Incremental PR to get VPC and remote state import

devops-tooling/envs.makefile

@@ -43,6 +43,7 @@ export STACK_ENV=local
 export CDK_CMD=cdklocal
 export TFORM_CMD=tflocal
 export DOCKER_DEFAULT_PLATFORM=linux/arm64
+export IAC_DDB_TABLE=terraform_locks
 
 # Pattern specific variables for each pipeline
 # Global local pipeline vars

devops-tooling/tf-basesvc.makefile

@@ -0,0 +1,20 @@
+# Define the target specific environment variables needed
+# for the local-tf-vpcbase targets.
+#
+local-tf-basesvc%: export IAC_DIR=iac/terraform/hcl/basesvc
+local-tf-basesvc%: export APP_NAME=basesvc
+local-tf-basesvc%: export CF_BUCKET_NAME=cfbucket
+
+
+# Initialize the terraform stack
+local-tf-basesvc-init: tf-stack-init
+	echo 'bucket_name="$(CF_BUCKET_NAME)"' >> $(IAC_DIR)/$(STACK_SUFFIX).auto.tfvars
+
+# Plan the terraform stack
+local-tf-basesvc-plan: tf-stack-plan
+
+# Apply the terraform stack
+local-tf-basesvc-apply: tf-stack-apply
+
+local-tf-basesvc-output:
+	@$(MAKE) --silent tf-stack-output > $(IAC_DIR)/terraform_output.json

devops-tooling/tf-basevpc.makefile

@@ -0,0 +1,23 @@
+# Define the target specific environment variables needed
+# for the local-tf-vpcbase targets.
+#
+local-tf-basevpc%: export IAC_DIR=iac/terraform/hcl/basevpc
+local-tf-basevpc%: export APP_NAME=basevpc
+local-tf-basevpc%: export CF_BUCKET_NAME=cfbucket
+
+
+# Initialize the terraform stack
+local-tf-basevpc-init: tf-stack-init
+	echo 'bucket_name="$(CF_BUCKET_NAME)"' >> $(IAC_DIR)/$(STACK_SUFFIX).auto.tfvars
+
+# Plan the terraform stack
+local-tf-basevpc-plan: tf-stack-plan
+
+# Apply the terraform stack
+local-tf-basevpc-apply: tf-stack-apply
+
+local-tf-basevpc-output:
+	@$(MAKE) --silent tf-stack-output > $(IAC_DIR)/terraform_output.json
+
+#local-tf-basevpc-test:
+#	cd auto_tests/jest && npm install && npx jest

devops-tooling/tf.makefile

@@ -1,6 +1,8 @@
 local-tf-create-iac-bucket:
 	$(AWS_CMD) s3api create-bucket --region $(AWS_REGION) --bucket $(IAC_BUCKET)
 	$(AWS_CMD) s3api put-bucket-versioning --bucket $(IAC_BUCKET) --versioning-configuration Status=Enabled
+	$(AWS_CMD) dynamodb create-table --table-name $(IAC_DDB_TABLE) --attribute-definitions AttributeName=LockID,AttributeType=S --key-schema AttributeName=LockID,KeyType=HASH --provisioned-throughput ReadCapacityUnits=10,WriteCapacityUnits=5
+
 
 make-tf-vars:
 	@rm -f $(IAC_DIR)/*.auto.tfvars

iac/terraform/hcl/basesvc/backends.tf

@@ -0,0 +1,16 @@
+terraform {
+
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+    }
+    null = {
+      source = "hashicorp/null"
+    }
+  }
+
+  backend "s3" {
+    encrypt        = true
+    dynamodb_table = "terraform_locks"
+  }
+}

iac/terraform/hcl/basesvc/main.tf

@@ -0,0 +1,35 @@
+provider "aws" {
+  region                      = var.aws_region
+  skip_credentials_validation = var.localstack ? true : false
+  skip_requesting_account_id  = var.localstack ? true : false
+}
+
+
+data "terraform_remote_state" "vpc" {
+  backend = "s3"
+
+  config = {
+    encrypt                     = true
+    bucket                      = var.tfstate_bucket_name
+    key                         = "basevpc/${var.stack_env}/terraform.tfstate"
+    region                      = var.aws_region
+    dynamodb_table              = "terraform_locks"
+    skip_credentials_validation = var.localstack ? true : false
+    skip_requesting_account_id  = var.localstack ? true : false
+
+    access_key = var.localstack ? "test" : null
+    secret_key = var.localstack ? "test" : null
+    endpoints  = var.localstack ? {
+      s3        = "http://s3.localhost.localstack.cloud:4566"
+      dynamo_db = "http://localhost:4566"
+      iam       = "http://localhost:4566"
+      sts       = "http://localhost:4566"
+    } : null
+  }
+}
+
+#
+
+output "vpc_name" {
+  value = data.terraform_remote_state.vpc.outputs.base_vpc.name
+}

iac/terraform/hcl/basesvc/variables.tf

@@ -0,0 +1,56 @@
+# Please change the default names as per your requirements.
+
+variable "aws_profile" {
+  description = "AWS profile name"
+  type        = string
+}
+
+variable "aws_region" {
+  description = "AWS region"
+  type        = string
+}
+
+variable "localstack" {
+  description = "LocalStack deploy"
+  type        = bool
+}
+
+variable "cidr_block" {
+  default = "10.100.0.0/16"
+  type    = string
+}
+
+variable "app_name" {
+  default = "myapp"
+  type    = string
+}
+
+variable "stack_env" {
+  default = "dev"
+  type    = string
+}
+
+variable "logging_level" {
+  default = "debug"
+  type    = string
+}
+
+variable "bucket_name" {
+  description = "CloudFront S3 Origin bucket name"
+  type        = string
+}
+
+variable "tfstate_bucket_name" {
+  default = "terraform-state"
+  type    = string
+}
+
+variable "created_by" {
+  default = "LocalStack"
+  type    = string
+}
+
+variable "object_ownership" {
+  default = "BucketOwnerPreferred"
+  type    = string
+}

iac/terraform/hcl/basevpc/backends.tf

@@ -0,0 +1,16 @@
+terraform {
+
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+    }
+    null = {
+      source = "hashicorp/null"
+    }
+  }
+
+  backend "s3" {
+    encrypt        = true
+    dynamodb_table = "terraform_locks"
+  }
+}

iac/terraform/hcl/basevpc/main.tf

@@ -0,0 +1,32 @@
+provider "aws" {
+  region                      = var.aws_region
+  skip_credentials_validation = var.localstack ? true : false
+  skip_requesting_account_id  = var.localstack ? true : false
+}
+
+
+# Create a VPC in 3 AZs with public and private subnets, 1 NAT Gateway, and 1 Internet Gateway
+module "vpc" {
+  source = "terraform-aws-modules/vpc/aws"
+
+  name = "basevpc"
+  cidr = "10.100.0.0/16"
+
+  azs             = ["us-east-1a", "us-east-1b", "us-east-1c", "us-east-1d"]
+  private_subnets = ["10.100.1.0/24", "10.100.2.0/24", "10.100.3.0/24", "10.100.4.0/24"]
+  public_subnets  = ["10.100.101.0/24", "10.100.102.0/24", "10.100.103.0/24", "10.100.104.0/24"]
+
+  enable_nat_gateway = true
+  single_nat_gateway = true
+  enable_vpn_gateway = false
+
+  tags = {
+    Terraform   = "true"
+    Environment = "dev"
+    Name        = "basevpc"
+  }
+}
+#
+output "base_vpc" {
+  value = module.vpc
+}

iac/terraform/hcl/basevpc/variables.tf

@@ -0,0 +1,62 @@
+# Please change the default names as per your requirements.
+
+variable "aws_profile" {
+  description = "AWS profile name"
+  type        = string
+}
+
+variable "aws_account_id" {
+  description = "AWS Account ID"
+  default     = "000000000000"
+  type        = string
+}
+
+variable "aws_region" {
+  description = "AWS region"
+  type        = string
+}
+
+variable "localstack" {
+  description = "LocalStack deploy"
+  type        = bool
+}
+
+variable "cidr_block" {
+  default = "10.100.0.0/16"
+  type    = string
+}
+
+variable "app_name" {
+  default = "myapp"
+  type    = string
+}
+
+variable "stack_env" {
+  default = "dev"
+  type    = string
+}
+
+variable "logging_level" {
+  default = "debug"
+  type    = string
+}
+
+variable "bucket_name" {
+  description = "CloudFront S3 Origin bucket name"
+  type        = string
+}
+
+variable "tfstate_bucket_name" {
+  default = "terraform-state"
+  type    = string
+}
+
+variable "created_by" {
+  default = "LocalStack"
+  type    = string
+}
+
+variable "object_ownership" {
+  default = "BucketOwnerPreferred"
+  type    = string
+}

makefile

@@ -16,6 +16,8 @@ endif
 -include ./devops-tooling/awscdk.makefile
 -include ./devops-tooling/tf.makefile
 -include ./devops-tooling/tf-cloudfront-s3.makefile
+-include ./devops-tooling/tf-basevpc.makefile
+-include ./devops-tooling/tf-basesvc.makefile
 
 # Some defaults
 export SBX_ACCOUNT_CONFIG?=devops-tooling/accounts/my-sb.json