Refactored map function and general tidy up

jarden-digital · Oct 19, 2020 · cc983fe · cc983fe
1 parent ae492c8
commit cc983fe
Show file tree

Hide file tree

Showing 7 changed files with 21 additions and 18 deletions.
diff --git a/artifactory/example/main.tf b/artifactory/example/main.tf
@@ -1,24 +1,24 @@
-module "lamnda_applciation_artifactory_example" {
+module "lambda_applciation_artifactory_example" {
   source = "../"
 
   providers = {
     aws = aws
   }
 
-  artifactory_bucket_name = "test-lambda-app.stage.example.com"
-  lambda_application_name = "test-lambda-app"
-  cross_account_numbers   = [12345678901]
+  artifactory_bucket_name = "lambda-app.stage.example.com"
+  application_name        = "lambda-app"
+  cross_account_numbers   = [12345678901, 98765432109]
   force_destroy           = true
 }
 
 provider "aws" {
   region = var.aws_region
 }
-  
+
 variable "aws_region" {
   default = "ap-southeast-2"
 }
 
 output "bucket_name" {
-  value = module.lamnda_applciation_artifactory_example.bucket_name
+  value = module.lambda_applciation_artifactory_example.bucket_name
 }
diff --git a/artifactory/main.tf b/artifactory/main.tf
@@ -9,7 +9,7 @@ resource "aws_s3_bucket" "artifactory" {
 
   force_destroy = var.force_destroy
 
-  tags = merge({ Name = var.artifactory_bucket_name }, { "Lambda Application Name" = var.lambda_application_name }, var.tags)
+  tags = merge({ Name = var.artifactory_bucket_name }, { "Lambda Application Name" = var.application_name }, var.tags)
 }
 
 data "aws_iam_policy_document" "cross_account_access_document" {
@@ -30,7 +30,9 @@ data "aws_iam_policy_document" "cross_account_access_document" {
   }
 }
 
-resource "aws_s3_bucket_policy" "artifactory" {
+resource "aws_s3_bucket_policy" "cross_account_policy" {
+  count = length(var.cross_account_numbers) > 0 ? 1 : 0
+
   bucket = aws_s3_bucket.artifactory.id
   policy = data.aws_iam_policy_document.cross_account_access_document.json
 }
diff --git a/artifactory/vars.tf b/artifactory/vars.tf
@@ -2,25 +2,26 @@ variable "artifactory_bucket_name" {
   description = "The name of the S3 bucket used to store deployment artifacts for the Lambda Application"
 }
 
-variable "lambda_application_name" {
-  description = "The name of the Lambda Application. Used to tag artifactory bucket"
+variable "application_name" {
   type        = string
+  description = "The name of the Lambda Application. Used to tag artifactory bucket"
 }
 
 variable "cross_account_numbers" {
-  description = "Addtional AWS accounts to provide access from"
   type        = list(number)
+  description = "Addtional AWS accounts to provide access from. If no account ID's are supplied no policy is created for the bucket."
+  default     = []
 }
 
 variable "force_destroy" {
-  description = "Controls if all objects in a bucket should be deleted when destroying the bucket resource. If set to `false`, the bucket resource cannot be destroyed until all objects are deleted. Defaults to `false`."
   type        = bool
+  description = "Controls if all objects in a bucket should be deleted when destroying the bucket resource. If set to `false`, the bucket resource cannot be destroyed until all objects are deleted. Defaults to `false`."
   default     = false
 }
 
 variable "tags" {
-  description = "A map of additional tags to add to the artifactory resource."
   type        = map(any)
+  description = "A map of additional tags to add to the artifactory resource."
   default     = {}
 }
 
diff --git a/datastore.tf b/datastore.tf
@@ -65,5 +65,5 @@ module "lambda_datastore" {
   rds_tags      = var.rds_tags
   s3_tags       = var.s3_tags
   dynamodb_tags = var.dynamodb_tags
-  tags          = merge(map("Lambda Application", var.application_name), var.datastore_tags)
+  tags          = merge({ "Lambda Application" = var.application_name }, var.datastore_tags)
 }
diff --git a/iam.tf b/iam.tf
@@ -18,7 +18,7 @@ resource "aws_iam_role" "lambda_application_execution_role" {
 
   assume_role_policy = data.aws_iam_policy_document.lambda_application_assume_role_statement.json
 
-  tags = merge(map("Name", format("%s-Execution-Role", var.application_name)), map("Lambda Application", var.application_name), var.tags)
+  tags = merge({ Name = format("%s-Execution-Role", var.application_name) }, { "Lambda Application" = var.application_name }, var.tags)
 }
 
 resource "aws_iam_role_policy_attachment" "lambda_application_logs" {

diff --git a/main.tf b/main.tf
@@ -38,10 +38,10 @@ resource "aws_lambda_function" "lambda_application" {
   layers = [aws_lambda_layer_version.runtime_dependencies.arn]
 
   environment {
-    variables = merge(map("APP_NAME", var.application_name), local.datastore_env_vars, var.application_env_vars)
+    variables = merge({ APP_NAME = var.application_name }, local.datastore_env_vars, var.application_env_vars)
   }
 
-  tags = merge(map("Name", format("%s-%s", var.application_name, each.value.name)), map("Lambda Application", var.application_name), var.tags)
+  tags = merge({ Name = format("%s-%s", var.application_name, each.value.name) }, { "Lambda Application" = var.application_name }, var.tags)
 }
 
 resource "aws_lambda_permission" "internal_entrypoints" {

diff --git a/vars.tf b/vars.tf
@@ -128,7 +128,7 @@ variable "rds_subnet_group" {
 }
 
 variable "rds_security_group_ids" {
-type        = list(string)
+  type        = list(string)
   description = "A List of security groups to bind to the rds instance"
   default     = []
 }