Update requested for Proton - environment/dev1

pgasiorowski · Nov 16, 2023 · c9bd36e · c9bd36e
1 parent 207ff12
commit c9bd36e
Show file tree

Hide file tree

Showing 8 changed files with 234 additions and 0 deletions.
diff --git a/dev1/.proton/deployment-metadata.json b/dev1/.proton/deployment-metadata.json
@@ -0,0 +1,10 @@
+{
+  "deploymentId" : "a3db82b9-3c94-423f-956a-15bdaed9fede",
+  "isResourceDeleted" : false,
+  "resourceMetadata" : {
+    "arn" : "arn:aws:proton:eu-central-1:765742521795:environment/dev1",
+    "templateArn" : "arn:aws:proton:eu-central-1:765742521795:environment-template/vpc-env",
+    "templateMajorVersion" : "1",
+    "templateMinorVersion" : "0"
+  }
+}
diff --git a/dev1/config.tf b/dev1/config.tf
@@ -0,0 +1,33 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.4.0"
+    }
+  }
+
+  backend "s3" {}
+}
+
+# Configure the AWS Provider
+provider "aws" {
+  region = var.aws_region
+  default_tags {
+    tags = {
+      proton:environment = var.environment.name
+    }
+  }
+}
+
+variable "aws_region" {
+  type    = string
+  default = "us-east-1"
+}
diff --git a/dev1/data.tf b/dev1/data.tf
@@ -0,0 +1,44 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+data "aws_region" "current" {}
+
+data "aws_caller_identity" "current" {}
+
+data "aws_partition" "current" {}
+
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+resource "aws_sns_topic_policy" "default" {
+  arn = aws_sns_topic.ping_topic.arn
+
+  policy = data.aws_iam_policy_document.ping_topic_policy.json
+}
+
+data "aws_iam_policy_document" "ping_topic_policy" {
+  statement {
+    effect = "Allow"
+
+    actions = ["sns:Subscribe"]
+
+    condition {
+      test     = "StringEquals"
+      variable = "sns:Protocol"
+      values   = ["sqs"]
+    }
+
+    principals {
+      identifiers = ["arn:${local.partition}:iam::${local.account_id}:root"]
+      type        = "AWS"
+    }
+
+    resources = [aws_sns_topic.ping_topic.arn]
+  }
+}
diff --git a/dev1/locals.tf b/dev1/locals.tf
@@ -0,0 +1,13 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+locals {
+  account_id = data.aws_caller_identity.current.account_id
+  region     = data.aws_region.current.id
+  partition  = data.aws_partition.current.id
+}
diff --git a/dev1/main.tf b/dev1/main.tf
@@ -0,0 +1,49 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+module "vpc" {
+  source = "terraform-aws-modules/vpc/aws"
+
+  cidr = var.environment.inputs.vpc_cidr
+
+  azs = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]]
+  private_subnets = [
+    var.environment.inputs.private_subnet_one_cidr,
+    var.environment.inputs.private_subnet_two_cidr
+  ]
+  public_subnets       = [var.environment.inputs.public_subnet_one_cidr, var.environment.inputs.public_subnet_two_cidr]
+  enable_nat_gateway   = true
+  enable_vpn_gateway   = true
+  enable_dns_hostnames = true
+  enable_dns_support   = true
+
+  tags = {
+    Terraform   = "true"
+    Environment = var.environment.name
+  }
+}
+
+resource "aws_vpc_endpoint" "ec2" {
+  service_name        = "com.amazonaws.${local.region}.sns"
+  vpc_id              = module.vpc.vpc_id
+  private_dns_enabled = true
+  vpc_endpoint_type   = "Interface"
+  security_group_ids  = [module.vpc.default_security_group_id]
+  subnet_ids          = module.vpc.public_subnets
+}
+
+resource "aws_apprunner_vpc_connector" "connector" {
+  vpc_connector_name = "${var.environment.name}-vpc-connector"
+  subnets            = module.vpc.public_subnets
+  security_groups    = [module.vpc.default_security_group_id]
+}
+
+resource "aws_sns_topic" "ping_topic" {
+  name_prefix       = "ping-"
+  kms_master_key_id = "alias/aws/sns"
+}
diff --git a/dev1/outputs.tf b/dev1/outputs.tf
@@ -0,0 +1,47 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+output "SnsTopicArn" {
+  value = aws_sns_topic.ping_topic.arn
+}
+
+output "SnsTopicName" {
+  value = aws_sns_topic.ping_topic.name
+}
+
+output "SnsRegion" {
+  value = local.region
+}
+
+output "VpcId" {
+  value = module.vpc.vpc_id
+}
+
+output "PublicSubnetOneId" {
+  value = module.vpc.public_subnets[0]
+}
+
+output "PublicSubnetTwoId" {
+  value = module.vpc.public_subnets[1]
+}
+
+output "PrivateSubnetOneId" {
+  value = module.vpc.private_subnets[0]
+}
+
+output "PrivateSubnetTwoId" {
+  value = module.vpc.private_subnets[1]
+}
+
+output "VpcDefaultSecurityGroupId" {
+  value = module.vpc.default_security_group_id
+}
+
+output "VpcConnectorArn" {
+  value = aws_apprunner_vpc_connector.connector.id
+}
diff --git a/dev1/proton.auto.tfvars.json b/dev1/proton.auto.tfvars.json
@@ -0,0 +1,18 @@
+{
+  "environment" : {
+    "name" : "dev1",
+    "inputs" : {
+      "vpc_cidr" : "10.0.0.0/16",
+      "public_subnet_one_cidr" : "10.0.0.0/18",
+      "public_subnet_two_cidr" : "10.0.64.0/18",
+      "private_subnet_one_cidr" : "10.0.128.0/18",
+      "private_subnet_two_cidr" : "10.0.192.0/18"
+    }
+  },
+  "proton_tags" : {
+    "proton:account" : "765742521795",
+    "proton:template" : "arn:aws:proton:eu-central-1:765742521795:environment-template/vpc-env",
+    "proton:environment" : "arn:aws:proton:eu-central-1:765742521795:environment/dev1"
+  },
+  "//" : "arn:aws:proton:eu-central-1:765742521795:environment/dev1"
+}
diff --git a/dev1/proton.environment.variables.tf b/dev1/proton.environment.variables.tf
@@ -0,0 +1,20 @@
+/*
+This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update.
+
+To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev1
+
+If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup.
+*/
+
+variable "environment" {
+  type = object({
+    inputs = any
+    name   = string
+  })
+  default = null
+}
+
+variable "proton_tags" {
+  type    = map(string)
+  default = null
+}