Skip to content

Commit

Permalink
revert data providerds
Browse files Browse the repository at this point in the history
  • Loading branch information
Max Glotov committed Feb 19, 2024
1 parent 154dc44 commit fb4f680
Show file tree
Hide file tree
Showing 23 changed files with 292 additions and 391 deletions.
36 changes: 0 additions & 36 deletions terraform/layer1-aws/main.tf
Original file line number Diff line number Diff line change
@@ -1,18 +1,3 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.1.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.19.0"
}
}
}

data "aws_availability_zones" "available" {}

data "aws_caller_identity" "current" {}
Expand All @@ -33,24 +18,3 @@ resource "aws_iam_account_password_policy" "default" {
allow_users_to_change_password = var.aws_account_password_policy.allow_users_to_change_password
max_password_age = var.aws_account_password_policy.max_password_age
}


module "aws_cost_allocation_tags" {
count = var.is_this_payment_account ? 1 : 0

source = "../modules/aws-cost-allocation-tags"
tags = [
{
tag_key = "Environment"
status = "Active"
},
{
tag_key = "Terraform"
status = "Active"
},
{
tag_key = "aws:autoscaling:groupName"
status = "Active"
}
]
}
8 changes: 7 additions & 1 deletion terraform/layer1-aws/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ variable "aws_account_password_policy" {
}

variable "is_this_payment_account" {
default = true
default = false
description = "Set it to false if a target account isn't a payer account. This variable is used to apply a configuration for cost allocation tags"
}

Expand Down Expand Up @@ -103,21 +103,27 @@ variable "cloudtrail_logs_s3_expiration_days" {
variable "tags" {
type = any
}

variable "private_subnets" {
type = list(any)
}

variable "public_subnets" {
type = list(any)
}

variable "intra_subnets" {
type = list(any)
}

variable "vpc_id" {

}

variable "region" {

}

variable "env" {

}
Expand Down
10 changes: 10 additions & 0 deletions terraform/layer1-aws/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.36.0"
}
}
}
27 changes: 26 additions & 1 deletion terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,8 @@ module "aws_iam_aws_loadbalancer_controller" {
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetGroupAttributes",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:DescribeTags"
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DescribeTrustStores"
],
"Resource" : "*"
},
Expand Down Expand Up @@ -300,6 +301,28 @@ module "aws_iam_aws_loadbalancer_controller" {
}
}
},
{
"Effect" : "Allow",
"Action" : [
"elasticloadbalancing:AddTags"
],
"Resource" : [
"arn:aws:elasticloadbalancing:*:*:targetgroup/*/*",
"arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*",
"arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*"
],
"Condition" : {
"StringEquals" : {
"elasticloadbalancing:CreateAction" : [
"CreateTargetGroup",
"CreateLoadBalancer"
]
},
"Null" : {
"aws:RequestTag/elbv2.k8s.aws/cluster" : "false"
}
}
},
{
"Effect" : "Allow",
"Action" : [
Expand Down Expand Up @@ -404,6 +427,8 @@ resource "helm_release" "aws_loadbalancer_controller" {
name = "webhookTLS.key"
value = tls_private_key.aws_loadbalancer_controller_webhook[0].private_key_pem
}

depends_on = [helm_release.karpenter]
}

resource "kubernetes_ingress_v1" "default" {
Expand Down
31 changes: 15 additions & 16 deletions terraform/layer2-k8s/locals.tf
Original file line number Diff line number Diff line change
@@ -1,20 +1,19 @@
locals {
region = var.region
name = var.name
name_wo_region = "${var.name}-${local.env}"
env = var.environment
zone_id = var.zone_id
domain_name = var.domain_name
domain_suffix = "${local.env}.${var.domain_name}"
allowed_ips = var.allowed_ips
ip_whitelist = join(",", concat(local.allowed_ips, var.additional_allowed_ips))
vpc_id = var.vpc_id
vpc_cidr = var.vpc_cidr
eks_cluster_id = var.eks_cluster_id
eks_certificate_authority_data = var.cluster_ca_certificate
eks_cluster_endpoint = var.eks_cluster_endpoint
eks_oidc_provider_arn = var.eks_oidc_provider_arn
ssl_certificate_arn = var.ssl_certificate_arn
region = var.region
name = var.name
name_wo_region = var.name_wo_region
env = var.environment
zone_id = var.zone_id
domain_name = var.domain_name
domain_suffix = "${local.env}.${var.domain_name}"
allowed_ips = var.allowed_ips
ip_whitelist = join(",", concat(local.allowed_ips, var.additional_allowed_ips))
vpc_id = var.vpc_id
vpc_cidr = var.vpc_cidr
eks_cluster_id = var.eks_cluster_id
eks_oidc_provider_arn = var.eks_oidc_provider_arn
eks_cluster_endpoint = data.aws_eks_cluster.main.endpoint
ssl_certificate_arn = var.ssl_certificate_arn

helm_releases = yamldecode(file("${path.module}/helm-releases.yaml"))["releases"]
}
27 changes: 0 additions & 27 deletions terraform/layer2-k8s/main.tf
Original file line number Diff line number Diff line change
@@ -1,28 +1 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "4.62.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.19.0"
}
helm = {
source = "hashicorp/helm"
version = "2.6.0"
}
http = {
source = "hashicorp/http"
version = "3.2.1"
}
kubectl = {
source = "gavinbunney/kubectl"
version = "1.14.0"
}
}
}

data "aws_caller_identity" "current" {}
15 changes: 4 additions & 11 deletions terraform/layer2-k8s/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ variable "name" {
description = "Project name, required to create unique resource names"
}

variable "name_wo_region" {
description = "Project name, required to create unique resource names without region suffix"
}

variable "environment" {
default = "demo"
description = "Env name"
Expand Down Expand Up @@ -122,14 +126,3 @@ variable "node_group_default_iam_role_name" {
description = "The IAM Role name of a default nodegroup"
default = ""
}

variable "eks_auth_token" {

}
variable "eks_cluster_endpoint" {

}

variable "cluster_ca_certificate" {

}
26 changes: 26 additions & 0 deletions terraform/layer2-k8s/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.36.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.19.0"
}
helm = {
source = "hashicorp/helm"
version = "2.6.0"
}
http = {
source = "hashicorp/http"
version = "3.2.1"
}
kubectl = {
source = "gavinbunney/kubectl"
version = "1.14.0"
}
}
}
14 changes: 14 additions & 0 deletions terraform/modules/eks/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.36.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.19.0"
}
}
}
10 changes: 10 additions & 0 deletions terraform/modules/vpc/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = "1.4.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.36.0"
}
}
}
6 changes: 3 additions & 3 deletions terragrunt/terragrunt.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ remote_state {
if_exists = "overwrite_terragrunt"
}
config = {
region = local.remote_state_bucket_region
bucket = local.remote_state_bucket
key = "${path_relative_to_include()}/terraform.tfstate"
region = local.remote_state_bucket_region
bucket = local.remote_state_bucket
key = "${path_relative_to_include()}/terraform.tfstate"
encrypt = true
# Uncomment this to use state locking
# dynamodb_table = "${local.remote_state_bucket}-${path_relative_to_include()}"
Expand Down
45 changes: 0 additions & 45 deletions terragrunt/us-east-1/demo/aws-base/.terraform.lock.hcl

This file was deleted.

44 changes: 0 additions & 44 deletions terragrunt/us-east-1/demo/aws-base/terragrunt.hcl

This file was deleted.

Loading

0 comments on commit fb4f680

Please sign in to comment.