generated from ministryofjustice/template-repository
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.tf
104 lines (88 loc) · 2.85 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
terraform {
backend "s3" {
bucket = "staff-ci-infrastructure-client-monitoring-cluster-tf-state"
dynamodb_table = "staff-ci-infrastructure-client-monitoring-cluster-tf-lock-table"
region = "eu-west-2"
}
}
provider "aws" {
region = var.aws_region
alias = "main"
assume_role {
role_arn = var.assume_role
}
}
provider "aws" {
region = var.aws_region
alias = "development"
assume_role {
role_arn = var.assume_role_development
}
}
provider "aws" {
region = var.aws_region
alias = "pre_production"
assume_role {
role_arn = var.assume_role_pre_production
}
}
data "aws_availability_zones" "available_zones" {
count = local.always_create
state = "available"
}
locals {
## work around to prevent destruction of exisisting resources in production
## avoids risk of importing into state file of live services.
always_create = 1
}
module "label" {
source = "./modules/label"
name = "nvvs-devops-monitor"
application_name = var.application_name
}
module "vpc_label" {
source = "./modules/label"
name = "nvvs-devops-monitor"
application_name = var.application_name
}
module "vpc" {
count = local.always_create
source = "./modules/vpc"
prefix = module.vpc_label.id
cidr = "10.180.100.0/22"
region = var.aws_region
available_zones = data.aws_availability_zones.available_zones[0].zone_ids
enable_transit_gateway = var.enable_transit_gateway
transit_gateway_id = var.transit_gateway_id
transit_gateway_route_table_id = var.transit_gateway_route_table_id
byoip_pool_id = var.byoip_pool_id
corsham_mgmt_range = var.corsham_mgmt_range
farnborough_mgmt_range = var.farnborough_mgmt_range
network_services_cidr_block = var.network_services_cidr_block
tags = module.vpc_label.tags
providers = {
aws = aws.main
}
}
module "eks_label" {
source = "./modules/label"
name = "nvvs-devops-monitor-eks"
application_name = var.application_name
}
module "eks" {
count = local.always_create
source = "./modules/eks"
prefix = module.eks_label.id
vpc_id = module.vpc[0].vpc_id
private_subnets = module.vpc[0].private_subnets
private_subnets_cidr_blocks = module.vpc[0].private_subnets_cidr_blocks
db_username = var.db_username
db_password = var.db_password
enabled = var.enabled
tags = module.eks_label.tags
providers = {
aws = aws.main
aws.development = aws.development
aws.pre_production = aws.pre_production
}
}