From 1fe00fa06c42079110ba0f164eaf629fe2fdd3d6 Mon Sep 17 00:00:00 2001 From: Michael Filio Date: Thu, 26 May 2022 14:24:16 -0500 Subject: [PATCH] Terraform updates and make examples buildable. (#84) * Refactor deprecated null_data_source out * First round of changes in prep of TF upgrade to 0.13.7 * Update of examples --- .circleci/config.yml | 4 +- .terraform-version | 2 +- README.md | 42 +++++++++--------- examples/basic_usage.tf | 62 ++++++++++++++++++++------ examples/custom_ami.tf | 84 +++++++++++++++++++++++++----------- examples/custom_cw_config.tf | 60 ++++++++++++++++++++------ main.tf | 15 +++---- tests/test1/main.tf | 8 ++-- 8 files changed, 189 insertions(+), 88 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index b37700f..544aa48 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -44,10 +44,10 @@ workflows: - test: filters: branches: - ignore: master + ignore: master - check_destruction: requires: - test filters: branches: - ignore: master + ignore: master diff --git a/.terraform-version b/.terraform-version index 9beb74d..5daaa7b 100644 --- a/.terraform-version +++ b/.terraform-version @@ -1 +1 @@ -0.13.2 +0.13.7 diff --git a/README.md b/README.md index 3bb57cf..d2f4afd 100644 --- a/README.md +++ b/README.md @@ -49,15 +49,14 @@ New variable `ssm_bootstrap_list` was added to allow setting the SSM association | Name | Version | |------|---------| -| terraform | >= 0.12 | -| aws | >= 2.1.0 | +| terraform | >= 0.13.7 | +| aws | ~> 3.0 | ## Providers | Name | Version | |------|---------| -| aws | >= 2.1.0 | -| null | n/a | +| aws | ~> 3.0 | ## Modules @@ -69,24 +68,23 @@ New variable `ssm_bootstrap_list` was added to allow setting the SSM association | Name | |------| -| [aws_ami](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/data-sources/ami) | -| [aws_autoscaling_group](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/autoscaling_group) | -| [aws_autoscaling_notification](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/autoscaling_notification) | -| [aws_autoscaling_policy](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/autoscaling_policy) | -| [aws_caller_identity](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/data-sources/caller_identity) | -| [aws_cloudwatch_log_group](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/cloudwatch_log_group) | -| [aws_cloudwatch_metric_alarm](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/cloudwatch_metric_alarm) | -| [aws_iam_instance_profile](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/iam_instance_profile) | -| [aws_iam_policy](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/iam_policy) | -| [aws_iam_policy_document](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/data-sources/iam_policy_document) | -| [aws_iam_role](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/iam_role) | -| [aws_iam_role_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/iam_role_policy_attachment) | -| [aws_launch_configuration](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/launch_configuration) | -| [aws_region](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/data-sources/region) | -| [aws_ssm_association](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/ssm_association) | -| [aws_ssm_document](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/ssm_document) | -| [aws_ssm_parameter](https://registry.terraform.io/providers/hashicorp/aws/2.1.0/docs/resources/ssm_parameter) | -| [null_data_source](https://registry.terraform.io/providers/hashicorp/null/latest/docs/data-sources/data_source) | +| [aws_ami](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/data-sources/ami) | +| [aws_autoscaling_group](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/autoscaling_group) | +| [aws_autoscaling_notification](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/autoscaling_notification) | +| [aws_autoscaling_policy](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/autoscaling_policy) | +| [aws_caller_identity](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/data-sources/caller_identity) | +| [aws_cloudwatch_log_group](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/cloudwatch_log_group) | +| [aws_cloudwatch_metric_alarm](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/cloudwatch_metric_alarm) | +| [aws_iam_instance_profile](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/iam_instance_profile) | +| [aws_iam_policy](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/iam_policy) | +| [aws_iam_policy_document](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/data-sources/iam_policy_document) | +| [aws_iam_role](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/iam_role) | +| [aws_iam_role_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/iam_role_policy_attachment) | +| [aws_launch_configuration](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/launch_configuration) | +| [aws_region](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/data-sources/region) | +| [aws_ssm_association](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/ssm_association) | +| [aws_ssm_document](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/ssm_document) | +| [aws_ssm_parameter](https://registry.terraform.io/providers/hashicorp/aws/3.0/docs/resources/ssm_parameter) | ## Inputs diff --git a/examples/basic_usage.tf b/examples/basic_usage.tf index 08ce05b..ef13990 100644 --- a/examples/basic_usage.tf +++ b/examples/basic_usage.tf @@ -1,16 +1,21 @@ terraform { - required_version = ">= 0.12" + required_version = ">= 0.13.7" } provider "aws" { - version = "~> 2.2" + version = "~> 3.0" region = "us-west-2" } +resource "random_string" "name_rstring" { + length = 8 + special = false +} + module "vpc" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.1" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.7" - name = "EC2-ASG-BaseNetwork-Test1" + name = "${random_string.name_rstring.result}-ec2-asg-basenetwork-example" } data "aws_region" "current_region" {} @@ -25,8 +30,8 @@ resource "aws_sqs_queue" "ec2_asg_test_sqs" { name = "${random_string.sqs_rstring.result}-my-example-queue" } -module "sns_sqs" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.1" +module "sns" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.2" create_subscription_1 = true endpoint_1 = aws_sqs_queue.ec2_asg_test_sqs.arn @@ -34,8 +39,34 @@ module "sns_sqs" { protocol_1 = "sqs" } + +module "clb" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-clb?ref=v0.12.4" + + name = "${random_string.name_rstring.result}-ec2-asg-clb-example" + security_groups = [module.vpc.default_sg] + subnets = module.vpc.public_subnets + internal_loadbalancer = false + create_logging_bucket = false + rackspace_managed = false + + tags = { + Example = "Example-clb" + } + + + listeners = [ + { + instance_port = 8000 + instance_protocol = "HTTP" + lb_port = 80 + lb_protocol = "HTTP" + }, + ] +} + module "ec2_asg" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg//?ref=v0.12.4" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg?ref=v0.12.23" asg_count = "2" asg_wait_for_capacity_timeout = "10m" @@ -63,12 +94,10 @@ module "ec2_asg" { health_check_grace_period = "300" health_check_type = "EC2" install_codedeploy_agent = false - instance_role_managed_policy_arn_count = "2" - instance_role_managed_policy_arns = [aws_iam_policy.test_policy_1.arn, aws_iam_policy.test_policy_2.arn] + instance_role_managed_policy_arn_count = "3" instance_type = "t2.micro" - key_pair = "my_ec2_key_name" - load_balancer_names = [aws_elb.my_elb.name] - name = "my_test_instance" + load_balancer_names = [module.clb.name] + name = "${random_string.name_rstring.result}-ec2-asg-instance-example" perform_ssm_inventory_tag = "True" primary_ebs_volume_iops = "0" primary_ebs_volume_size = "60" @@ -76,7 +105,7 @@ module "ec2_asg" { rackspace_managed = true scaling_max = "2" scaling_min = "1" - scaling_notification_topic = aws_sns_topic.my_test_sns.arn + scaling_notification_topic = module.sns.topic_arn secondary_ebs_volume_iops = "0" secondary_ebs_volume_size = "60" secondary_ebs_volume_type = "gp2" @@ -87,6 +116,13 @@ module "ec2_asg" { tenancy = "default" terminated_instances = "30" + + instance_role_managed_policy_arns = [ + "arn:aws:iam::aws:policy/AmazonEC2FullAccess", + "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole", + "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access", + ] + ssm_bootstrap_list = [ { action = "aws:runDocument", diff --git a/examples/custom_ami.tf b/examples/custom_ami.tf index 60961d1..118a1a3 100644 --- a/examples/custom_ami.tf +++ b/examples/custom_ami.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12" + required_version = ">= 0.13.7" } provider "aws" { @@ -7,32 +7,58 @@ provider "aws" { region = "us-west-2" } +resource "random_string" "name_rstring" { + length = 8 + special = false +} + module "vpc" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.1" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.7" - name = "EC2-ASG-BaseNetwork-Test1" + name = "${random_string.name_rstring.result}-ec2-asg-basenetwork-example" } -data "aws_region" "current_region" {} +module "alb" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-alb//?ref=v0.12.10" -data "aws_ami" "my_custom_ami" { - executable_users = ["self"] - most_recent = true - owners = ["self"] + create_logging_bucket = false + http_listeners_count = 1 + name = "${random_string.name_rstring.result}-test-alb" + rackspace_managed = false + security_groups = [module.vpc.default_sg] + subnets = module.vpc.public_subnets + target_groups_count = 1 + vpc_id = module.vpc.vpc_id - filter { - name = "name" - values = ["MyCustomAMI"] - } + http_listeners = [ + { + port = 80 + protocol = "HTTP" + }, + ] + + target_groups = [ + { + backend_port = 80 + backend_protocol = "HTTP" + name = "ExampleTargetGroup" + tagert_type = "alb" + + } + ] } -data "aws_ami" "community_ami" { + + +data "aws_region" "current_region" {} + +data "aws_ami" "centos7_marketplace" { + owners = ["aws-marketplace"] most_recent = true - owners = ["679593333241"] filter { - name = "name" - values = ["CentOS Linux 7 x86_64 HVM EBS*"] + name = "product-code" + values = ["cvugziknvmxgqna9noibqnnsy"] } } @@ -46,8 +72,8 @@ resource "aws_sqs_queue" "ec2_asg_test_sqs" { name = "${random_string.sqs_rstring.result}-my-example-queue" } -module "sns_sqs" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.1" +module "sns" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.2" create_subscription_1 = true endpoint_1 = aws_sqs_queue.ec2_asg_test_sqs.arn @@ -56,7 +82,7 @@ module "sns_sqs" { } module "ec2_asg" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg//?ref=v0.12.4" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg?ref=v0.12.23" asg_count = "2" asg_wait_for_capacity_timeout = "10m" @@ -83,14 +109,12 @@ module "ec2_asg" { environment = "Development" health_check_grace_period = "300" health_check_type = "EC2" - image_id = data.aws_ami.community_ami.ami_id + image_id = data.aws_ami.centos7_marketplace.id install_codedeploy_agent = false - instance_role_managed_policy_arn_count = "2" - instance_role_managed_policy_arns = [aws_iam_policy.test_policy_1.arn, aws_iam_policy.test_policy_2.arn] + instance_role_managed_policy_arn_count = "3" instance_type = "t2.micro" - key_pair = "my_ec2_key_name" - load_balancer_names = [aws_elb.my_elb.name] - name = "my_test_instance" + target_group_arns = module.alb.target_group_arns + name = "${random_string.name_rstring.result}-ec2-asg-custom-ami-example" perform_ssm_inventory_tag = "True" primary_ebs_volume_iops = "0" primary_ebs_volume_size = "60" @@ -98,7 +122,7 @@ module "ec2_asg" { rackspace_managed = true scaling_max = "2" scaling_min = "1" - scaling_notification_topic = aws_sns_topic.my_test_sns.arn + scaling_notification_topic = module.sns.topic_arn secondary_ebs_volume_iops = "0" secondary_ebs_volume_size = "60" secondary_ebs_volume_type = "gp2" @@ -109,6 +133,13 @@ module "ec2_asg" { tenancy = "default" terminated_instances = "30" + instance_role_managed_policy_arns = [ + "arn:aws:iam::aws:policy/AmazonEC2FullAccess", + "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole", + "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access", + ] + + ssm_bootstrap_list = [ { action = "aws:runDocument", @@ -142,3 +173,4 @@ module "ec2_asg" { MyTag3 = "Myvalue3" } } + diff --git a/examples/custom_cw_config.tf b/examples/custom_cw_config.tf index add12a6..130f17e 100644 --- a/examples/custom_cw_config.tf +++ b/examples/custom_cw_config.tf @@ -6,7 +6,7 @@ locals { } terraform { - required_version = ">= 0.12" + required_version = ">= 0.13.7" } provider "aws" { @@ -14,10 +14,16 @@ provider "aws" { region = "us-west-2" } +resource "random_string" "name_rstring" { + length = 8 + special = false +} + + module "vpc" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork//?ref=v0.12.1" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.7" - name = "EC2-ASG-BaseNetwork-Test1" + name = "${random_string.name_rstring.result}-ec2-asg-basenetwork-example" } data "aws_region" "current_region" {} @@ -32,8 +38,8 @@ resource "aws_sqs_queue" "ec2_asg_test_sqs" { name = "${random_string.sqs_rstring.result}-my-example-queue" } -module "sns_sqs" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.1" +module "sns" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.2" create_subscription_1 = true endpoint_1 = aws_sqs_queue.ec2_asg_test_sqs.arn @@ -41,8 +47,34 @@ module "sns_sqs" { protocol_1 = "sqs" } + +module "clb" { + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-clb?ref=v0.12.4" + + name = "${random_string.name_rstring.result}-ec2-asg-clb-example" + security_groups = [module.vpc.default_sg] + subnets = module.vpc.public_subnets + internal_loadbalancer = false + create_logging_bucket = false + rackspace_managed = false + + tags = { + Example = "Example-clb" + } + + + listeners = [ + { + instance_port = 8000 + instance_protocol = "HTTP" + lb_port = 80 + lb_protocol = "HTTP" + }, + ] +} + module "ec2_asg" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg//?ref=v0.12.4" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_asg?ref=v0.12.23" asg_count = "2" asg_wait_for_capacity_timeout = "10m" @@ -72,11 +104,9 @@ module "ec2_asg" { health_check_type = "EC2" install_codedeploy_agent = false instance_role_managed_policy_arn_count = "2" - instance_role_managed_policy_arns = [aws_iam_policy.test_policy_1.arn, aws_iam_policy.test_policy_2.arn] instance_type = "t2.micro" - key_pair = "my_ec2_key_name" - load_balancer_names = [aws_elb.my_elb.name] - name = "my_test_instance" + load_balancer_names = [module.clb.name] + name = "${random_string.name_rstring.result}-ec2-asg-instance-example" perform_ssm_inventory_tag = "True" primary_ebs_volume_iops = "0" primary_ebs_volume_size = "60" @@ -85,7 +115,7 @@ module "ec2_asg" { rackspace_managed = true scaling_max = "2" scaling_min = "1" - scaling_notification_topic = aws_sns_topic.my_test_sns.arn + scaling_notification_topic = module.sns.topic_arn secondary_ebs_volume_iops = "0" secondary_ebs_volume_size = "60" secondary_ebs_volume_type = "gp2" @@ -96,6 +126,12 @@ module "ec2_asg" { tenancy = "default" terminated_instances = "30" + instance_role_managed_policy_arns = [ + "arn:aws:iam::aws:policy/AmazonEC2FullAccess", + "arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole", + "arn:aws:iam::aws:policy/CloudWatchActionsEC2Access", + ] + ssm_bootstrap_list = [ { action = "aws:runDocument", @@ -143,4 +179,4 @@ resource "aws_ssm_parameter" "custom_cwagentparam" { name = "custom_cw_param-${random_string.res_name.result}" type = "String" value = templatefile("./text/linux_cw_agent_param.json", local.cwagent_vars) -} +} \ No newline at end of file diff --git a/main.tf b/main.tf index 612c6f7..1207de8 100644 --- a/main.tf +++ b/main.tf @@ -55,10 +55,10 @@ locals { } terraform { - required_version = ">= 0.12" + required_version = ">= 0.13.7" required_providers { - aws = ">= 2.1.0" + aws = "~> 3.0" } } @@ -698,12 +698,11 @@ resource "aws_autoscaling_notification" "rs_support_emergency" { # # Provisioning of CloudWatch related resources # -data "null_data_source" "alarm_dimensions" { - count = var.asg_count - inputs = { - AutoScalingGroupName = element(aws_autoscaling_group.autoscalegrp.*.name, count.index) - } +locals { + asg_names = [for n in range(var.asg_count) : element(aws_autoscaling_group.autoscalegrp.*.name, n)] + + alarm_dimensions = tolist([for n in range(var.asg_count) : tomap({ "AutoScalingGroupName" = tostring(local.asg_names[n]) })]) } module "group_terminating_instances" { @@ -715,7 +714,7 @@ module "group_terminating_instances" { comparison_operator = "GreaterThanThreshold" customer_alarms_cleared = var.customer_alarms_cleared customer_alarms_enabled = var.customer_alarms_enabled - dimensions = data.null_data_source.alarm_dimensions.*.outputs + dimensions = local.alarm_dimensions[*] evaluation_periods = 1 metric_name = "GroupTerminatingInstances" namespace = "AWS/AutoScaling" diff --git a/tests/test1/main.tf b/tests/test1/main.tf index 4d60f4b..eeaa30a 100644 --- a/tests/test1/main.tf +++ b/tests/test1/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12" + required_version = ">= 0.13.7" } provider "aws" { @@ -8,7 +8,7 @@ provider "aws" { } provider "random" { - version = "~> 2.0" + version = "~> 3.0" } data "aws_region" "current_region" {} @@ -38,7 +38,7 @@ resource "random_string" "name_rstring" { } module "vpc" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=master" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-vpc_basenetwork?ref=v0.12.7" name = "${random_string.name_rstring.result}-ec2-asg-basenetwork-test1" } @@ -48,7 +48,7 @@ resource "aws_sqs_queue" "ec2_asg_test_sqs" { } module "sns" { - source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=master" + source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-sns?ref=v0.12.2" create_subscription_1 = true endpoint_1 = aws_sqs_queue.ec2_asg_test_sqs.arn