feat: updating the permissions for the cost analysis role

.commitlintrc.yaml

@@ -0,0 +1,19 @@
+---
+rules:
+  body-leading-blank: [1, always]
+  body-max-line-length: [2, always, 100]
+  footer-leading-blank: [1, always]
+  footer-max-line-length: [2, always, 100]
+  header-max-length: [2, always, 100]
+  subject-case:
+    - 2
+    - never
+    - [sentence-case, start-case, pascal-case, upper-case]
+  subject-empty: [2, never]
+  subject-full-stop: [2, never, "."]
+  type-case: [2, always, lower-case]
+  type-empty: [2, never]
+  type-enum:
+    - 2
+    - always
+    - [build, chore, ci, docs, feat, fix, perf, refactor, revert, style, test]

.terraform-docs.yml

@@ -0,0 +1,28 @@
+#header-from: .header.md
+settings:
+  anchor: true
+  color: true
+  default: true
+  escape: true
+  html: true
+  indent: 2
+  required: true
+  sensitive: true
+  type: true
+  lockfile: false
+
+formatter: "markdown table"
+
+output:
+  file: README.md
+  mode: inject
+
+sections:
+  show:
+    - providers
+    - inputs
+    - outputs
+
+sort:
+  enabled: true
+  by: required

.tflint.hcl

@@ -1,12 +1,12 @@
 plugin "aws" {
   enabled = true
-  version = "0.32.0"
+  version = "0.34.0"
   source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }
 
 plugin "terraform" {
   enabled = true
-  version = "0.7.0"
+  version = "0.9.1"
   source  = "github.com/terraform-linters/tflint-ruleset-terraform"
 }
 

Makefile

@@ -36,20 +36,35 @@ examples:
 
 documentation: 
 	@echo "--> Generating documentation"
-	@terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .
+	@terraform-docs .
 	$(MAKE) documentation-modules
 	$(MAKE) documentation-examples
 
 documentation-modules:
 	@echo "--> Generating documentation for modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \; ; \
-	fi
+	@find . -type d -regex '.*/modules/[a-za-z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Generating documentation for module: $$dir"; \
+		terraform-docs $$dir; \
+	done;
 
 documentation-examples:
-	@echo "--> Generating documentation examples"
+	@echo "--> Generating documentation for examples"
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null| while read -r dir; do \
+		echo "--> Generating documentation for example: $$dir"; \
+		terraform-docs $$dir; \
+	done;
+
+upgrade-terraform-providers:
+	@printf "%s Upgrading Terraform providers for %-24s" "-->" "."
+	@terraform init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"
+	@$(MAKE) upgrade-terraform-example-providers
+
+upgrade-terraform-example-providers:
 	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \; ; \
+		find examples -type d -mindepth 1 -maxdepth 1 2>/dev/null | while read -r dir; do \
+			printf "%s Upgrading Terraform providers for %-24s" "-->" "$$dir"; \
+			terraform -chdir=$$dir init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"; \
+		done; \
 	fi
 
 init: 
@@ -64,21 +79,17 @@ security:
 
 security-modules:
 	@echo "--> Running Security checks on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done; 
 
 security-examples:
 	@echo "--> Running Security checks on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done;
 
 tests: 
 	@echo "--> Running Terraform Tests" 
@@ -90,26 +101,28 @@ validate:
 	@terraform validate
 	$(MAKE) validate-modules
 	$(MAKE) validate-examples
+	$(MAKE) validate-commits
 
 validate-modules:
 	@echo "--> Running terraform validate on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			terraform -chdir=$$dir init -backend=false; \
-			terraform -chdir=$$dir validate; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating Module $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+		terraform -chdir=$$dir validate; \
+	done;
 
 validate-examples:
 	@echo "--> Running terraform validate on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			terraform -chdir=$$dir init -backend=false; \
-			terraform -chdir=$$dir validate; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+		terraform -chdir=$$dir validate; \
+	done; 
+
+validate-commits:
+	@echo "--> Running commitlint against the main branch"
+	@command -v commitlint >/dev/null 2>&1 || { echo "commitlint is not installed. Please install it by running 'npm install -g commitlint'"; exit 1; }
+	@git log --pretty=format:"%s" origin/main..HEAD | commitlint --from=origin/main
 
 lint:
 	@echo "--> Running tflint"
@@ -120,31 +133,27 @@ lint:
 
 lint-modules:
 	@echo "--> Running tflint on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Linting $$dir"; \
-			tflint --chdir=$$dir --init; \
-			tflint --chdir=$$dir -f compact; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done;
 
 lint-examples:
 	@echo "--> Running tflint on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Linting $$dir"; \
-			tflint --chdir=$$dir --init; \
-			tflint --chdir=$$dir -f compact; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done; 
 
 format: 
 	@echo "--> Running terraform fmt"
 	@terraform fmt -recursive -write=true
 
 clean:
 	@echo "--> Cleaning up"
-	@find . -type d -name ".terraform" | while read -r dir; do \
+	@find . -type d -name ".terraform" 2>/dev/null | while read -r dir; do \
 		echo "--> Removing $$dir"; \
 		rm -rf $$dir; \
 	done

examples/cost-analysis-support/README.md

@@ -17,41 +17,27 @@ The `terraform-docs` utility is used to generate this README. Follow the below s
 2. Fetch the `terraform-docs` binary (https://terraform-docs.io/user-guide/installation/)
 3. Run `terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .`
 
-## Inputs
+<!-- BEGIN_TF_DOCS -->
+## Requirements
 
-| Name                                                                                                                  | Description                                                           | Type          | Default       | Required |
-| --------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------- | ------------- | ------------- | :------: |
-| <a name="input_enable_cost_analysis_support"></a> [enable_cost_analysis_support](#input_enable_cost_analysis_support) | Enable the creation of the finops role in the customer account        | `bool`        | `true`        |    no    |
-| <a name="input_enable_landing_zone_support"></a> [enable_landing_zone_support](#input_enable_landing_zone_support)    | Enable the creation of the support role in the customer account       | `bool`        | `false`       |    no    |
-| <a name="input_external_account_id"></a> [external_account_id](#input_external_account_id)                            | The external account id from where the support role will be assumed   | `string`      | n/a           |   yes    |
-| <a name="input_external_region"></a> [external_region](#input_external_region)                                        | The external region from where the support role will be assumed       | `string`      | `"eu-west-2"` |    no    |
-| <a name="input_external_role_name"></a> [external_role_name](#input_external_role_name)                               | The external account name from where the support role will be assumed | `string`      | n/a           |   yes    |
-| <a name="input_tags"></a> [tags](#input_tags)                                                                         | A map of tags to add to the resources                                 | `map(string)` | `{}`          |    no    |
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
 
-## Outputs
+## Providers
 
-| Name                                                                                                                                               | Description                                                                             |
-| -------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- |
-| <a name="output_appvia_cost_analysis_support_role_arn"></a> [appvia_cost_analysis_support_role_arn](#output_appvia_cost_analysis_support_role_arn) | The name of the Cost Analysis Support IAM role to be assumed by the Appvia support team |
+No providers.
 
-<!-- BEGIN_TF_DOCS -->
-# Example: AWS Cost Analysis Support
+## Modules
 
-This example demonstrates how to deploy the AWS Cost Analysis support resources using Terraform in your AWS Cost Analysis Account.
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_appvia_cost_analysis_support_role"></a> [appvia\_cost\_analysis\_support\_role](#module\_appvia\_cost\_analysis\_support\_role) | ../../modules/costanalysis | n/a |
 
-## Deployment
+## Resources
 
-1. Copy the `terraform.tfvars.example` file to `terraform.tfvars` and update with your values.
-2. Run `terraform init -upgrade`
-3. Run `terraform plan -out=tfplan`
-4. Run `terraform apply tfplan`
-
-## Updating Docs
-
-The `terraform-docs` utility is used to generate this README. Follow the below steps to update:
-1. Make changes to the `.terraform-docs.yml` file
-2. Fetch the `terraform-docs` binary (https://terraform-docs.io/user-guide/installation/)
-3. Run `terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .`
+No resources.
 
 ## Inputs
 
@@ -64,4 +50,5 @@ The `terraform-docs` utility is used to generate this README. Follow the below s
 | Name | Description |
 |------|-------------|
 | <a name="output_appvia_cost_analysis_support_role_arn"></a> [appvia\_cost\_analysis\_support\_role\_arn](#output\_appvia\_cost\_analysis\_support\_role\_arn) | The name of the Cost Analysis Support IAM role to be assumed by the Appvia support team |
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->
+

examples/lza-support/README.md

@@ -1,4 +1,3 @@
-<!-- BEGIN_TF_DOCS -->
 # Example: AWS Landing Zone Accelerator Support
 
 This example demonstrates how to deploy the AWS Landing Zone Accelerator (LZA) support resources using Terraform in your AWS Management Account where Control Tower is configured.
@@ -13,10 +12,33 @@ This example demonstrates how to deploy the AWS Landing Zone Accelerator (LZA) s
 ## Updating Docs
 
 The `terraform-docs` utility is used to generate this README. Follow the below steps to update:
+
 1. Make changes to the `.terraform-docs.yml` file
 2. Fetch the `terraform-docs` binary (https://terraform-docs.io/user-guide/installation/)
 3. Run `terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .`
 
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_appvia_lza_support_role"></a> [appvia\_lza\_support\_role](#module\_appvia\_lza\_support\_role) | ../../modules/lza | n/a |
+
+## Resources
+
+No resources.
+
 ## Inputs
 
 | Name | Description | Type | Default | Required |
@@ -30,4 +52,5 @@ The `terraform-docs` utility is used to generate this README. Follow the below s
 |------|-------------|
 | <a name="output_appvia_cost_analysis_support_role_arn"></a> [appvia\_cost\_analysis\_support\_role\_arn](#output\_appvia\_cost\_analysis\_support\_role\_arn) | The ARN of the IAM role to be assumed by the support team for cost analysis |
 | <a name="output_appvia_landing_zone_support_role_arn"></a> [appvia\_landing\_zone\_support\_role\_arn](#output\_appvia\_landing\_zone\_support\_role\_arn) | The name of the Landing Zone Support IAM role to be assumed by the Appvia support team |
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->
+