diff --git a/apps-devstg/us-east-1/backups --/.terraform.lock.hcl b/apps-devstg/us-east-1/backups --/.terraform.lock.hcl deleted file mode 100644 index 06fd72aa6..000000000 --- a/apps-devstg/us-east-1/backups --/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.17.1" - constraints = ">= 3.20.0, ~> 4.10" - hashes = [ - "h1:wTtXjaZzaM1lLuXYsFP8X1JyZKOa+m3JAzdcaQOtiyM=", - "zh:095c2ad4e42667b6e4c599f3fb7c1d0755b762983474fd3916e89867c30871a2", - "zh:0a987960f796289db7eac887d03dcde0311005cbf625499f4eea0a8882295aeb", - "zh:1fbe5f897afe3a9e5a41c2ecd1f312e79fb6745367a53f7bad11704aedb3b3e2", - "zh:52687f0753fa05a744bd37bb40bcba8ac5e0838cdcd227035b9ccb151635e5f9", - "zh:629835a96c682f4e168c12f6d3c0631409d8e6d28165a283d2fe232c4a8ba75a", - "zh:6fa6e6fbdc0b0377d750a7960768e22f71d8bd97d30e289b823a3923eb92fce7", - "zh:8dfef513861a7c779b34e2f3ea5692f5fb1fb51aa1ee9de78bc755f5652cb597", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:baf507b37a667c773f46d9779277ab9de44a5432694ef95fe9ef03a6af70435f", - "zh:bd006bd8f1403f71be8f490e33ea1bcbdd8135678ebe3f1c3c0ebd82615d9b33", - "zh:dd0a61fb654837d186376b1dbccc8a93ed1e2f176e3663daac2d5bc9190c7895", - "zh:f8db068265495a48476a5ea68aa7148ceb046cbfaad308ef8e12d8fd6f463126", - ] -} diff --git a/apps-devstg/us-east-1/base-network/.terraform.lock.hcl b/apps-devstg/us-east-1/base-network/.terraform.lock.hcl index 332dd1d6c..8de718a15 100644 --- a/apps-devstg/us-east-1/base-network/.terraform.lock.hcl +++ b/apps-devstg/us-east-1/base-network/.terraform.lock.hcl @@ -2,24 +2,24 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "4.44.0" + version = "4.61.0" constraints = ">= 3.28.0, >= 3.73.0, ~> 4.0, >= 4.9.0, ~> 4.10" hashes = [ - "h1:fwOG8IE3AiHdUBo841jC2p4rIF45pWYettgBshcMyJI=", - "zh:08da139140530900ebb07baedd9044b5002f0296f5f160d96783e72080158326", - "zh:2d677b9e4f195481098cec843d0138f3a198f1f93be42c1d1654b71438e2f5ab", - "zh:3cdf4e06b9b8f30f6652a4519d586febc4ab92168a39df2610f06e04a8e6dda7", - "zh:677933957d1de40c8b5ae252c5cd369617af4cb7a26e8f750ad6f175fef4f767", - "zh:6a266ae5488d6daa53bbe6c2cb8368833381eacd9de7f05f059f5100535a0cb2", - "zh:6cdccaab0a444314b10246c8d58b0ffb84d32ddac70e36a12b45eb518e0ae065", - "zh:6ed49c7680298761416d408bc91cd137ae7cff38181fc143b1dfab1a32b44516", - "zh:8403a0fbf439009b3b0c77969c560cf426aeb3d99a78fdd27afbf4694ca0f3e7", - "zh:8ddfd85c6789bca7c66346da1f3488488c20bc4d773cd26669059c437cfbabd6", - "zh:941455d0fa54b0451387cfd611d63766f4b18cb24038f25ee0794097755e654d", + "h1:mJSchOA6VkYwEsi+tuspadRmyyE+FGZGYJFUt5kHV+M=", + "zh:051e2588410b7448a5c4c30d668948dd6fdfa8037700bfc00fb228986ccbf3a5", + "zh:082fbcf9706b48d0880ba552a11c29527e228dadd6d83668d0789abda24e5922", + "zh:0e0e72f214fb24f4f9c601cab088a2d8e00ec3327c451bc753911951d773214a", + "zh:3af6d38ca733ca66cce15c6a5735ded7c18348ad26040ebd9a59778b2cd9cf6c", + "zh:404898bc2258bbb9527fa06c72cb927ca011fd9bc3f4b90931c0912652c3f9e9", + "zh:4f617653b0f17a7708bc896f029c4ab0b677a1a1c987bd77166acad1d82db469", + "zh:5dbe393355ac137aa3fd329e3d24871f27012d3ba93d714485b55820df240349", + "zh:6067c2127eb5c879227aca671f101de6dcba909d0d8d15d5711480351962a248", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:bc01398c714d621ad9f4e81863446cd8e1135a63a5ff7c36d3fb01ab27e96439", - "zh:ce3b39a43b9c5b34a62047fe2a395b72a62cc0b5dc7e8a5be0f778159ac486d2", - "zh:d5891b82511af25570287578318aaee4fa86e05599cc8c81d44ea9e094f4a728", - "zh:df5329c186545d273f9abaeeb39251d6cfcc446bccc44e27d1d7d02ebf145e2f", + "zh:a939f94461f91aa3b7ec7096271e2714309bd917fe9a03e02f68afb556d65e0f", + "zh:b21227b9082e5fafe8b7c415dc6a99c0d82da05492457377a5fe7d4acaed80e2", + "zh:b8d9f09ed5fc8c654b768b7bee1237eaf1e2287c898249e740695055fb0fe072", + "zh:d360e1e185b148ff6b1d0ed4f7d574e08f2391697ab43df62085b04a1a5b1284", + "zh:da962da17ddda744911cb1e92b983fa3874d73a28f3ee72faa9ddb6680a63774", + "zh:e2f1c4f5ebeb4fd7ef690178168a4c529025b54a91bb7a087dcea48e0b82737a", ] } diff --git a/apps-devstg/us-east-1/databases-mysql --/.terraform.lock.hcl b/apps-devstg/us-east-1/databases-mysql --/.terraform.lock.hcl deleted file mode 100644 index e0eda277f..000000000 --- a/apps-devstg/us-east-1/databases-mysql --/.terraform.lock.hcl +++ /dev/null @@ -1,62 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.15.1" - constraints = ">= 3.62.0, >= 4.0.0, ~> 4.0" - hashes = [ - "h1:KPu3MdNXCScye05Sp4JlE9WwhS9k3yD9KRoRDHg5sDE=", - "zh:1d944144f8d613b8090c0c8391e4b205ca036086d70aceb4cdf664856fa8410c", - "zh:2a0ca16a6b12c0ac509f64512f80bd2ed6e7ea0ec369212efd4be3fa65e9773d", - "zh:3f9efdce4f1c320ffd061e8715e1d031deac1be0b959eaa60c25a274925653e4", - "zh:4cf82f3267b0c3e08be29b0345f711ab84ea1ea75f0e8ce81f5a2fe635ba67b4", - "zh:58474a0b7da438e1bcd53e87f10e28830836ff9b46cce5f09413c90952ae4f78", - "zh:6eb1be8afb0314b6b8424fe212b13beeb04f3f24692f0f3ee86c5153c7eb2e63", - "zh:8022da7d3b050d452ce6c679844e13729bdb4e1b3e75dcf68931af17a06b9277", - "zh:8e2683d00fff1df43440d6e7c04a2c1eb432c7d5dacff32fe8ce9045bc948fe6", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b0c22d9a306e8ac2de57b5291a3d0a7a2c1713e33b7d076005662451afdc4d29", - "zh:ba6b7d7d91388b636145b133da6b4e32620cdc8046352e2dc8f3f0f81ff5d2e2", - "zh:d38a816eb60f4419d99303136a3bb61a0d2df3ca8a1dce2ced9b99bf23efa9f7", - ] -} - -provider "registry.terraform.io/hashicorp/random" { - version = "3.2.0" - constraints = ">= 3.1.0" - hashes = [ - "h1:eeUh6cJ6wKLLuo4q9uQ0CA1Zvfqya4Wn1LecLCN8KKs=", - "zh:2960977ce9a7d6a7d3e934e75ec5814735626f95c186ad95a9102344a1a38ac1", - "zh:2fd012abfabe7076f3f2f402eeef4970e20574d20ffec57c162b02b6e848c32f", - "zh:4cd3234671cf01c913023418b227eb78b0659f2cd2e0b387be1f0bb607d29889", - "zh:52e695b4fa3fae735ffc901edff8183745f980923510a744db7616e8f10dc499", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:848b4a294e5ba15192ee4bfd199c07f60a437d7572efcd2d89db036e1ebc0e6e", - "zh:9d49aa432a05748a9527e95448cebee1238c87c97c7e8dec694bfd709683f9c7", - "zh:b4ad4cf289d3f7408649b74b8639918833613f2a1f3cf51b51f4b2fdaa412dd2", - "zh:c1544c4b416096fb8d8dbf84c4488584a2844a30dd533b957e9e9e60a165f24e", - "zh:dc737d6b4591cad8c9a1d0b347e587e846d8d901789b29b4dd401b6cdf82c017", - "zh:f5645fd39f749dbbf847cbdc87ba0dbd141143f12917a6a8904faf8a9b64111e", - "zh:fdedf610e0d020878a8f1fedda8105e0c33a7e23c4792fca54460685552de308", - ] -} - -provider "registry.terraform.io/hashicorp/vault" { - version = "3.6.0" - constraints = "~> 3.6.0" - hashes = [ - "h1:bXAbuGy5MStp9n4dqmeueEutLHuuWpYWZBFb6YrPWu8=", - "zh:0444c2c29f4a2d06f62676d388be7b4366234f5be926320fad6fba5636e51a74", - "zh:1169a6a8df2a03082eda01e69cf84fc2997f71f39be935472875bd4827e9afcc", - "zh:1ec7aece86f0286dee565137a97b129e4ff87ac72f508c922e50f7592d12e583", - "zh:3b48494f46ed3ae7c42107f41f4df164adb51c07cc398381c6d746fa6354e4e9", - "zh:3bc0e8c4b43d13e0c920c298ed02bb44bd065769d50211dac5ec9c47e4eeac14", - "zh:6520301304358d979814d193174fa4b1de51a8a449609064d3565b8e52c466a5", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:84a90427d80c81852758ba0db27d641ec9cb0f4d3ed7ee47ae47ca7759da30ff", - "zh:9294facec63056ea03ed6eae1cf0f4dec4d583cb6d60c2238a4804aa15da0ae4", - "zh:c731df3e55a1bd19d267ab81a0364ba11eac545032f202cbf410b9ebc7872721", - "zh:cb0cf688f77ade15b0bc557bc13ea31c31ce4fe12c23fb8eda5981fe93608d72", - "zh:e21fc27459ff2575fe76be7bb019a0502b46dbbfdcdf6e8b1708df35b4c20402", - ] -} diff --git a/apps-devstg/us-east-1/databases-mysql --/config.tf b/apps-devstg/us-east-1/databases-mysql --/config.tf index 2b4ca85bc..1e4364c9d 100644 --- a/apps-devstg/us-east-1/databases-mysql --/config.tf +++ b/apps-devstg/us-east-1/databases-mysql --/config.tf @@ -23,7 +23,7 @@ provider "vault" { # Backend Config (partial) # #=============================# terraform { - required_version = "~> 1.1.3" + required_version = "~> 1.2.7" required_providers { aws = "~> 4.0" diff --git a/apps-devstg/us-east-1/databases-mysql --/db_mysql.tf b/apps-devstg/us-east-1/databases-mysql --/db_mysql.tf index 5bc411a5a..066b9af67 100644 --- a/apps-devstg/us-east-1/databases-mysql --/db_mysql.tf +++ b/apps-devstg/us-east-1/databases-mysql --/db_mysql.tf @@ -24,18 +24,17 @@ resource "aws_security_group_rule" "allow_mysql_port" { # Binbash Reference DB # module "bb_mysql_db" { - source = "github.com/binbashar/terraform-aws-rds.git?ref=v4.2.0" - + source = "github.com/binbashar/terraform-aws-rds.git?ref=v5.6.0" # Instance settings # https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html identifier = "${var.project}-${var.environment}-binbash-mysql" engine = "mysql" - engine_version = "8.0.21" - instance_class = "db.m5.large" + engine_version = "8.0.28" + instance_class = "db.m6g.large" allocated_storage = 100 storage_encrypted = true - multi_az = true + multi_az = false # Database credentials db_name = "${var.project}_${replace(var.environment, "apps-", "")}_binbash_mysql" @@ -45,8 +44,6 @@ module "bb_mysql_db" { password = data.vault_generic_secret.database_secrets.data["administrator_password"] port = "3306" - - # Backup and maintenance backup_retention_period = 14 maintenance_window = "Tue:03:00-Tue:06:00" @@ -79,7 +76,7 @@ module "bb_mysql_db" { # Specifies whether any database modifications are applied immediately, or # during the next maintenance window - apply_immediately = false + apply_immediately = true # Database Deletion Protection deletion_protection = false diff --git a/apps-devstg/us-east-1/databases-mysql --/export-rds-snapshots-to-s3.tf b/apps-devstg/us-east-1/databases-mysql --/export-rds-snapshots-to-s3.tf new file mode 100644 index 000000000..6c70887a2 --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql --/export-rds-snapshots-to-s3.tf @@ -0,0 +1,73 @@ +locals { + bucket_name = "${var.project}-${replace(var.environment, "apps-", "")}-binbash-mysql" +} + +# ----------------------------------------------------------------------------- +# RDS Export To S3 functions +# ----------------------------------------------------------------------------- +module "rds_export_to_s3" { + source = "git@github.com:binbashar/terraform-aws-rds-export-to-s3.git?ref=v0.4.0" + + # Set a prefix for naming resources + #prefix = "binbashar" + + # Which RDS snapshots should be exported? + database_names = "${var.project}-${replace(var.environment, "apps-", "")}-binbash-mysql" + + # Which bucket will store the exported snapshots? + snapshots_bucket_name = module.bucket.s3_bucket_id + #snapshots_bucket_name = "export-bucket-name" + + # To group objects in a bucket, S3 uses a prefix before object names. The forward slash (/) in the prefix represents a folder. + snapshots_bucket_prefix = "rds_snapshots/" + + # Which RDS snapshots events should be included (RDS Aurora or/and RDS non-Aurora)? + #rds_event_ids = "RDS-EVENT-0091, RDS-EVENT-0169" + + # Create customer managed key or use default AWS S3 managed key. If set to 'false', then 'customer_kms_key_arn' is used. + create_customer_kms_key = false + + # Provide CMK if 'create_customer_kms_key = false' + #customer_kms_key_arn = "arn:aws:kms:us-east-1:523857393444:key/b7a1d584-29cf-4f21-a69f-57ca8eaa1c77" + + # SNS topic for export monitor notifications + create_notifications_topic = true + + # Which topic should receive notifications about exported snapshots events? Only required if 'create_notifications_topic = false' + #notifications_topic_arn = "arn:aws:sns:us-east-1:000000000000:sns-topic-slack-notifications" + + # Set the logging level + # log_level = "DEBUG" + + tags = local.tags + #tags = { Deployment = "binbachar-export" } +} + + +# ----------------------------------------------------------------------------- +# This bucket will be used for storing the exported RDS snapshots. +# ----------------------------------------------------------------------------- +module "bucket" { + source = "github.com/binbashar/terraform-aws-s3-bucket.git?ref=v2.6.0" + + bucket = local.bucket_name + acl = "private" + force_destroy = true + + attach_deny_insecure_transport_policy = true + + server_side_encryption_configuration = { + rule = { + apply_server_side_encryption_by_default = { + sse_algorithm = "AES256" + } + } + } + + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true + + tags = local.tags +} diff --git a/apps-devstg/us-east-1/databases-mysql/common-variables.tf b/apps-devstg/us-east-1/databases-mysql/common-variables.tf new file mode 120000 index 000000000..81b884acd --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/common-variables.tf @@ -0,0 +1 @@ +../../../config/common-variables.tf \ No newline at end of file diff --git a/apps-devstg/us-east-1/databases-mysql/config.tf b/apps-devstg/us-east-1/databases-mysql/config.tf new file mode 100644 index 000000000..1e4364c9d --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/config.tf @@ -0,0 +1,65 @@ +#=============================# +# AWS Provider Settings # +#=============================# +provider "aws" { + region = var.region + profile = var.profile +} + +#=============================# +# Vault Provider Settings # +#=============================# +provider "vault" { + address = var.vault_address + + /* + Vault token that will be used by Terraform to authenticate. + admin token from https://portal.cloud.hashicorp.com/. + */ + token = var.vault_token +} + +#=============================# +# Backend Config (partial) # +#=============================# +terraform { + required_version = "~> 1.2.7" + + required_providers { + aws = "~> 4.0" + vault = "~> 3.6.0" + } + + backend "s3" { + key = "apps-devstg/databases-mysql/terraform.tfstate" + } +} + +#=============================# +# Data sources # +#=============================# +data "terraform_remote_state" "vpc" { + backend = "s3" + + config = { + region = var.region + profile = var.profile + bucket = var.bucket + key = "${var.environment}/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "vpc-shared" { + backend = "s3" + + config = { + region = var.region + profile = "${var.project}-shared-devops" + bucket = "${var.project}-shared-terraform-backend" + key = "shared/network/terraform.tfstate" + } +} + +data "vault_generic_secret" "database_secrets" { + path = "secrets/${var.project}/${var.environment}/databases-mysql" +} diff --git a/apps-devstg/us-east-1/databases-mysql/db_mysql.tf b/apps-devstg/us-east-1/databases-mysql/db_mysql.tf new file mode 100644 index 000000000..066b9af67 --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/db_mysql.tf @@ -0,0 +1,83 @@ +# +# DB Security Group +# +resource "aws_security_group" "bb_mysql_db" { + name = "bb_mysql_db" + description = "Binbash Reference MySQL DB" + vpc_id = data.terraform_remote_state.vpc.outputs.vpc_id + tags = local.tags +} +resource "aws_security_group_rule" "allow_mysql_port" { + type = "ingress" + from_port = 3306 + to_port = 3306 + protocol = "tcp" + cidr_blocks = [ + data.terraform_remote_state.vpc.outputs.vpc_cidr_block, + data.terraform_remote_state.vpc-shared.outputs.vpc_cidr_block + ] + description = "Allow PostgreSQL from DevStg and Shared" + security_group_id = aws_security_group.bb_mysql_db.id +} + +# +# Binbash Reference DB +# +module "bb_mysql_db" { + source = "github.com/binbashar/terraform-aws-rds.git?ref=v5.6.0" + + # Instance settings + # https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html + identifier = "${var.project}-${var.environment}-binbash-mysql" + engine = "mysql" + engine_version = "8.0.28" + instance_class = "db.m6g.large" + allocated_storage = 100 + storage_encrypted = true + multi_az = false + + # Database credentials + db_name = "${var.project}_${replace(var.environment, "apps-", "")}_binbash_mysql" + username = "administrator" + + # Secret from Hashicorp Vault + password = data.vault_generic_secret.database_secrets.data["administrator_password"] + port = "3306" + + # Backup and maintenance + backup_retention_period = 14 + maintenance_window = "Tue:03:00-Tue:06:00" + backup_window = "00:00-02:00" + + # Network settings + create_db_subnet_group = true + subnet_ids = data.terraform_remote_state.vpc.outputs.private_subnets + vpc_security_group_ids = [aws_security_group.bb_mysql_db.id] + + + # Mysql versions (param/option groups) + family = "mysql8.0" + major_engine_version = "8.0" + + # Do not automatically upgrade + auto_minor_version_upgrade = false + + # RDS Enhanced Monitoring + # The interval, in seconds, between points when Enhanced Monitoring metrics + # are collected for the DB instance. + # To disable collecting Enhanced Monitoring metrics, specify 0. + # The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. + monitoring_interval = "0" + monitoring_role_name = "MyRDSMonitoringRoleMySQL" + create_monitoring_role = false # true if Enhanced Monitoring needed + + # Tags + Bakup tag -> True + tags = merge(local.tags, tomap({ Backup = "True" })) + + # Specifies whether any database modifications are applied immediately, or + # during the next maintenance window + apply_immediately = true + + # Database Deletion Protection + deletion_protection = false +} diff --git a/apps-devstg/us-east-1/databases-mysql/export-rds-snapshots-to-s3.tf b/apps-devstg/us-east-1/databases-mysql/export-rds-snapshots-to-s3.tf new file mode 100644 index 000000000..6c70887a2 --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/export-rds-snapshots-to-s3.tf @@ -0,0 +1,73 @@ +locals { + bucket_name = "${var.project}-${replace(var.environment, "apps-", "")}-binbash-mysql" +} + +# ----------------------------------------------------------------------------- +# RDS Export To S3 functions +# ----------------------------------------------------------------------------- +module "rds_export_to_s3" { + source = "git@github.com:binbashar/terraform-aws-rds-export-to-s3.git?ref=v0.4.0" + + # Set a prefix for naming resources + #prefix = "binbashar" + + # Which RDS snapshots should be exported? + database_names = "${var.project}-${replace(var.environment, "apps-", "")}-binbash-mysql" + + # Which bucket will store the exported snapshots? + snapshots_bucket_name = module.bucket.s3_bucket_id + #snapshots_bucket_name = "export-bucket-name" + + # To group objects in a bucket, S3 uses a prefix before object names. The forward slash (/) in the prefix represents a folder. + snapshots_bucket_prefix = "rds_snapshots/" + + # Which RDS snapshots events should be included (RDS Aurora or/and RDS non-Aurora)? + #rds_event_ids = "RDS-EVENT-0091, RDS-EVENT-0169" + + # Create customer managed key or use default AWS S3 managed key. If set to 'false', then 'customer_kms_key_arn' is used. + create_customer_kms_key = false + + # Provide CMK if 'create_customer_kms_key = false' + #customer_kms_key_arn = "arn:aws:kms:us-east-1:523857393444:key/b7a1d584-29cf-4f21-a69f-57ca8eaa1c77" + + # SNS topic for export monitor notifications + create_notifications_topic = true + + # Which topic should receive notifications about exported snapshots events? Only required if 'create_notifications_topic = false' + #notifications_topic_arn = "arn:aws:sns:us-east-1:000000000000:sns-topic-slack-notifications" + + # Set the logging level + # log_level = "DEBUG" + + tags = local.tags + #tags = { Deployment = "binbachar-export" } +} + + +# ----------------------------------------------------------------------------- +# This bucket will be used for storing the exported RDS snapshots. +# ----------------------------------------------------------------------------- +module "bucket" { + source = "github.com/binbashar/terraform-aws-s3-bucket.git?ref=v2.6.0" + + bucket = local.bucket_name + acl = "private" + force_destroy = true + + attach_deny_insecure_transport_policy = true + + server_side_encryption_configuration = { + rule = { + apply_server_side_encryption_by_default = { + sse_algorithm = "AES256" + } + } + } + + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true + + tags = local.tags +} diff --git a/apps-devstg/us-east-1/databases-mysql/locals.tf b/apps-devstg/us-east-1/databases-mysql/locals.tf new file mode 100644 index 000000000..5879674a5 --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/locals.tf @@ -0,0 +1,6 @@ +locals { + tags = { + Terraform = "true" + Environment = var.environment + } +} diff --git a/apps-devstg/us-east-1/databases-mysql/outputs.tf b/apps-devstg/us-east-1/databases-mysql/outputs.tf new file mode 100644 index 000000000..774bf4a03 --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/outputs.tf @@ -0,0 +1,4 @@ +output "bb_reference_db_id" { + description = "Postgres reference db id" + value = module.bb_mysql_db.db_instance_id +} diff --git a/apps-devstg/us-east-1/databases-mysql/variables.tf b/apps-devstg/us-east-1/databases-mysql/variables.tf new file mode 100644 index 000000000..9242376cf --- /dev/null +++ b/apps-devstg/us-east-1/databases-mysql/variables.tf @@ -0,0 +1,3 @@ +#================================# +# Local variables # +#================================# diff --git a/apps-prd/us-east-1/backups --/.terraform.lock.hcl b/apps-prd/us-east-1/backups --/.terraform.lock.hcl deleted file mode 100644 index 8282400e6..000000000 --- a/apps-prd/us-east-1/backups --/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.17.1" - constraints = ">= 3.20.0, ~> 4.0" - hashes = [ - "h1:wTtXjaZzaM1lLuXYsFP8X1JyZKOa+m3JAzdcaQOtiyM=", - "zh:095c2ad4e42667b6e4c599f3fb7c1d0755b762983474fd3916e89867c30871a2", - "zh:0a987960f796289db7eac887d03dcde0311005cbf625499f4eea0a8882295aeb", - "zh:1fbe5f897afe3a9e5a41c2ecd1f312e79fb6745367a53f7bad11704aedb3b3e2", - "zh:52687f0753fa05a744bd37bb40bcba8ac5e0838cdcd227035b9ccb151635e5f9", - "zh:629835a96c682f4e168c12f6d3c0631409d8e6d28165a283d2fe232c4a8ba75a", - "zh:6fa6e6fbdc0b0377d750a7960768e22f71d8bd97d30e289b823a3923eb92fce7", - "zh:8dfef513861a7c779b34e2f3ea5692f5fb1fb51aa1ee9de78bc755f5652cb597", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:baf507b37a667c773f46d9779277ab9de44a5432694ef95fe9ef03a6af70435f", - "zh:bd006bd8f1403f71be8f490e33ea1bcbdd8135678ebe3f1c3c0ebd82615d9b33", - "zh:dd0a61fb654837d186376b1dbccc8a93ed1e2f176e3663daac2d5bc9190c7895", - "zh:f8db068265495a48476a5ea68aa7148ceb046cbfaad308ef8e12d8fd6f463126", - ] -} diff --git a/apps-prd/us-east-1/security-certs/.terraform.lock.hcl b/apps-prd/us-east-1/security-certs/.terraform.lock.hcl deleted file mode 100644 index 97a4be74b..000000000 --- a/apps-prd/us-east-1/security-certs/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.15.1" - constraints = "~> 4.0" - hashes = [ - "h1:KPu3MdNXCScye05Sp4JlE9WwhS9k3yD9KRoRDHg5sDE=", - "zh:1d944144f8d613b8090c0c8391e4b205ca036086d70aceb4cdf664856fa8410c", - "zh:2a0ca16a6b12c0ac509f64512f80bd2ed6e7ea0ec369212efd4be3fa65e9773d", - "zh:3f9efdce4f1c320ffd061e8715e1d031deac1be0b959eaa60c25a274925653e4", - "zh:4cf82f3267b0c3e08be29b0345f711ab84ea1ea75f0e8ce81f5a2fe635ba67b4", - "zh:58474a0b7da438e1bcd53e87f10e28830836ff9b46cce5f09413c90952ae4f78", - "zh:6eb1be8afb0314b6b8424fe212b13beeb04f3f24692f0f3ee86c5153c7eb2e63", - "zh:8022da7d3b050d452ce6c679844e13729bdb4e1b3e75dcf68931af17a06b9277", - "zh:8e2683d00fff1df43440d6e7c04a2c1eb432c7d5dacff32fe8ce9045bc948fe6", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b0c22d9a306e8ac2de57b5291a3d0a7a2c1713e33b7d076005662451afdc4d29", - "zh:ba6b7d7d91388b636145b133da6b4e32620cdc8046352e2dc8f3f0f81ff5d2e2", - "zh:d38a816eb60f4419d99303136a3bb61a0d2df3ca8a1dce2ced9b99bf23efa9f7", - ] -} diff --git a/management/global/cost-mgmt/.terraform.lock.hcl b/management/global/cost-mgmt/.terraform.lock.hcl deleted file mode 100644 index 2b803b1c7..000000000 --- a/management/global/cost-mgmt/.terraform.lock.hcl +++ /dev/null @@ -1,21 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "3.75.1" - constraints = ">= 2.70.0, ~> 3.0" - hashes = [ - "h1:++H0a4igODgreQL3SJuRz71JZkC69rl41R8xLYM894o=", - "zh:11c2ee541ca1da923356c9225575ba294523d7b6af82d6171c912470ef0f90cd", - "zh:19fe975993664252b4a2ff1079546f2b186b01d1a025a94a4f15c37e023806c5", - "zh:442e7fc145b2debebe9279b283d07f5f736dc1776c2e5b1702728a6eb03789d0", - "zh:7a77991b204ae2c16ac29a32226135d5fdbda40c8dafa77c5adf5439a346be77", - "zh:89a257933181c15293c15a858fbfe7252129cc57cc2ec05b6c0b595d1bfe9d38", - "zh:b1813ea5b6b0fd88ea85b1b21b8e4119566d1bc34feca297b4fb39d0536893cb", - "zh:c519f3292ae431bd2381f88a95bd37c52f7a56d91feef88511e929344c180549", - "zh:d3dbe88b661c073c174f04f73adc2720372143bdfa12f4fe8f411332e64662cf", - "zh:e92a27e3c7295b031b5d62dd9428966c96e3157fc768b3d848a9ac60d1661c8e", - "zh:ecd664c0d664fcf2d8a89a01462cb00bcae37da200305aef2de1b8fe185c9cd8", - "zh:ed6ce1f9fa96aa28dd65842f852abed25f919d20b5cf53d26cec5b3f4d845725", - ] -} diff --git a/management/us-east-1/notifications/.terraform.lock.hcl b/management/us-east-1/notifications/.terraform.lock.hcl deleted file mode 100644 index 2beea99ce..000000000 --- a/management/us-east-1/notifications/.terraform.lock.hcl +++ /dev/null @@ -1,99 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "3.75.1" - constraints = ">= 3.0.0, ~> 3.2, >= 3.61.0" - hashes = [ - "h1:++H0a4igODgreQL3SJuRz71JZkC69rl41R8xLYM894o=", - "zh:11c2ee541ca1da923356c9225575ba294523d7b6af82d6171c912470ef0f90cd", - "zh:19fe975993664252b4a2ff1079546f2b186b01d1a025a94a4f15c37e023806c5", - "zh:442e7fc145b2debebe9279b283d07f5f736dc1776c2e5b1702728a6eb03789d0", - "zh:7a77991b204ae2c16ac29a32226135d5fdbda40c8dafa77c5adf5439a346be77", - "zh:89a257933181c15293c15a858fbfe7252129cc57cc2ec05b6c0b595d1bfe9d38", - "zh:b1813ea5b6b0fd88ea85b1b21b8e4119566d1bc34feca297b4fb39d0536893cb", - "zh:c519f3292ae431bd2381f88a95bd37c52f7a56d91feef88511e929344c180549", - "zh:d3dbe88b661c073c174f04f73adc2720372143bdfa12f4fe8f411332e64662cf", - "zh:e92a27e3c7295b031b5d62dd9428966c96e3157fc768b3d848a9ac60d1661c8e", - "zh:ecd664c0d664fcf2d8a89a01462cb00bcae37da200305aef2de1b8fe185c9cd8", - "zh:ed6ce1f9fa96aa28dd65842f852abed25f919d20b5cf53d26cec5b3f4d845725", - ] -} - -provider "registry.terraform.io/hashicorp/external" { - version = "2.2.2" - constraints = ">= 1.0.0" - hashes = [ - "h1:e7RpnZ2PbJEEPnfsg7V0FNwbfSk0/Z3FdrLsXINBmDY=", - "zh:0b84ab0af2e28606e9c0c1289343949339221c3ab126616b831ddb5aaef5f5ca", - "zh:10cf5c9b9524ca2e4302bf02368dc6aac29fb50aeaa6f7758cce9aa36ae87a28", - "zh:56a016ee871c8501acb3f2ee3b51592ad7c3871a1757b098838349b17762ba6b", - "zh:719d6ef39c50e4cffc67aa67d74d195adaf42afcf62beab132dafdb500347d39", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7fbfc4d37435ac2f717b0316f872f558f608596b389b895fcb549f118462d327", - "zh:8ac71408204db606ce63fe8f9aeaf1ddc7751d57d586ec421e62d440c402e955", - "zh:a4cacdb06f114454b6ed0033add28006afa3f65a0ea7a43befe45fc82e6809fb", - "zh:bb5ce3132b52ae32b6cc005bc9f7627b95259b9ffe556de4dad60d47d47f21f0", - "zh:bb60d2976f125ffd232a7ccb4b3f81e7109578b23c9c6179f13a11d125dca82a", - "zh:f9540ecd2e056d6e71b9ea5f5a5cf8f63dd5c25394b9db831083a9d4ea99b372", - "zh:ffd998b55b8a64d4335a090b6956b4bf8855b290f7554dd38db3302de9c41809", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.2.2" - constraints = ">= 1.0.0" - hashes = [ - "h1:5UYW2wJ320IggrzLt8tLD6MowePqycWtH1b2RInHZkE=", - "zh:027e4873c69da214e2fed131666d5de92089732a11d096b68257da54d30b6f9d", - "zh:0ba2216e16cfb72538d76a4c4945b4567a76f7edbfef926b1c5a08d7bba2a043", - "zh:1fee8f6aae1833c27caa96e156cf99a681b6f085e476d7e1b77d285e21d182c1", - "zh:2e8a3e72e877003df1c390a231e0d8e827eba9f788606e643f8e061218750360", - "zh:719008f9e262aa1523a6f9132adbe9eee93c648c2981f8359ce41a40e6425433", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:9a70fdbe6ef955c4919a4519caca116f34c19c7ddedd77990fbe4f80fe66dc84", - "zh:abc412423d670cbb6264827fa80e1ffdc4a74aff3f19ba6a239dd87b85b15bec", - "zh:ae953a62c94d2a2a0822e5717fafc54e454af57bd6ed02cd301b9786765c1dd3", - "zh:be0910bdf46698560f9e86f51a4ff795c62c02f8dc82b2b1dab77a0b3a93f61e", - "zh:e58f9083b7971919b95f553227adaa7abe864fce976f0166cf4d65fc17257ff2", - "zh:ff4f77cbdbb22cc98182821c7ef84dce16298ab0e997d5c7fae97247f7a4bcb0", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.1.1" - constraints = ">= 2.0.0" - hashes = [ - "h1:71sNUDvmiJcijsvfXpiLCz0lXIBSsEJjMxljt7hxMhw=", - "zh:063466f41f1d9fd0dd93722840c1314f046d8760b1812fa67c34de0afcba5597", - "zh:08c058e367de6debdad35fc24d97131c7cf75103baec8279aba3506a08b53faf", - "zh:73ce6dff935150d6ddc6ac4a10071e02647d10175c173cfe5dca81f3d13d8afe", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8fdd792a626413502e68c195f2097352bdc6a0df694f7df350ed784741eb587e", - "zh:976bbaf268cb497400fd5b3c774d218f3933271864345f18deebe4dcbfcd6afa", - "zh:b21b78ca581f98f4cdb7a366b03ae9db23a73dfa7df12c533d7c19b68e9e72e5", - "zh:b7fc0c1615dbdb1d6fd4abb9c7dc7da286631f7ca2299fb9cd4664258ccfbff4", - "zh:d1efc942b2c44345e0c29bc976594cb7278c38cfb8897b344669eafbc3cddf46", - "zh:e356c245b3cd9d4789bab010893566acace682d7db877e52d40fc4ca34a50924", - "zh:ea98802ba92fcfa8cf12cbce2e9e7ebe999afbf8ed47fa45fc847a098d89468b", - "zh:eff8872458806499889f6927b5d954560f3d74bf20b6043409edf94d26cd906f", - ] -} - -provider "registry.terraform.io/hashicorp/vault" { - version = "2.18.0" - constraints = "~> 2.18.0" - hashes = [ - "h1:ebkgHY+/QlBAaU/uYSsIidvlsRel80u0lQzsDcKAIeA=", - "zh:23d0ae08554839844249689524c8b07195479ee3dd05700e7aa1c4e012e79f72", - "zh:33f4ceca11e3d2806d8ff6fc55c43a54402d28a0b3a1bc7fb038ea8f0969601a", - "zh:3b1e88302a41fbb4da068a3e809b92689daece97ac1dde3230e9dfe477be8b1f", - "zh:422ef259e4a8e171f96e3e21a6c1cf9043c4f6bdcbc0f50b8add5694c65450dd", - "zh:7588e76fe7650803f99ab3035e0990c9c865305f3adc693bc09bc5580cb1b97f", - "zh:8fe921fcd952597ddd971e0f697ea3f7720789c75abb1b69df497f558e1520be", - "zh:9a46a788534c6d8889f05b8f40487d93fab49fa0885e187c06fcb3551d278d28", - "zh:a3e9e47a52d763274b0406ec2e12e9963e70c12631676336cd4feb4d9f7e02a3", - "zh:ddbaf058988a27ec6ffc8e0d42a6d8a47012064cbe0bec36bb1399f4ac38f63f", - "zh:e847e836ab4d8bc451f55025213d184d85b8d3fdf0bc44d9914dae3b3e0d962f", - ] -} diff --git a/management/us-east-1/security-keys/.terraform.lock.hcl b/management/us-east-1/security-keys/.terraform.lock.hcl deleted file mode 100644 index 2c35708f2..000000000 --- a/management/us-east-1/security-keys/.terraform.lock.hcl +++ /dev/null @@ -1,61 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "3.75.1" - constraints = ">= 3.0.0, ~> 3.0" - hashes = [ - "h1:++H0a4igODgreQL3SJuRz71JZkC69rl41R8xLYM894o=", - "zh:11c2ee541ca1da923356c9225575ba294523d7b6af82d6171c912470ef0f90cd", - "zh:19fe975993664252b4a2ff1079546f2b186b01d1a025a94a4f15c37e023806c5", - "zh:442e7fc145b2debebe9279b283d07f5f736dc1776c2e5b1702728a6eb03789d0", - "zh:7a77991b204ae2c16ac29a32226135d5fdbda40c8dafa77c5adf5439a346be77", - "zh:89a257933181c15293c15a858fbfe7252129cc57cc2ec05b6c0b595d1bfe9d38", - "zh:b1813ea5b6b0fd88ea85b1b21b8e4119566d1bc34feca297b4fb39d0536893cb", - "zh:c519f3292ae431bd2381f88a95bd37c52f7a56d91feef88511e929344c180549", - "zh:d3dbe88b661c073c174f04f73adc2720372143bdfa12f4fe8f411332e64662cf", - "zh:e92a27e3c7295b031b5d62dd9428966c96e3157fc768b3d848a9ac60d1661c8e", - "zh:ecd664c0d664fcf2d8a89a01462cb00bcae37da200305aef2de1b8fe185c9cd8", - "zh:ed6ce1f9fa96aa28dd65842f852abed25f919d20b5cf53d26cec5b3f4d845725", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.2.2" - constraints = ">= 1.3.0" - hashes = [ - "h1:5UYW2wJ320IggrzLt8tLD6MowePqycWtH1b2RInHZkE=", - "zh:027e4873c69da214e2fed131666d5de92089732a11d096b68257da54d30b6f9d", - "zh:0ba2216e16cfb72538d76a4c4945b4567a76f7edbfef926b1c5a08d7bba2a043", - "zh:1fee8f6aae1833c27caa96e156cf99a681b6f085e476d7e1b77d285e21d182c1", - "zh:2e8a3e72e877003df1c390a231e0d8e827eba9f788606e643f8e061218750360", - "zh:719008f9e262aa1523a6f9132adbe9eee93c648c2981f8359ce41a40e6425433", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:9a70fdbe6ef955c4919a4519caca116f34c19c7ddedd77990fbe4f80fe66dc84", - "zh:abc412423d670cbb6264827fa80e1ffdc4a74aff3f19ba6a239dd87b85b15bec", - "zh:ae953a62c94d2a2a0822e5717fafc54e454af57bd6ed02cd301b9786765c1dd3", - "zh:be0910bdf46698560f9e86f51a4ff795c62c02f8dc82b2b1dab77a0b3a93f61e", - "zh:e58f9083b7971919b95f553227adaa7abe864fce976f0166cf4d65fc17257ff2", - "zh:ff4f77cbdbb22cc98182821c7ef84dce16298ab0e997d5c7fae97247f7a4bcb0", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.1.1" - constraints = ">= 2.0.0" - hashes = [ - "h1:71sNUDvmiJcijsvfXpiLCz0lXIBSsEJjMxljt7hxMhw=", - "zh:063466f41f1d9fd0dd93722840c1314f046d8760b1812fa67c34de0afcba5597", - "zh:08c058e367de6debdad35fc24d97131c7cf75103baec8279aba3506a08b53faf", - "zh:73ce6dff935150d6ddc6ac4a10071e02647d10175c173cfe5dca81f3d13d8afe", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8fdd792a626413502e68c195f2097352bdc6a0df694f7df350ed784741eb587e", - "zh:976bbaf268cb497400fd5b3c774d218f3933271864345f18deebe4dcbfcd6afa", - "zh:b21b78ca581f98f4cdb7a366b03ae9db23a73dfa7df12c533d7c19b68e9e72e5", - "zh:b7fc0c1615dbdb1d6fd4abb9c7dc7da286631f7ca2299fb9cd4664258ccfbff4", - "zh:d1efc942b2c44345e0c29bc976594cb7278c38cfb8897b344669eafbc3cddf46", - "zh:e356c245b3cd9d4789bab010893566acace682d7db877e52d40fc4ca34a50924", - "zh:ea98802ba92fcfa8cf12cbce2e9e7ebe999afbf8ed47fa45fc847a098d89468b", - "zh:eff8872458806499889f6927b5d954560f3d74bf20b6043409edf94d26cd906f", - ] -} diff --git a/shared/us-east-1/backups/.terraform.lock.hcl b/shared/us-east-1/backups/.terraform.lock.hcl deleted file mode 100644 index 06fd72aa6..000000000 --- a/shared/us-east-1/backups/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.17.1" - constraints = ">= 3.20.0, ~> 4.10" - hashes = [ - "h1:wTtXjaZzaM1lLuXYsFP8X1JyZKOa+m3JAzdcaQOtiyM=", - "zh:095c2ad4e42667b6e4c599f3fb7c1d0755b762983474fd3916e89867c30871a2", - "zh:0a987960f796289db7eac887d03dcde0311005cbf625499f4eea0a8882295aeb", - "zh:1fbe5f897afe3a9e5a41c2ecd1f312e79fb6745367a53f7bad11704aedb3b3e2", - "zh:52687f0753fa05a744bd37bb40bcba8ac5e0838cdcd227035b9ccb151635e5f9", - "zh:629835a96c682f4e168c12f6d3c0631409d8e6d28165a283d2fe232c4a8ba75a", - "zh:6fa6e6fbdc0b0377d750a7960768e22f71d8bd97d30e289b823a3923eb92fce7", - "zh:8dfef513861a7c779b34e2f3ea5692f5fb1fb51aa1ee9de78bc755f5652cb597", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:baf507b37a667c773f46d9779277ab9de44a5432694ef95fe9ef03a6af70435f", - "zh:bd006bd8f1403f71be8f490e33ea1bcbdd8135678ebe3f1c3c0ebd82615d9b33", - "zh:dd0a61fb654837d186376b1dbccc8a93ed1e2f176e3663daac2d5bc9190c7895", - "zh:f8db068265495a48476a5ea68aa7148ceb046cbfaad308ef8e12d8fd6f463126", - ] -}