Skip to content
This repository was archived by the owner on Jan 25, 2023. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: hashicorp/terraform-aws-vault
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: wealthfit/terraform-aws-vault
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 1 commit
  • 3 files changed
  • 1 contributor

Commits on Jan 27, 2020

  1. feat(terragrunt): removes name prefix. adds support for remote state … 

    …and provider
    @kawikadkekahuna
    kawikadkekahuna committed Jan 27, 2020
    Copy the full SHA
    e2d448b View commit details
Showing with 32 additions and 8 deletions.
  1. +14 −6 modules/vault-cluster/main.tf
  2. +9 −1 modules/vault-elb/main.tf
  3. +9 −1 modules/vault-security-group-rules/main.tf
20 changes: 14 additions & 6 deletions modules/vault-cluster/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,13 @@
# ----------------------------------------------------------------------------------------------------------------------
# Set S3 Backend for remote state and specify region
# ----------------------------------------------------------------------------------------------------------------------
terraform {
backend "s3" {}
}
provider "aws" {
region = "us-west-2"
}
# ----------------------------------------------------------------------------------------------------------------------
# REQUIRE A SPECIFIC TERRAFORM VERSION OR HIGHER
# This module has been updated with 0.12 syntax, which means it is no longer compatible with any versions below 0.12.
# ----------------------------------------------------------------------------------------------------------------------
@@ -11,7 +20,7 @@ terraform {
# ---------------------------------------------------------------------------------------------------------------------

resource "aws_autoscaling_group" "autoscaling_group" {
name_prefix = var.cluster_name
// name_prefix = var.cluster_name

launch_configuration = aws_launch_configuration.launch_configuration.name

@@ -82,7 +91,7 @@ resource "aws_autoscaling_group" "autoscaling_group" {
# ---------------------------------------------------------------------------------------------------------------------

resource "aws_launch_configuration" "launch_configuration" {
name_prefix = "${var.cluster_name}-"
// name_prefix = "${var.cluster_name}-"
image_id = var.ami_id
instance_type = var.instance_type
user_data = var.user_data
@@ -129,7 +138,7 @@ resource "aws_launch_configuration" "launch_configuration" {
# ---------------------------------------------------------------------------------------------------------------------

resource "aws_security_group" "lc_security_group" {
name_prefix = var.cluster_name
// name_prefix = var.cluster_name
description = "Security group for the ${var.cluster_name} launch configuration"
vpc_id = var.vpc_id

@@ -203,7 +212,7 @@ module "security_group_rules" {
# ---------------------------------------------------------------------------------------------------------------------

resource "aws_iam_instance_profile" "instance_profile" {
name_prefix = var.cluster_name
// name_prefix = var.cluster_name
path = var.instance_profile_path
role = aws_iam_role.instance_role.name

@@ -216,7 +225,7 @@ resource "aws_iam_instance_profile" "instance_profile" {
}

resource "aws_iam_role" "instance_role" {
name_prefix = var.cluster_name
// name_prefix = var.cluster_name
assume_role_policy = data.aws_iam_policy_document.instance_role.json

# aws_iam_instance_profile.instance_profile in this module sets create_before_destroy to true, which means
@@ -329,4 +338,3 @@ resource "aws_iam_role_policy" "vault_auto_unseal_kms" {
create_before_destroy = true
}
}

10 changes: 9 additions & 1 deletion modules/vault-elb/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,13 @@
# ----------------------------------------------------------------------------------------------------------------------
# Set S3 Backend for remote state and specify region
# ----------------------------------------------------------------------------------------------------------------------
terraform {
backend "s3" {}
}
provider "aws" {
region = "us-west-2"
}
# ----------------------------------------------------------------------------------------------------------------------
# REQUIRE A SPECIFIC TERRAFORM VERSION OR HIGHER
# This module has been updated with 0.12 syntax, which means it is no longer compatible with any versions below 0.12.
# ----------------------------------------------------------------------------------------------------------------------
@@ -109,4 +118,3 @@ resource "aws_route53_record" "vault_elb" {
evaluate_target_health = false
}
}

10 changes: 9 additions & 1 deletion modules/vault-security-group-rules/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
# ----------------------------------------------------------------------------------------------------------------------
# Set S3 Backend for remote state and specify region
# ----------------------------------------------------------------------------------------------------------------------
terraform {
backend "s3" {}
}
provider "aws" {
region = "us-west-2"
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE SECURITY GROUP RULES THAT CONTROL WHAT TRAFFIC CAN GO IN AND OUT OF A VAULT CLUSTER
# ---------------------------------------------------------------------------------------------------------------------
@@ -43,4 +52,3 @@ resource "aws_security_group_rule" "allow_cluster_inbound_from_self_api" {

security_group_id = var.security_group_id
}