[OlGo] documentation improved #8

Olgoetz · 2022-10-25T12:12:56Z

No description provided.

Olgoetz · 2022-10-25T12:13:24Z

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Validation Output


Success! The configuration is valid.

Terraform Plan 📖`success`

Show Plan


terraform
module.statebackup.data.archive_file.prepare_workspaces: Reading...
module.statebackup.data.archive_file.handle_error: Reading...
module.statebackup.data.archive_file.get_workspaces: Reading...
module.statebackup.data.archive_file.lambda_layer: Reading...
module.statebackup.data.archive_file.get_organizations: Reading...
module.statebackup.data.archive_file.create_workspace_state_backup: Reading...
module.statebackup.data.archive_file.send_report: Reading...
module.statebackup.data.archive_file.clean_up: Reading...
module.statebackup.data.archive_file.prepare_workspaces: Read complete after 0s [id=6971ab34c5a77de33fcf98730221908a4886af2f]
module.statebackup.data.archive_file.handle_error: Read complete after 0s [id=5327de27b8d42476952b097255a3cc3cb346f127]
module.statebackup.data.archive_file.get_workspaces: Read complete after 0s [id=81668ebbd2f71b4d13a7aa8130ee8826e53f66a1]
module.statebackup.data.archive_file.clean_up: Read complete after 0s [id=31a792289cd68b3ee286feec591036bab8ad1596]
module.statebackup.data.archive_file.get_organizations: Read complete after 0s [id=cfcbdaf73bebe8f6331efff737455a9cbc4d1859]
module.statebackup.data.archive_file.create_workspace_state_backup: Read complete after 0s [id=3a32940234ad73ff8c97dafda9754f75ea3b1c56]
module.statebackup.data.archive_file.send_report: Read complete after 0s [id=45700780a4be20d503b358fe670d1edbbc47894d]
module.statebackup.data.archive_file.prepare_organizations: Reading...
module.statebackup.data.archive_file.prepare_organizations: Read complete after 0s [id=311f6b6e2642d729758b4870bfd8354192d586a0]
module.statebackup.data.archive_file.lambda_layer: Read complete after 0s [id=1dfdb0ea5c9c0e878a60500595bb4a31b0ecb045]
module.statebackup.data.aws_caller_identity.current: Reading...
module.statebackup.data.aws_caller_identity.current: Read complete after 0s [id=751569595345]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.statebackup.data.aws_iam_policy_document.cw_role_policy will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "cw_role_policy" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "states:StartExecution",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
        }
    }

  # module.statebackup.data.aws_iam_policy_document.s3 will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "s3" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "s3:DeleteObject*",
              + "s3:GetObject*",
              + "s3:List*",
              + "s3:PutObject",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
            ]
          + sid       = "S3"
        }
    }

  # module.statebackup.data.aws_iam_policy_document.sns will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "sns" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "sns:Publish",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
          + sid       = "PublishSNS"
        }
    }

  # module.statebackup.data.aws_iam_policy_document.step_functions_policy will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "step_functions_policy" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "lambda:InvokeFunction",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
              + (known after apply),
            ]
        }
      + statement {
          + actions   = [
              + "sns:Publish",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
        }
    }

  # module.statebackup.aws_cloudwatch_event_rule.state_backup will be created
  + resource "aws_cloudwatch_event_rule" "state_backup" {
      + arn                 = (known after apply)
      + description         = "Perform a state backup of all Terraform Cloud workspaces."
      + event_bus_name      = "default"
      + id                  = (known after apply)
      + is_enabled          = true
      + name                = "TerraformStateBackup-CW-EventRule"
      + name_prefix         = (known after apply)
      + schedule_expression = "cron(0 23 * * ? *)"
      + tags_all            = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_event_target.sfn will be created
  + resource "aws_cloudwatch_event_target" "sfn" {
      + arn            = (known after apply)
      + event_bus_name = "default"
      + id             = (known after apply)
      + role_arn       = (known after apply)
      + rule           = "TerraformStateBackup-CW-EventRule"
      + target_id      = "TriggerSFN"
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-clean_up"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-clean_up"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-create_workspace_state_backup"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-create_workspace_state_backup"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-get-organizations"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-get-organizations"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-get-workspaces"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-get-workspaces"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-handle_error"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-handle_error"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-prepare-organizations"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-prepare-organizations"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-prepare-workspaces"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-prepare-workspaces"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_cloudwatch_log_group.this["TerraformStateBackup-send_report"] will be created
  + resource "aws_cloudwatch_log_group" "this" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/lambda/TerraformStateBackup-send_report"
      + retention_in_days = 14
      + tags_all          = (known after apply)
    }

  # module.statebackup.aws_iam_policy.cw_role_policy will be created
  + resource "aws_iam_policy" "cw_role_policy" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "TerraformStateBackup-CWEvent-Policy"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.statebackup.aws_iam_policy.s3 will be created
  + resource "aws_iam_policy" "s3" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "TerraformStateBackup-Lambda-S3-Policy"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.statebackup.aws_iam_policy.sns will be created
  + resource "aws_iam_policy" "sns" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "TerraformStateBackup-Lambda-SNS-Policy"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.statebackup.aws_iam_policy.step_function_policy will be created
  + resource "aws_iam_policy" "step_function_policy" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "TerraformStateBackup-SFN-Policy"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.statebackup.aws_iam_policy_attachment.cw_role will be created
  + resource "aws_iam_policy_attachment" "cw_role" {
      + id         = (known after apply)
      + name       = "TerraformStateBackup-CWEvent-Role-attachment"
      + policy_arn = (known after apply)
      + roles      = [
          + "TerraformStateBackup-CWEvent-Role",
        ]
    }

  # module.statebackup.aws_iam_role.cw_role will be created
  + resource "aws_iam_role" "cw_role" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = [
                          + "sts:AssumeRole",
                        ]
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = [
                              + "states.amazonaws.com",
                              + "events.amazonaws.com",
                            ]
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "TerraformStateBackup-CWEvent-Role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.statebackup.aws_iam_role.step_functions_role will be created
  + resource "aws_iam_role" "step_functions_role" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "states.amazonaws.com"
                        }
                      + Sid       = ""
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "TerraformStateBackup-SFN-Role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.statebackup.aws_iam_role.this will be created
  + resource "aws_iam_role" "this" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "lambda.amazonaws.com"
                        }
                      + Sid       = ""
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "TerraformStateBackup-Lambda-Role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.statebackup.aws_iam_role_policy_attachment.cw will be created
  + resource "aws_iam_role_policy_attachment" "cw" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
      + role       = "TerraformStateBackup-Lambda-Role"
    }

  # module.statebackup.aws_iam_role_policy_attachment.s3 will be created
  + resource "aws_iam_role_policy_attachment" "s3" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "TerraformStateBackup-Lambda-Role"
    }

  # module.statebackup.aws_iam_role_policy_attachment.sns will be created
  + resource "aws_iam_role_policy_attachment" "sns" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "TerraformStateBackup-Lambda-Role"
    }

  # module.statebackup.aws_iam_role_policy_attachment.step_functions_role_attachment will be created
  + resource "aws_iam_role_policy_attachment" "step_functions_role_attachment" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "TerraformStateBackup-SFN-Role"
    }

  # module.statebackup.aws_lambda_function.clean_up will be created
  + resource "aws_lambda_function" "clean_up" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Emtpies the temp bucket."
      + filename                       = "../clean_up.zip"
      + function_name                  = "TerraformStateBackup-clean_up"
      + handler                        = "clean_up.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "ZNlfsieLwl6PMWztTPKLkZaAdamjG1Y7IahwWZ1LCL4="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.create_workspace_state_backup will be created
  + resource "aws_lambda_function" "create_workspace_state_backup" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Uploads the current state version of a Terraform workspace to s3."
      + filename                       = "../create_workspace_state_backup.zip"
      + function_name                  = "TerraformStateBackup-create_workspace_state_backup"
      + handler                        = "create_workspace_state_backup.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "gue6OLc9n1oqlAHR+xQSmBmHsxK3LWcENOqMFD++AVI="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "S3_BUCKET"   = "terraformstatebackup-bucket-751569595345"
              + "SSL_VERIFY"  = "true"
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
              + "TFC_TOKEN"   = (sensitive)
              + "TFC_URL"     = "https://app.terraform.io"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.get_organizations will be created
  + resource "aws_lambda_function" "get_organizations" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Returns all Terraform Cloud organizations and saves them in an s3 bucket."
      + filename                       = "../get_organizations.zip"
      + function_name                  = "TerraformStateBackup-get-organizations"
      + handler                        = "get_organizations.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "+yxLRb4e6rj62cC23xaH7sRRhXfKysForiHEGnjxrnw="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "SSL_VERIFY"  = "true"
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
              + "TFC_TOKEN"   = (sensitive)
              + "TFC_URL"     = "https://app.terraform.io"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.get_workspaces will be created
  + resource "aws_lambda_function" "get_workspaces" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Returns all workspaces of a Terraform Cloud organization and saves them to s3."
      + filename                       = "../get_workspaces.zip"
      + function_name                  = "TerraformStateBackup-get-workspaces"
      + handler                        = "get_workspaces.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "NdwugyFbYLE3t5Km2B4sXEfFa7UYvG8jG1KMc+cFOEI="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "SSL_VERIFY"  = "true"
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
              + "TFC_TOKEN"   = (sensitive)
              + "TFC_URL"     = "https://app.terraform.io"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.handle_error will be created
  + resource "aws_lambda_function" "handle_error" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Sends a notification to the provided SNS topic."
      + filename                       = "../handle_error.zip"
      + function_name                  = "TerraformStateBackup-handle_error"
      + handler                        = "handle_error.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "hRNSkdwF6VN2IMZztQNnYHbe3EnPmfC0bXGogHMHEWY="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = (known after apply)
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.prepare_organizations will be created
  + resource "aws_lambda_function" "prepare_organizations" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Provides a list org ids."
      + filename                       = "../prepare_organizations.zip"
      + function_name                  = "TerraformStateBackup-prepare-organizations"
      + handler                        = "prepare_organizations.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "ih0JOy9EJMFkmDRqwHLwuvkBtlZRNlP1GsLr5grhBag="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "SSL_VERIFY"  = "true"
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
              + "TFC_TOKEN"   = (sensitive)
              + "TFC_URL"     = "https://app.terraform.io"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.prepare_workspaces will be created
  + resource "aws_lambda_function" "prepare_workspaces" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Prepares a list of workspaces for a specific orga."
      + filename                       = "../prepare_workspaces.zip"
      + function_name                  = "TerraformStateBackup-prepare-workspaces"
      + handler                        = "prepare_workspaces.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "Ga/fpQh9oC33gqwOke43zoCV2YThSHr2pstch6dxZoc="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "SSL_VERIFY"  = "true"
              + "TEMP_BUCKET" = "terraformstatebackup-temp-bucket-751569595345"
              + "TFC_TOKEN"   = (sensitive)
              + "TFC_URL"     = "https://app.terraform.io"
            }
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_function.send_report will be created
  + resource "aws_lambda_function" "send_report" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + description                    = "Sends a notification to the provided SNS topic."
      + filename                       = "../send_report.zip"
      + function_name                  = "TerraformStateBackup-send_report"
      + handler                        = "send_report.handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + layers                         = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.9"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + source_code_hash               = "7szlW/kZHq8NnNyYY3DByZ9kl2jbV5PQvXuzNzP8N3I="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 20
      + version                        = (known after apply)

      + environment {
          + variables = (known after apply)
        }

      + ephemeral_storage {
          + size = (known after apply)
        }

      + tracing_config {
          + mode = (known after apply)
        }
    }

  # module.statebackup.aws_lambda_layer_version.lambda_layer will be created
  + resource "aws_lambda_layer_version" "lambda_layer" {
      + arn                         = (known after apply)
      + compatible_runtimes         = [
          + "python3.9",
        ]
      + created_date                = (known after apply)
      + filename                    = "../python_packages.zip"
      + id                          = (known after apply)
      + layer_arn                   = (known after apply)
      + layer_name                  = "TerraformStateBackup-Lambda-Layer"
      + signing_job_arn             = (known after apply)
      + signing_profile_version_arn = (known after apply)
      + skip_destroy                = false
      + source_code_hash            = (known after apply)
      + source_code_size            = (known after apply)
      + version                     = (known after apply)
    }

  # module.statebackup.aws_s3_bucket.temp will be created
  + resource "aws_s3_bucket" "temp" {
      + acceleration_status         = (known after apply)
      + acl                         = (known after apply)
      + arn                         = (known after apply)
      + bucket                      = "terraformstatebackup-temp-bucket-751569595345"
      + bucket_domain_name          = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = true
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + object_lock_enabled         = (known after apply)
      + policy                      = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + tags_all                    = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)

      + cors_rule {
          + allowed_headers = (known after apply)
          + allowed_methods = (known after apply)
          + allowed_origins = (known after apply)
          + expose_headers  = (known after apply)
          + max_age_seconds = (known after apply)
        }

      + grant {
          + id          = (known after apply)
          + permissions = (known after apply)
          + type        = (known after apply)
          + uri         = (known after apply)
        }

      + lifecycle_rule {
          + abort_incomplete_multipart_upload_days = (known after apply)
          + enabled                                = (known after apply)
          + id                                     = (known after apply)
          + prefix                                 = (known after apply)
          + tags                                   = (known after apply)

          + expiration {
              + date                         = (known after apply)
              + days                         = (known after apply)
              + expired_object_delete_marker = (known after apply)
            }

          + noncurrent_version_expiration {
              + days = (known after apply)
            }

          + noncurrent_version_transition {
              + days          = (known after apply)
              + storage_class = (known after apply)
            }

          + transition {
              + date          = (known after apply)
              + days          = (known after apply)
              + storage_class = (known after apply)
            }
        }

      + logging {
          + target_bucket = (known after apply)
          + target_prefix = (known after apply)
        }

      + object_lock_configuration {
          + object_lock_enabled = (known after apply)

          + rule {
              + default_retention {
                  + days  = (known after apply)
                  + mode  = (known after apply)
                  + years = (known after apply)
                }
            }
        }

      + replication_configuration {
          + role = (known after apply)

          + rules {
              + delete_marker_replication_status = (known after apply)
              + id                               = (known after apply)
              + prefix                           = (known after apply)
              + priority                         = (known after apply)
              + status                           = (known after apply)

              + destination {
                  + account_id         = (known after apply)
                  + bucket             = (known after apply)
                  + replica_kms_key_id = (known after apply)
                  + storage_class      = (known after apply)

                  + access_control_translation {
                      + owner = (known after apply)
                    }

                  + metrics {
                      + minutes = (known after apply)
                      + status  = (known after apply)
                    }

                  + replication_time {
                      + minutes = (known after apply)
                      + status  = (known after apply)
                    }
                }

              + filter {
                  + prefix = (known after apply)
                  + tags   = (known after apply)
                }

              + source_selection_criteria {
                  + sse_kms_encrypted_objects {
                      + enabled = (known after apply)
                    }
                }
            }
        }

      + server_side_encryption_configuration {
          + rule {
              + bucket_key_enabled = (known after apply)

              + apply_server_side_encryption_by_default {
                  + kms_master_key_id = (known after apply)
                  + sse_algorithm     = (known after apply)
                }
            }
        }

      + versioning {
          + enabled    = (known after apply)
          + mfa_delete = (known after apply)
        }

      + website {
          + error_document           = (known after apply)
          + index_document           = (known after apply)
          + redirect_all_requests_to = (known after apply)
          + routing_rules            = (known after apply)
        }
    }

  # module.statebackup.aws_s3_bucket.this will be created
  + resource "aws_s3_bucket" "this" {
      + acceleration_status         = (known after apply)
      + acl                         = (known after apply)
      + arn                         = (known after apply)
      + bucket                      = "terraformstatebackup-bucket-751569595345"
      + bucket_domain_name          = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = true
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + object_lock_enabled         = (known after apply)
      + policy                      = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + tags_all                    = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)

      + cors_rule {
          + allowed_headers = (known after apply)
          + allowed_methods = (known after apply)
          + allowed_origins = (known after apply)
          + expose_headers  = (known after apply)
          + max_age_seconds = (known after apply)
        }

      + grant {
          + id          = (known after apply)
          + permissions = (known after apply)
          + type        = (known after apply)
          + uri         = (known after apply)
        }

      + lifecycle_rule {
          + abort_incomplete_multipart_upload_days = (known after apply)
          + enabled                                = (known after apply)
          + id                                     = (known after apply)
          + prefix                                 = (known after apply)
          + tags                                   = (known after apply)

          + expiration {
              + date                         = (known after apply)
              + days                         = (known after apply)
              + expired_object_delete_marker = (known after apply)
            }

          + noncurrent_version_expiration {
              + days = (known after apply)
            }

          + noncurrent_version_transition {
              + days          = (known after apply)
              + storage_class = (known after apply)
            }

          + transition {
              + date          = (known after apply)
              + days          = (known after apply)
              + storage_class = (known after apply)
            }
        }

      + logging {
          + target_bucket = (known after apply)
          + target_prefix = (known after apply)
        }

      + object_lock_configuration {
          + object_lock_enabled = (known after apply)

          + rule {
              + default_retention {
                  + days  = (known after apply)
                  + mode  = (known after apply)
                  + years = (known after apply)
                }
            }
        }

      + replication_configuration {
          + role = (known after apply)

          + rules {
              + delete_marker_replication_status = (known after apply)
              + id                               = (known after apply)
              + prefix                           = (known after apply)
              + priority                         = (known after apply)
              + status                           = (known after apply)

              + destination {
                  + account_id         = (known after apply)
                  + bucket             = (known after apply)
                  + replica_kms_key_id = (known after apply)
                  + storage_class      = (known after apply)

                  + access_control_translation {
                      + owner = (known after apply)
                    }

                  + metrics {
                      + minutes = (known after apply)
                      + status  = (known after apply)
                    }

                  + replication_time {
                      + minutes = (known after apply)
                      + status  = (known after apply)
                    }
                }

              + filter {
                  + prefix = (known after apply)
                  + tags   = (known after apply)
                }

              + source_selection_criteria {
                  + sse_kms_encrypted_objects {
                      + enabled = (known after apply)
                    }
                }
            }
        }

      + server_side_encryption_configuration {
          + rule {
              + bucket_key_enabled = (known after apply)

              + apply_server_side_encryption_by_default {
                  + kms_master_key_id = (known after apply)
                  + sse_algorithm     = (known after apply)
                }
            }
        }

      + versioning {
          + enabled    = (known after apply)
          + mfa_delete = (known after apply)
        }

      + website {
          + error_document           = (known after apply)
          + index_document           = (known after apply)
          + redirect_all_requests_to = (known after apply)
          + routing_rules            = (known after apply)
        }
    }

  # module.statebackup.aws_s3_bucket_acl.temp will be created
  + resource "aws_s3_bucket_acl" "temp" {
      + acl    = "private"
      + bucket = (known after apply)
      + id     = (known after apply)

      + access_control_policy {
          + grant {
              + permission = (known after apply)

              + grantee {
                  + display_name  = (known after apply)
                  + email_address = (known after apply)
                  + id            = (known after apply)
                  + type          = (known after apply)
                  + uri           = (known after apply)
                }
            }

          + owner {
              + display_name = (known after apply)
              + id           = (known after apply)
            }
        }
    }

  # module.statebackup.aws_s3_bucket_acl.this will be created
  + resource "aws_s3_bucket_acl" "this" {
      + acl    = "private"
      + bucket = (known after apply)
      + id     = (known after apply)

      + access_control_policy {
          + grant {
              + permission = (known after apply)

              + grantee {
                  + display_name  = (known after apply)
                  + email_address = (known after apply)
                  + id            = (known after apply)
                  + type          = (known after apply)
                  + uri           = (known after apply)
                }
            }

          + owner {
              + display_name = (known after apply)
              + id           = (known after apply)
            }
        }
    }

  # module.statebackup.aws_s3_bucket_lifecycle_configuration.this will be created
  + resource "aws_s3_bucket_lifecycle_configuration" "this" {
      + bucket = (known after apply)
      + id     = (known after apply)

      + rule {
          + id     = "expire"
          + status = "Enabled"

          + expiration {
              + days                         = 30
              + expired_object_delete_marker = (known after apply)
            }
        }
    }

  # module.statebackup.aws_s3_bucket_policy.temp will be created
  + resource "aws_s3_bucket_policy" "temp" {
      + bucket = "terraformstatebackup-temp-bucket-751569595345"
      + id     = (known after apply)
      + policy = (known after apply)
    }

  # module.statebackup.aws_s3_bucket_policy.this will be created
  + resource "aws_s3_bucket_policy" "this" {
      + bucket = "terraformstatebackup-bucket-751569595345"
      + id     = (known after apply)
      + policy = (known after apply)
    }

  # module.statebackup.aws_s3_bucket_public_access_block.temp will be created
  + resource "aws_s3_bucket_public_access_block" "temp" {
      + block_public_acls       = true
      + block_public_policy     = true
      + bucket                  = (known after apply)
      + id                      = (known after apply)
      + ignore_public_acls      = true
      + restrict_public_buckets = true
    }

  # module.statebackup.aws_s3_bucket_public_access_block.this will be created
  + resource "aws_s3_bucket_public_access_block" "this" {
      + block_public_acls       = true
      + block_public_policy     = true
      + bucket                  = (known after apply)
      + id                      = (known after apply)
      + ignore_public_acls      = true
      + restrict_public_buckets = true
    }

  # module.statebackup.aws_s3_bucket_server_side_encryption_configuration.temp will be created
  + resource "aws_s3_bucket_server_side_encryption_configuration" "temp" {
      + bucket = "terraformstatebackup-temp-bucket-751569595345"
      + id     = (known after apply)

      + rule {
          + apply_server_side_encryption_by_default {
              + sse_algorithm = "aws:kms"
            }
        }
    }

  # module.statebackup.aws_s3_bucket_server_side_encryption_configuration.this will be created
  + resource "aws_s3_bucket_server_side_encryption_configuration" "this" {
      + bucket = "terraformstatebackup-bucket-751569595345"
      + id     = (known after apply)

      + rule {
          + apply_server_side_encryption_by_default {
              + sse_algorithm = "aws:kms"
            }
        }
    }

  # module.statebackup.aws_s3_bucket_versioning.this will be created
  + resource "aws_s3_bucket_versioning" "this" {
      + bucket = (known after apply)
      + id     = (known after apply)

      + versioning_configuration {
          + mfa_delete = (known after apply)
          + status     = "Enabled"
        }
    }

  # module.statebackup.aws_sfn_state_machine.state_machine will be created
  + resource "aws_sfn_state_machine" "state_machine" {
      + arn           = (known after apply)
      + creation_date = (known after apply)
      + definition    = (known after apply)
      + id            = (known after apply)
      + name          = "TerraformStateBackup-SFN-StateMachine"
      + role_arn      = (known after apply)
      + status        = (known after apply)
      + tags_all      = (known after apply)
      + type          = "STANDARD"

      + logging_configuration {
          + include_execution_data = (known after apply)
          + level                  = (known after apply)
          + log_destination        = (known after apply)
        }

      + tracing_configuration {
          + enabled = (known after apply)
        }
    }

  # module.statebackup.aws_sns_topic.report will be created
  + resource "aws_sns_topic" "report" {
      + arn                         = (known after apply)
      + content_based_deduplication = false
      + fifo_topic                  = false
      + id                          = (known after apply)
      + kms_master_key_id           = "alias/aws/sns"
      + name                        = "TerraformStateBackup-SNS-ReportTopic"
      + name_prefix                 = (known after apply)
      + owner                       = (known after apply)
      + policy                      = (known after apply)
      + tags_all                    = (known after apply)
    }

  # module.statebackup.aws_sns_topic_subscription.email["[email protected]"] will be created
  + resource "aws_sns_topic_subscription" "email" {
      + arn                             = (known after apply)
      + confirmation_timeout_in_minutes = 1
      + confirmation_was_authenticated  = (known after apply)
      + endpoint                        = "[email protected]"
      + endpoint_auto_confirms          = false
      + id                              = (known after apply)
      + owner_id                        = (known after apply)
      + pending_confirmation            = (known after apply)
      + protocol                        = "email"
      + raw_message_delivery            = false
      + topic_arn                       = (known after apply)
    }

Plan: 46 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pusher: @Olgoetz, Action: pull_request, Working Directory: ``, Workflow: Terraform

Olgoetz and others added 2 commits October 25, 2022 14:12

[OlGo] documentation improved

035cc9f

terraform-docs: automated action

02503f7

Olgoetz merged commit fe9c945 into main Oct 25, 2022

Olgoetz deleted the new-doc branch October 25, 2022 12:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[OlGo] documentation improved #8

[OlGo] documentation improved #8

Olgoetz commented Oct 25, 2022

Olgoetz commented Oct 25, 2022

[OlGo] documentation improved #8

[OlGo] documentation improved #8

Conversation

Olgoetz commented Oct 25, 2022

Olgoetz commented Oct 25, 2022

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`