Merge pull request #24 from clouddrove/fix/variables

Fix/variables

README.md

@@ -66,22 +66,51 @@ This module has a few dependencies:
 
 
 ### Simple Example
+### Public
 Here is an example of how you can use this module in your inventory structure:
 ```hcl
-  module "sftp" {
-        source                    = "clouddrove/sftp/aws"
-        version                   = "1.3.0"
-        name                      = "sftp"
-        environment               = "test"
-        label_order               = ["name", "environment"]
-        public_key                = ""
-        user_name                 = "ftp-user"
-        enable_sftp               = true
-        s3_bucket_id              = clouddrove_dev_s3_bucket
-        endpoint_type             = "PUBLIC"
+    module "sftp" {
+      source         = "clouddrove/sftp/aws"
+      version        = "1.3.1"      
+      name           = "sftp"
+      environment    = "test"
+      label_order    = ["environment", "name"]
+      enable_sftp    = true
+      s3_bucket_name = module.s3_bucket.id
+      endpoint_type  = "PUBLIC"
+      workflow_details = {
+        on_upload = {
+          execution_role = "arn:aws:iam::1234567890:role/test-sftp-transfer-role"
+          workflow_id    = "w-12345XXXX6da"
         }
+      }
+    }
 ```
 
+### VPC
+Here is an example of how you can use this module in your inventory structure:
+```hcl
+    module "sftp" {
+      source                 = "clouddrove/sftp/aws"
+      version                = "1.3.1"      
+      name                   = "sftp"
+      environment            = "test"
+      label_order            = ["environment", "name"]
+      eip_enabled            = false
+      s3_bucket_name         = module.s3_bucket.id
+      sftp_users             = var.sftp_users
+      subnet_ids             = module.subnets.private_subnet_id
+      vpc_id                 = module.vpc.vpc_id
+      restricted_home        = true
+      vpc_security_group_ids = [module.security_group_sftp.security_group_id]
+      workflow_details = {
+        on_upload = {
+          execution_role = "arn:aws:iam::1234567890:role/test-sftp-transfer-role"
+          workflow_id    = "w-12345XXXX6da"
+        }
+      }
+    }
+```
 
 
 

README.yaml

@@ -37,18 +37,47 @@ include:
 # How to use this project
 usage : |-
   ### Simple Example
+  ### PUBLIC  
   Here is an example of how you can use this module in your inventory structure:
   ```hcl
     module "sftp" {
-          source                    = "clouddrove/sftp/aws"
-          version                   = "1.3.0"
-          name                      = "sftp"
-          environment               = "test"
-          label_order               = ["name", "environment"]
-          public_key                = ""
-          user_name                 = "ftp-user"
-          enable_sftp               = true
-          s3_bucket_id              = clouddrove_dev_s3_bucket
-          endpoint_type             = "PUBLIC"
-          }
+      source         = "clouddrove/sftp/aws"
+      version        = "1.3.1"      
+      name           = "sftp"
+      environment    = "test"
+      label_order    = ["environment", "name"]
+      enable_sftp    = true
+      s3_bucket_name = module.s3_bucket.id
+      endpoint_type  = "PUBLIC"
+      workflow_details = {
+        on_upload = {
+          execution_role = "arn:aws:iam::1234567890:role/test-sftp-transfer-role"
+          workflow_id    = "w-12345XXXX6da"
+        }
+      }
+    }
   ```
+
+  ### VPC  
+  ```hcl
+    module "sftp" {
+      source                 = "clouddrove/sftp/aws"
+      version                = "1.3.1"      
+      name                   = "sftp"
+      environment            = "test"
+      label_order            = ["environment", "name"]
+      eip_enabled            = false
+      s3_bucket_name         = module.s3_bucket.id
+      sftp_users             = var.sftp_users
+      subnet_ids             = module.subnets.private_subnet_id
+      vpc_id                 = module.vpc.vpc_id
+      restricted_home        = true
+      vpc_security_group_ids = [module.security_group_sftp.security_group_id]
+      workflow_details = {
+        on_upload = {
+          execution_role = "arn:aws:iam::1234567890:role/test-sftp-transfer-role"
+          workflow_id    = "w-12345XXXX6da"
+        }
+      }
+    }
+  ```

main.tf

@@ -26,11 +26,11 @@ locals {
   s3_arn_prefix = "arn:${one(data.aws_partition.default[*].partition)}:s3:::"
   is_vpc        = var.vpc_id != null
 
-  user_names = length(var.sftp_users) > 0 ? [for user in var.sftp_users : user.username] : []
+  user_names = length(var.sftp_users) > 0 ? [for user in var.sftp_users : user.user_name] : []
 
   user_names_map = length(var.sftp_users) > 0 ? {
     for user in var.sftp_users :
-    user.username => merge(user, {
+    user.user_name => merge(user, {
       s3_bucket_arn = lookup(user, "s3_bucket_name", null) != null ? "${local.s3_arn_prefix}${lookup(user, "s3_bucket_name")}" : one(data.aws_s3_bucket.landing[*].arn)
     })
   } : {}
@@ -232,7 +232,7 @@ resource "aws_transfer_server" "transfer_server" {
 ##----------------------------------------------------------------------------------
 
 resource "aws_transfer_user" "transfer_server_user" {
-  for_each = var.enabled ? { for user in var.sftp_users : user.username => user } : {}
+  for_each = var.enabled ? { for user in var.sftp_users : user.user_name => user } : {}
 
   server_id           = join("", aws_transfer_server.transfer_server[*].id)
   role                = aws_iam_role.s3_access_for_sftp_users[each.value.user_name].arn

variables.tf

@@ -155,4 +155,10 @@ variable "workflow_details" {
 variable "enable_workflow" {
   type    = bool
   default = false
+}
+
+variable "endpoint_type" {
+  type        = string
+  default     = "PUBLIC"
+  description = "The type of endpoint that you want your SFTP server connect to. If you connect to a VPC (or VPC_ENDPOINT), your SFTP server isn't accessible over the public internet. If you want to connect your SFTP server via public internet, set PUBLIC. Defaults to PUBLIC"
 }