-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
126 lines (112 loc) · 4.22 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#This solution, non-production-ready template describes AWS Codepipeline based CICD Pipeline for terraform code deployment.
#© 2023 Amazon Web Services, Inc. or its affiliates. All Rights Reserved.
#This AWS Content is provided subject to the terms of the AWS Customer Agreement available at
#http://aws.amazon.com/agreement or other written agreement between Customer and either
#Amazon Web Services, Inc. or Amazon Web Services EMEA SARL or both.
terraform {
required_version = ">= 1.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.20.1"
}
}
}
#Module for creating a new S3 bucket for storing pipeline artifacts
module "s3_artifacts_bucket" {
source = "./modules/s3"
project_name = var.project_name
kms_key_arn = module.codepipeline_kms.arn
codepipeline_role_arn = module.codepipeline_iam_role.role_arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}
# Resources
# Module for Infrastructure Source code repository
module "codecommit_infrastructure_source_repo" {
source = "./modules/codecommit"
create_new_repo = var.create_new_repo
source_repository_name = var.source_repo_name
source_repository_branch = var.source_repo_branch
repo_approvers_arn = var.repo_approvers_arn
kms_key_arn = module.codepipeline_kms.arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}
# Module for Infrastructure Validation - CodeBuild
module "codebuild_terraform" {
depends_on = [
module.codecommit_infrastructure_source_repo
]
source = "./modules/codebuild"
project_name = var.project_name
role_arn = module.codepipeline_iam_role.role_arn
s3_bucket_name = module.s3_artifacts_bucket.bucket
build_projects = var.build_projects
build_project_source = var.build_project_source
builder_compute_type = var.builder_compute_type
builder_image = var.builder_image
builder_image_pull_credentials_type = var.builder_image_pull_credentials_type
builder_type = var.builder_type
kms_key_arn = module.codepipeline_kms.arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}
module "codepipeline_kms" {
source = "./modules/kms"
codepipeline_role_arn = module.codepipeline_iam_role.role_arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}
module "codepipeline_iam_role" {
source = "./modules/iam-role"
project_name = var.project_name
create_new_role = var.create_new_role
codepipeline_iam_role_name = var.create_new_role == true ? "${var.project_name}-codepipeline-role" : var.codepipeline_iam_role_name
source_repository_name = var.source_repo_name
kms_key_arn = module.codepipeline_kms.arn
s3_bucket_arn = module.s3_artifacts_bucket.arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}
# Module for Infrastructure Validate, Plan, Apply and Destroy - CodePipeline
module "codepipeline_terraform" {
depends_on = [
module.codebuild_terraform,
module.s3_artifacts_bucket
]
source = "./modules/codepipeline"
project_name = var.project_name
source_repo_name = var.source_repo_name
source_repo_branch = var.source_repo_branch
s3_bucket_name = module.s3_artifacts_bucket.bucket
codepipeline_role_arn = module.codepipeline_iam_role.role_arn
stages = var.stage_input
kms_key_arn = module.codepipeline_kms.arn
tags = {
Project_Name = var.project_name
Environment = var.environment
Account_ID = local.account_id
Region = local.region
}
}