Skip to content

Commit

Permalink
Merge pull request #4796 from ministryofjustice/ifs-ecs
Browse files Browse the repository at this point in the history
add-ecs-cluster
  • Loading branch information
roncitrus authored Feb 9, 2024
2 parents b2de1d1 + 359435a commit 0db166a
Show file tree
Hide file tree
Showing 8 changed files with 743 additions and 2 deletions.
10 changes: 9 additions & 1 deletion terraform/environments/cdpt-ifs/application_variables.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@
{
"accounts": {
"development": {
"example_var": "dev-data"
"environment_name": "development",
"container_port": 80,
"client_id": "838aa730-5f66-46df-9ff7-07eea29035ba",
"ami_image_id": "ami-06cdd5b44c17085ed",
"instance_type": "t3.micro",
"app_count": 1,
"ec2_desired_capacity": 1,
"ec2_max_size": 2,
"ec2_min_size": 1
},
"test": {
"example_var": "test-data"
Expand Down
13 changes: 13 additions & 0 deletions terraform/environments/cdpt-ifs/bastion_linux.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"keys": {
"development": {
"acurtis": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7Z+QprFiensJ1Kw08i9shm5lfritcI3/71nrDu2S3H [email protected]"
},
"preproduction": {
"acurtis": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7Z+QprFiensJ1Kw08i9shm5lfritcI3/71nrDu2S3H [email protected]"
},
"production": {
"acurtis": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7Z+QprFiensJ1Kw08i9shm5lfritcI3/71nrDu2S3H [email protected]"
}
}
}
38 changes: 38 additions & 0 deletions terraform/environments/cdpt-ifs/bastion_linux.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
locals {
public_key_data = jsondecode(file("./bastion_linux.json"))
}

module "bastion_linux" {
source = "github.com/ministryofjustice/modernisation-platform-terraform-bastion-linux?ref=v4.0.0"

providers = {
aws.share-host = aws.core-vpc # core-vpc-(environment) holds the networking for all accounts
aws.share-tenant = aws # The default provider (unaliased, `aws`) is the tenant
}

# s3 - used for logs and user ssh public keys
bucket_name = "bastion"
bucket_versioning = true
bucket_force_destroy = true
# public keys
public_key_data = local.public_key_data.keys[local.environment]
# logs
log_auto_clean = "Enabled"
log_standard_ia_days = 30 # days before moving to IA storage
log_glacier_days = 60 # days before moving to Glacier
log_expiry_days = 180 # days before log expiration
# bastion
allow_ssh_commands = false

app_name = var.networking[0].application
business_unit = local.vpc_name
subnet_set = local.subnet_set
environment = local.environment
region = "eu-west-2"

extra_user_data_content = "yum install -y openldap-clients"

# Tags
tags_common = local.tags
tags_prefix = terraform.workspace
}
Loading

0 comments on commit 0db166a

Please sign in to comment.