-
Notifications
You must be signed in to change notification settings - Fork 1
/
data.tf
104 lines (86 loc) · 4.97 KB
/
data.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the list of AWS Availability Zones available in this region
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_availability_zones" "available" {
state = "available"
}
data "aws_availability_zone" "all" {
for_each = toset(data.aws_availability_zones.available.names)
name = each.key
}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the name of the region where the Terraform deployment is running
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_region" "current" {}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the effective Account ID, User ID, and ARN in which Terraform is authorized.
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_caller_identity" "current" {}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the Account ID of the AWS ELB Service Account for the purpose of permitting in S3 bucket policy.
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_elb_service_account" "current" {}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get AWS Inspector rules available in this region
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_inspector_rules_packages" "available" {}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the ID of CloudFront origin request policy
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_cloudfront_origin_request_policy" "s3" {
name = "Managed-CORS-S3Origin"
}
data "aws_cloudfront_origin_request_policy" "custom" {
name = "Managed-CORS-CustomOrigin"
}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get the ID of CloudFront cache policy.
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_cloudfront_cache_policy" "s3" {
name = "Managed-CachingOptimizedForUncompressedObjects"
}
data "aws_cloudfront_cache_policy" "custom" {
name = "Managed-CachingOptimized"
}
# # ---------------------------------------------------------------------------------------------------------------------#
# Get get the latest ID of a registered AMI linux distro by owner and version
# # ---------------------------------------------------------------------------------------------------------------------#
data "aws_ami" "distro" {
most_recent = true
// owners = ["099720109477"] # ubuntu
owners = ["136693071363"] # debian
filter {
name = "name"
// values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-*"] # ubuntu
values = ["debian-11-arm64*"] # debian
}
}
# # ---------------------------------------------------------------------------------------------------------------------#
# Variables for user_data templates generation
# # ---------------------------------------------------------------------------------------------------------------------#
data "template_file" "user_data" {
for_each = var.ec2
template = file("./user_data/${each.key}")
vars = {
INSTANCE_NAME = "${each.key}"
CIDR = "${aws_vpc.this.cidr_block}"
RESOLVER = "${cidrhost(aws_vpc.this.cidr_block, 2)}"
AWS_DEFAULT_REGION = "${data.aws_region.current.name}"
ALB_DNS_NAME = "${aws_lb.this["outer"].dns_name}"
CODECOMMIT_APP_REPO = "codecommit::${data.aws_region.current.name}://${aws_codecommit_repository.app.repository_name}"
CODECOMMIT_SERVICES_REPO = "codecommit::${data.aws_region.current.name}://${aws_codecommit_repository.services.repository_name}"
EXTRA_PACKAGES_DEB = "nfs-common unzip git patch python3-pip acl attr imagemagick snmp gpg"
EXCLUDE_PACKAGES_DEB = "apache2* *apcu-bc"
NODE_VERSION = "${var.app["node_version"]}"
VERSION = "2"
DOMAIN = "${var.app["domain"]}"
STAGING_DOMAIN = "${var.app["staging_domain"]}"
BRAND = "${var.app["brand"]}"
OS_USER = "${var.app["os_user"]}"
ADMIN_EMAIL = "${var.app["admin_email"]}"
WEB_ROOT_PATH = "/var/www/${var.app["brand"]}"
TIMEZONE = "${var.app["timezone"]}"
X2F1_HEADER = "${random_uuid.this.result}"
HEALTH_CHECK_LOCATION = "${random_string.this["health_check"].result}"
}
}