100644 iac/terraform/hcl/basesvc/backends.tf create mode 100644 iac/terraform/hcl/basesvc/main.tf create mode 100644 iac/terraform/hcl/basesvc/variables.tf create mode 100644 iac/terraform/hcl/basevpc/backends.tf create mode 100644 iac/terraform/hcl/basevpc/main.tf create mode 100644 iac/terraform/hcl/basevpc/variables.tf diff --git a/devops-tooling/envs.makefile b/devops-tooling/envs.makefile index 8147485..77ef94b 100644 --- a/devops-tooling/envs.makefile +++ b/devops-tooling/envs.makefile @@ -43,6 +43,7 @@ export STACK_ENV=local export CDK_CMD=cdklocal export TFORM_CMD=tflocal export DOCKER_DEFAULT_PLATFORM=linux/arm64 +export IAC_DDB_TABLE=terraform_locks # Pattern specific variables for each pipeline # Global local pipeline vars diff --git a/devops-tooling/tf-basesvc.makefile b/devops-tooling/tf-basesvc.makefile new file mode 100644 index 0000000..21bb9b8 --- /dev/null +++ b/devops-tooling/tf-basesvc.makefile @@ -0,0 +1,20 @@ +# Define the target specific environment variables needed +# for the local-tf-vpcbase targets. +# +local-tf-basesvc%: export IAC_DIR=iac/terraform/hcl/basesvc +local-tf-basesvc%: export APP_NAME=basesvc +local-tf-basesvc%: export CF_BUCKET_NAME=cfbucket + + +# Initialize the terraform stack +local-tf-basesvc-init: tf-stack-init + echo 'bucket_name="$(CF_BUCKET_NAME)"' >> $(IAC_DIR)/$(STACK_SUFFIX).auto.tfvars + +# Plan the terraform stack +local-tf-basesvc-plan: tf-stack-plan + +# Apply the terraform stack +local-tf-basesvc-apply: tf-stack-apply + +local-tf-basesvc-output: + @$(MAKE) --silent tf-stack-output > $(IAC_DIR)/terraform_output.json diff --git a/devops-tooling/tf-basevpc.makefile b/devops-tooling/tf-basevpc.makefile new file mode 100644 index 0000000..e4ff9dc --- /dev/null +++ b/devops-tooling/tf-basevpc.makefile @@ -0,0 +1,23 @@ +# Define the target specific environment variables needed +# for the local-tf-vpcbase targets. +# +local-tf-basevpc%: export IAC_DIR=iac/terraform/hcl/basevpc +local-tf-basevpc%: export APP_NAME=basevpc +local-tf-basevpc%: export CF_BUCKET_NAME=cfbucket + + +# Initialize the terraform stack +local-tf-basevpc-init: tf-stack-init + echo 'bucket_name="$(CF_BUCKET_NAME)"' >> $(IAC_DIR)/$(STACK_SUFFIX).auto.tfvars + +# Plan the terraform stack +local-tf-basevpc-plan: tf-stack-plan + +# Apply the terraform stack +local-tf-basevpc-apply: tf-stack-apply + +local-tf-basevpc-output: + @$(MAKE) --silent tf-stack-output > $(IAC_DIR)/terraform_output.json + +#local-tf-basevpc-test: +# cd auto_tests/jest && npm install && npx jest \ No newline at end of file diff --git a/devops-tooling/tf.makefile b/devops-tooling/tf.makefile index 5ab15b2..0d127e0 100644 --- a/devops-tooling/tf.makefile +++ b/devops-tooling/tf.makefile @@ -1,6 +1,8 @@ local-tf-create-iac-bucket: $(AWS_CMD) s3api create-bucket --region $(AWS_REGION) --bucket $(IAC_BUCKET) $(AWS_CMD) s3api put-bucket-versioning --bucket $(IAC_BUCKET) --versioning-configuration Status=Enabled + $(AWS_CMD) dynamodb create-table --table-name $(IAC_DDB_TABLE) --attribute-definitions AttributeName=LockID,AttributeType=S --key-schema AttributeName=LockID,KeyType=HASH --provisioned-throughput ReadCapacityUnits=10,WriteCapacityUnits=5 + make-tf-vars: @rm -f $(IAC_DIR)/*.auto.tfvars diff --git a/iac/terraform/hcl/basesvc/backends.tf b/iac/terraform/hcl/basesvc/backends.tf new file mode 100644 index 0000000..772c903 --- /dev/null +++ b/iac/terraform/hcl/basesvc/backends.tf @@ -0,0 +1,16 @@ +terraform { + + required_providers { + aws = { + source = "hashicorp/aws" + } + null = { + source = "hashicorp/null" + } + } + + backend "s3" { + encrypt = true + dynamodb_table = "terraform_locks" + } +} diff --git a/iac/terraform/hcl/basesvc/main.tf b/iac/terraform/hcl/basesvc/main.tf new file mode 100644 index 0000000..fa1f62d --- /dev/null +++ b/iac/terraform/hcl/basesvc/main.tf @@ -0,0 +1,35 @@ +provider "aws" { + region = var.aws_region + skip_credentials_validation = var.localstack ? true : false + skip_requesting_account_id = var.localstack ? true : false +} + + +data "terraform_remote_state" "vpc" { + backend = "s3" + + config = { + encrypt = true + bucket = var.tfstate_bucket_name + key = "basevpc/${var.stack_env}/terraform.tfstate" + region = var.aws_region + dynamodb_table = "terraform_locks" + skip_credentials_validation = var.localstack ? true : false + skip_requesting_account_id = var.localstack ? true : false + + access_key = var.localstack ? "test" : null + secret_key = var.localstack ? "test" : null + endpoints = var.localstack ? { + s3 = "http://s3.localhost.localstack.cloud:4566" + dynamo_db = "http://localhost:4566" + iam = "http://localhost:4566" + sts = "http://localhost:4566" + } : null + } +} + +# + +output "vpc_name" { + value = data.terraform_remote_state.vpc.outputs.vpc_name +} \ No newline at end of file diff --git a/iac/terraform/hcl/basesvc/variables.tf b/iac/terraform/hcl/basesvc/variables.tf new file mode 100644 index 0000000..fc41fab --- /dev/null +++ b/iac/terraform/hcl/basesvc/variables.tf @@ -0,0 +1,56 @@ +# Please change the default names as per your requirements. + +variable "aws_profile" { + description = "AWS profile name" + type = string +} + +variable "aws_region" { + description = "AWS region" + type = string +} + +variable "localstack" { + description = "LocalStack deploy" + type = bool +} + +variable "cidr_block" { + default = "10.100.0.0/16" + type = string +} + +variable "app_name" { + default = "myapp" + type = string +} + +variable "stack_env" { + default = "dev" + type = string +} + +variable "logging_level" { + default = "debug" + type = string +} + +variable "bucket_name" { + description = "CloudFront S3 Origin bucket name" + type = string +} + +variable "tfstate_bucket_name" { + default = "terraform-state" + type = string +} + +variable "created_by" { + default = "LocalStack" + type = string +} + +variable "object_ownership" { + default = "BucketOwnerPreferred" + type = string +} \ No newline at end of file diff --git a/iac/terraform/hcl/basevpc/backends.tf b/iac/terraform/hcl/basevpc/backends.tf new file mode 100644 index 0000000..772c903 --- /dev/null +++ b/iac/terraform/hcl/basevpc/backends.tf @@ -0,0 +1,16 @@ +terraform { + + required_providers { + aws = { + source = "hashicorp/aws" + } + null = { + source = "hashicorp/null" + } + } + + backend "s3" { + encrypt = true + dynamodb_table = "terraform_locks" + } +} diff --git a/iac/terraform/hcl/basevpc/main.tf b/iac/terraform/hcl/basevpc/main.tf new file mode 100644 index 0000000..9ee4eb5 --- /dev/null +++ b/iac/terraform/hcl/basevpc/main.tf @@ -0,0 +1,32 @@ +provider "aws" { + region = var.aws_region + skip_credentials_validation = var.localstack ? true : false + skip_requesting_account_id = var.localstack ? true : false +} + + +# Create a VPC in 3 AZs with public and private subnets, 1 NAT Gateway, and 1 Internet Gateway +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + + name = "basevpc" + cidr = "10.100.0.0/16" + + azs = ["us-east-1a", "us-east-1b", "us-east-1c", "us-east-1d"] + private_subnets = ["10.100.1.0/24", "10.100.2.0/24", "10.100.3.0/24", "10.100.4.0/24"] + public_subnets = ["10.100.101.0/24", "10.100.102.0/24", "10.100.103.0/24", "10.100.104.0/24"] + + enable_nat_gateway = true + single_nat_gateway = true + enable_vpn_gateway = false + + tags = { + Terraform = "true" + Environment = "dev" + Name = "basevpc" + } +} +# +output "vpc_name" { + value = module.vpc.name +} \ No newline at end of file diff --git a/iac/terraform/hcl/basevpc/variables.tf b/iac/terraform/hcl/basevpc/variables.tf new file mode 100644 index 0000000..cc2d343 --- /dev/null +++ b/iac/terraform/hcl/basevpc/variables.tf @@ -0,0 +1,62 @@ +# Please change the default names as per your requirements. + +variable "aws_profile" { + description = "AWS profile name" + type = string +} + +variable "aws_account_id" { + description = "AWS Account ID" + default = "000000000000" + type = string +} + +variable "aws_region" { + description = "AWS region" + type = string +} + +variable "localstack" { + description = "LocalStack deploy" + type = bool +} + +variable "cidr_block" { + default = "10.100.0.0/16" + type = string +} + +variable "app_name" { + default = "myapp" + type = string +} + +variable "stack_env" { + default = "dev" + type = string +} + +variable "logging_level" { + default = "debug" + type = string +} + +variable "bucket_name" { + description = "CloudFront S3 Origin bucket name" + type = string +} + +variable "tfstate_bucket_name" { + default = "terraform-state" + type = string +} + +variable "created_by" { + default = "LocalStack" + type = string +} + +variable "object_ownership" { + default = "BucketOwnerPreferred" + type = string +} \ No newline at end of file diff --git a/makefile b/makefile index a1d8160..2456464 100755 --- a/makefile +++ b/makefile @@ -16,6 +16,8 @@ endif -include ./devops-tooling/awscdk.makefile -include ./devops-tooling/tf.makefile -include ./devops-tooling/tf-cloudfront-s3.makefile +-include ./devops-tooling/tf-basevpc.makefile +-include ./devops-tooling/tf-basesvc.makefile # Some defaults export SBX_ACCOUNT_CONFIG?=devops-tooling/accounts/my-sb.json From feddb7c231c67536136e55d56923363b0d46de32 Mon Sep 17 00:00:00 2001 From: Chad Beaulac Date: Wed, 6 Mar 2024 17:16:56 -0800 Subject: [PATCH 2/2] Export entire VPC definition --- iac/terraform/hcl/basesvc/main.tf | 2 +- iac/terraform/hcl/basevpc/main.tf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/iac/terraform/hcl/basesvc/main.tf b/iac/terraform/hcl/basesvc/main.tf index fa1f62d..742ebee 100644 --- a/iac/terraform/hcl/basesvc/main.tf +++ b/iac/terraform/hcl/basesvc/main.tf @@ -31,5 +31,5 @@ data "terraform_remote_state" "vpc" { # output "vpc_name" { - value = data.terraform_remote_state.vpc.outputs.vpc_name + value = data.terraform_remote_state.vpc.outputs.base_vpc.name } \ No newline at end of file diff --git a/iac/terraform/hcl/basevpc/main.tf b/iac/terraform/hcl/basevpc/main.tf index 9ee4eb5..2af8aba 100644 --- a/iac/terraform/hcl/basevpc/main.tf +++ b/iac/terraform/hcl/basevpc/main.tf @@ -27,6 +27,6 @@ module "vpc" { } } # -output "vpc_name" { - value = module.vpc.name +output "base_vpc" { + value = module.vpc } \ No newline at end of file