From 7db3d9b55eaa9bee16bd1797fe2c3d7c4bc6f13e Mon Sep 17 00:00:00 2001
From: Nimrod Kor <nimrodkor@gmail.com>
Date: Sun, 6 Oct 2019 17:57:51 +0300
Subject: [PATCH] Make it into a terraform module

---
 .circleci/config.yml |  6 +++++-
 .gitignore           |  2 ++
 README.md            | 12 +++++++++---
 main.tf              | 16 ++++++++++++++++
 outputs.tf           |  7 +++++++
 serverless.yml       | 11 +++++++++--
 variables.tf         | 23 +++++++++++++++++++++++
 7 files changed, 71 insertions(+), 6 deletions(-)
 create mode 100644 main.tf
 create mode 100644 outputs.tf
 create mode 100644 variables.tf

diff --git a/.circleci/config.yml b/.circleci/config.yml
index e3ab747..9083e02 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -19,7 +19,11 @@ jobs:
             aws configure --profile test set aws_access_key_id $ACME2_AWS_ACCESS_KEY_ID
             aws configure --profile test set aws_secret_access_key $ACME2_AWS_SECRET_ACCESS_KEY
             aws configure --profile test set region $REGION
-
+      - run:
+          name: Check terraform formatting
+          command: |
+            terraform fmt -check=true
+            exit $( echo $? )
       - run:
           name: Deploy serverless
           command: sls deploy --region $REGION --aws-profile test
diff --git a/.gitignore b/.gitignore
index a1aa5a8..64ed1a5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@
 node_modules
 .idea
 __pycache__
+.terraform
+**.tfstate**
diff --git a/README.md b/README.md
index 74f48db..ba3547a 100644
--- a/README.md
+++ b/README.md
@@ -20,11 +20,16 @@ The following tool enables:
 * Valid access keys at `~/.aws/credentials` with a default profile configured or matching [AWS Environment Variables](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html)  
 * `Python` ,`Pipenv` & `npm` installed on the host running the tool
 
-## Deploy backup lambda
+## Integrate backup & restore module using terraform
+```
+module 
+``` 
+
+## Deploy backup & restore lambdas manually
  
 ```bash
-git clone https://github.com/bridgecrewio/HowCrew.git
-cd HowCrew/backup-route53
+git clone https://github.com/bridgecrewio/aws-route53-backup-restore.git
+cd aws-route53-backup-restore
 npm i 
 sls deploy --backup-interval ${INTERVAL_IN_MINUTES} --retention-period ${RETENTION_PERIOD} --region ${REGION} --aws-profile ${PROFILE}
 ```
@@ -32,6 +37,7 @@ sls deploy --backup-interval ${INTERVAL_IN_MINUTES} --retention-period ${RETENTI
 
 | Key             | Description                                             | Default value |
 |-----------------|---------------------------------------------------------|---------------|
+| profile         | AWS profile, from the AWS credentials file, to be used  | default       |
 | region          | Region of resources to be deployed                      | us-east-1     |
 | backup-interval | Interval, in minutes, of scheduled backup               | 120 minutes   |
 | retention-period| The time, in days, the backup is stored for             | 14            |
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..aa36cf1
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,16 @@
+resource "null_resource" "deploy_route53_backup_and_restore" {
+  triggers = {
+    build = timestamp()
+  }
+
+  provisioner "local-exec" {
+    command = "npm i && sls deploy --backup-interval ${var.interval} --retention-period ${var.retention_period} --region ${var.region} --aws-profile ${var.aws_profile}"
+  }
+}
+
+resource "null_resource" "remove_route53_backup_and_restore" {
+  provisioner "local-exec" {
+    when    = "destroy"
+    command = "npm i && sls remove --backup-interval ${var.interval} --retention-period ${var.retention_period} --region ${var.region} --aws-profile ${var.aws_profile}"
+  }
+}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..7dbf49f
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,7 @@
+output "stack_name" {
+  value = "route53-backup"
+}
+
+output "function_names" {
+  value = ["backup-route53", "restore-route53"]
+}
\ No newline at end of file
diff --git a/serverless.yml b/serverless.yml
index 1bb0712..081f79b 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -4,8 +4,7 @@ package:
   excludeDevDependencies: false
   individually: true
   exclude:
-    - node_modules/**
-    - images/**
+    - "**/*"
 
 provider:
   name: aws
@@ -55,6 +54,10 @@ functions:
           - "route53:ListResourceRecordSets"
           - "route53:ListTagsForResource"
           - "route53:ListTagsForResources"
+    package:
+      include:
+        - route53_utils.py
+        - backup_route53.py
 
   restore-route53:
     handler: restore_route53.handle
@@ -91,6 +94,10 @@ functions:
         Resource: "*"
         Action:
           - "ec2:DescribeVpcs"
+    package:
+      include:
+        - route53_utils.py
+        - restore_route53.py
 
 plugins:
   - serverless-pseudo-parameters
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..7214794
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,23 @@
+variable "aws_profile" {
+  description = "The AWS profile from the credentials file that will be used to deploy this solution."
+  default     = "default"
+  type        = string
+}
+
+variable "region" {
+  description = "The AWS region the solution will be deployed to"
+  type        = string
+  default     = "us-east-1"
+}
+
+variable "interval" {
+  description = "The interval, in minutes, of the scheduled backup."
+  type        = string
+  default     = "120"
+}
+
+variable "retention_period" {
+  description = "The time, in days, the backup is stored for"
+  type        = string
+  default     = "14"
+}
\ No newline at end of file