diff --git a/dev/.proton/deployment-metadata.json b/dev/.proton/deployment-metadata.json new file mode 100644 index 0000000..b31e528 --- /dev/null +++ b/dev/.proton/deployment-metadata.json @@ -0,0 +1,10 @@ +{ + "deploymentId" : "de3e68bd-120b-4c0c-92b8-a1e93a79f5fe", + "isResourceDeleted" : false, + "resourceMetadata" : { + "arn" : "arn:aws:proton:eu-central-1:765742521795:environment/dev", + "templateArn" : "arn:aws:proton:eu-central-1:765742521795:environment-template/vpc-env", + "templateMajorVersion" : "1", + "templateMinorVersion" : "0" + } +} \ No newline at end of file diff --git a/dev/config.tf b/dev/config.tf new file mode 100644 index 0000000..2799e5e --- /dev/null +++ b/dev/config.tf @@ -0,0 +1,33 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.4.0" + } + } + + backend "s3" {} +} + +# Configure the AWS Provider +provider "aws" { + region = var.aws_region + default_tags { + tags = { + proton:environment = var.environment.name + } + } +} + +variable "aws_region" { + type = string + default = "us-east-1" +} diff --git a/dev/data.tf b/dev/data.tf new file mode 100644 index 0000000..9d54ee5 --- /dev/null +++ b/dev/data.tf @@ -0,0 +1,44 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +data "aws_region" "current" {} + +data "aws_caller_identity" "current" {} + +data "aws_partition" "current" {} + +data "aws_availability_zones" "available" { + state = "available" +} + +resource "aws_sns_topic_policy" "default" { + arn = aws_sns_topic.ping_topic.arn + + policy = data.aws_iam_policy_document.ping_topic_policy.json +} + +data "aws_iam_policy_document" "ping_topic_policy" { + statement { + effect = "Allow" + + actions = ["sns:Subscribe"] + + condition { + test = "StringEquals" + variable = "sns:Protocol" + values = ["sqs"] + } + + principals { + identifiers = ["arn:${local.partition}:iam::${local.account_id}:root"] + type = "AWS" + } + + resources = [aws_sns_topic.ping_topic.arn] + } +} \ No newline at end of file diff --git a/dev/locals.tf b/dev/locals.tf new file mode 100644 index 0000000..ed4e0a7 --- /dev/null +++ b/dev/locals.tf @@ -0,0 +1,13 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +locals { + account_id = data.aws_caller_identity.current.account_id + region = data.aws_region.current.id + partition = data.aws_partition.current.id +} \ No newline at end of file diff --git a/dev/main.tf b/dev/main.tf new file mode 100644 index 0000000..773ccc6 --- /dev/null +++ b/dev/main.tf @@ -0,0 +1,49 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + + cidr = var.environment.inputs.vpc_cidr + + azs = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]] + private_subnets = [ + var.environment.inputs.private_subnet_one_cidr, + var.environment.inputs.private_subnet_two_cidr + ] + public_subnets = [var.environment.inputs.public_subnet_one_cidr, var.environment.inputs.public_subnet_two_cidr] + enable_nat_gateway = true + enable_vpn_gateway = true + enable_dns_hostnames = true + enable_dns_support = true + + tags = { + Terraform = "true" + Environment = var.environment.name + } +} + +resource "aws_vpc_endpoint" "ec2" { + service_name = "com.amazonaws.${local.region}.sns" + vpc_id = module.vpc.vpc_id + private_dns_enabled = true + vpc_endpoint_type = "Interface" + security_group_ids = [module.vpc.default_security_group_id] + subnet_ids = module.vpc.public_subnets +} + +resource "aws_apprunner_vpc_connector" "connector" { + vpc_connector_name = "${var.environment.name}-vpc-connector" + subnets = module.vpc.public_subnets + security_groups = [module.vpc.default_security_group_id] +} + +resource "aws_sns_topic" "ping_topic" { + name_prefix = "ping-" + kms_master_key_id = "alias/aws/sns" +} \ No newline at end of file diff --git a/dev/outputs.tf b/dev/outputs.tf new file mode 100644 index 0000000..9890586 --- /dev/null +++ b/dev/outputs.tf @@ -0,0 +1,47 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +output "SnsTopicArn" { + value = aws_sns_topic.ping_topic.arn +} + +output "SnsTopicName" { + value = aws_sns_topic.ping_topic.name +} + +output "SnsRegion" { + value = local.region +} + +output "VpcId" { + value = module.vpc.vpc_id +} + +output "PublicSubnetOneId" { + value = module.vpc.public_subnets[0] +} + +output "PublicSubnetTwoId" { + value = module.vpc.public_subnets[1] +} + +output "PrivateSubnetOneId" { + value = module.vpc.private_subnets[0] +} + +output "PrivateSubnetTwoId" { + value = module.vpc.private_subnets[1] +} + +output "VpcDefaultSecurityGroupId" { + value = module.vpc.default_security_group_id +} + +output "VpcConnectorArn" { + value = aws_apprunner_vpc_connector.connector.id +} diff --git a/dev/proton.auto.tfvars.json b/dev/proton.auto.tfvars.json new file mode 100644 index 0000000..4dd8180 --- /dev/null +++ b/dev/proton.auto.tfvars.json @@ -0,0 +1,18 @@ +{ + "environment" : { + "name" : "dev", + "inputs" : { + "vpc_cidr" : "10.0.0.0/16", + "public_subnet_one_cidr" : "10.0.0.0/18", + "public_subnet_two_cidr" : "10.0.64.0/18", + "private_subnet_one_cidr" : "10.0.128.0/18", + "private_subnet_two_cidr" : "10.0.192.0/18" + } + }, + "proton_tags" : { + "proton:account" : "765742521795", + "proton:template" : "arn:aws:proton:eu-central-1:765742521795:environment-template/vpc-env", + "proton:environment" : "arn:aws:proton:eu-central-1:765742521795:environment/dev" + }, + "//" : "arn:aws:proton:eu-central-1:765742521795:environment/dev" +} \ No newline at end of file diff --git a/dev/proton.environment.variables.tf b/dev/proton.environment.variables.tf new file mode 100644 index 0000000..bbb273d --- /dev/null +++ b/dev/proton.environment.variables.tf @@ -0,0 +1,20 @@ +/* +This file is managed by AWS Proton. Any changes made directly to this file will be overwritten the next time AWS Proton performs an update. + +To manage this resource, see AWS Proton Resource: arn:aws:proton:eu-central-1:765742521795:environment/dev + +If the resource is no longer accessible within AWS Proton, it may have been deleted and may require manual cleanup. +*/ + +variable "environment" { + type = object({ + inputs = any + name = string + }) + default = null +} + +variable "proton_tags" { + type = map(string) + default = null +}