From b3416565967dd1b4fb24f6308678a01421e73756 Mon Sep 17 00:00:00 2001 From: Alis Akers Date: Tue, 17 Sep 2024 13:59:24 -0700 Subject: [PATCH] setup formatting and docs generation scripts --- terraform/aws/implementation/README.md | 43 +++++++ terraform/aws/implementation/main.tf | 34 +++--- .../implementation/modules/cognito/README.md | 39 +++++++ .../aws/implementation/modules/eks/README.md | 91 +++++++++++++++ .../aws/implementation/modules/eks/main.tf | 1 - .../aws/implementation/modules/rds/README.md | 52 +++++++++ .../aws/implementation/modules/rds/output.tf | 2 +- .../implementation/modules/rds/variables.tf | 4 +- .../implementation/modules/route53/README.md | 40 +++++++ .../aws/implementation/modules/s3/README.md | 40 +++++++ terraform/aws/setup/README.md | 37 ++++++ terraform/azure/implementation/README.md | 107 ++++++++++++++++++ terraform/azure/setup/README.md | 37 ++++++ terraform/utilities/generate_tf_docs.sh | 14 +++ terraform/utilities/tf_fmt.sh | 3 + 15 files changed, 523 insertions(+), 21 deletions(-) create mode 100644 terraform/aws/implementation/README.md create mode 100644 terraform/aws/implementation/modules/cognito/README.md create mode 100644 terraform/aws/implementation/modules/eks/README.md create mode 100644 terraform/aws/implementation/modules/rds/README.md create mode 100644 terraform/aws/implementation/modules/route53/README.md create mode 100644 terraform/aws/implementation/modules/s3/README.md create mode 100644 terraform/aws/setup/README.md create mode 100644 terraform/azure/implementation/README.md create mode 100644 terraform/azure/setup/README.md create mode 100755 terraform/utilities/generate_tf_docs.sh create mode 100755 terraform/utilities/tf_fmt.sh diff --git a/terraform/aws/implementation/README.md b/terraform/aws/implementation/README.md new file mode 100644 index 00000000..97951f08 --- /dev/null +++ b/terraform/aws/implementation/README.md @@ -0,0 +1,43 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [aws](#requirement\_aws) | =5.61.0 | +| [external](#requirement\_external) | = 2.3.3 | +| [helm](#requirement\_helm) | = 2.12.1 | +| [kubectl](#requirement\_kubectl) | >= 1.14.0 | +| [kubernetes](#requirement\_kubernetes) | = 2.25.2 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [cognito](#module\_cognito) | ./modules/cognito | n/a | +| [eks](#module\_eks) | ./modules/eks | n/a | +| [rds](#module\_rds) | ./modules/rds | n/a | +| [route53](#module\_route53) | ./modules/route53 | n/a | +| [s3](#module\_s3) | ./modules/s3 | n/a | +| [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [enable\_cognito](#input\_enable\_cognito) | Enable Cognito | `bool` | `true` | no | +| [region](#input\_region) | AWS region | `string` | `"us-east-1"` | no | +| [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes | +| [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/terraform/aws/implementation/main.tf b/terraform/aws/implementation/main.tf index 87510318..11d83268 100644 --- a/terraform/aws/implementation/main.tf +++ b/terraform/aws/implementation/main.tf @@ -31,24 +31,24 @@ module "vpc" { } module "eks" { - source = "./modules/eks" - region = var.region - eks_name = local.name - vpc_id = module.vpc.vpc_id - public_subnet_ids = module.vpc.public_subnets - private_subnet_ids = module.vpc.private_subnets - smarty_auth_id = var.smarty_auth_id - smarty_auth_token = var.smarty_auth_token - aws_acm_certificate_arn = module.route53.aws_acm_certificate_arn - ecr_viewer_s3_role_arn = module.s3.ecr_viewer_s3_role_arn - tefca_viewer_db_role_arn = module.rds.tefca_viewer_db_role_arn + source = "./modules/eks" + region = var.region + eks_name = local.name + vpc_id = module.vpc.vpc_id + public_subnet_ids = module.vpc.public_subnets + private_subnet_ids = module.vpc.private_subnets + smarty_auth_id = var.smarty_auth_id + smarty_auth_token = var.smarty_auth_token + aws_acm_certificate_arn = module.route53.aws_acm_certificate_arn + ecr_viewer_s3_role_arn = module.s3.ecr_viewer_s3_role_arn + tefca_viewer_db_role_arn = module.rds.tefca_viewer_db_role_arn tefca_db_connection_string = module.rds.tefca_db_connection_string - domain_name = local.domain_name - ecr_bucket_name = module.s3.ecr_bucket_name - enable_cognito = var.enable_cognito - cognito_user_pool_arn = module.cognito.cognito_user_pool_arn - cognito_client_id = module.cognito.cognito_client_id - cognito_domain = module.cognito.cognito_domain + domain_name = local.domain_name + ecr_bucket_name = module.s3.ecr_bucket_name + enable_cognito = var.enable_cognito + cognito_user_pool_arn = module.cognito.cognito_user_pool_arn + cognito_client_id = module.cognito.cognito_client_id + cognito_domain = module.cognito.cognito_domain } module "route53" { diff --git a/terraform/aws/implementation/modules/cognito/README.md b/terraform/aws/implementation/modules/cognito/README.md new file mode 100644 index 00000000..1c68d881 --- /dev/null +++ b/terraform/aws/implementation/modules/cognito/README.md @@ -0,0 +1,39 @@ + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_cognito_user.admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource | +| [aws_cognito_user.dibbs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource | +| [aws_cognito_user_pool.pool](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool) | resource | +| [aws_cognito_user_pool_client.client](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource | +| [aws_cognito_user_pool_domain.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_domain) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [domain\_name](#input\_domain\_name) | The domain name for ALB | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [cognito\_client\_id](#output\_cognito\_client\_id) | n/a | +| [cognito\_domain](#output\_cognito\_domain) | n/a | +| [cognito\_user\_pool\_arn](#output\_cognito\_user\_pool\_arn) | n/a | + \ No newline at end of file diff --git a/terraform/aws/implementation/modules/eks/README.md b/terraform/aws/implementation/modules/eks/README.md new file mode 100644 index 00000000..791059ad --- /dev/null +++ b/terraform/aws/implementation/modules/eks/README.md @@ -0,0 +1,91 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [kubectl](#requirement\_kubectl) | >= 1.14.0 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | +| [external](#provider\_external) | n/a | +| [helm](#provider\_helm) | n/a | +| [kubectl](#provider\_kubectl) | >= 1.14.0 | +| [kubernetes](#provider\_kubernetes) | n/a | +| [terraform](#provider\_terraform) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [eks-cluster](#module\_eks-cluster) | terraform-aws-modules/eks/aws | 19.21.0 | +| [eks\_blueprints\_addons](#module\_eks\_blueprints\_addons) | aws-ia/eks-blueprints-addons/aws | ~> 1.14 | + +## Resources + +| Name | Type | +|------|------| +| [aws_iam_policy.cloudwatch_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_policy.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.eks_service_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [helm_release.building_blocks](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | +| [helm_release.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | +| [kubectl_manifest.cluster_role](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.cluster_role_binding](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.ingress](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.load_balancer_controller_crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.load_balancer_service_account](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.logging_config_map](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubernetes_namespace_v1.aws_observability](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource | +| [terraform_data.helm_setup](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource | +| [terraform_data.kubeconfig](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource | +| [terraform_data.wait_for_load_balancer_controller](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_ecrpublic_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecrpublic_authorization_token) | data source | +| [aws_eks_cluster_auth.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source | +| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.cloudwatch_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.eks_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [external_external.chart_versions](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source | +| [external_external.latest_phdi_release](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source | +| [kubectl_file_documents.ingress](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source | +| [kubectl_file_documents.load_balancer_controller_crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source | +| [kubectl_file_documents.load_balancer_service_account](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source | +| [kubectl_file_documents.logging_config_map](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source | +| [kubectl_path_documents.cluster_role](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source | +| [kubectl_path_documents.cluster_role_binding](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [aws\_acm\_certificate\_arn](#input\_aws\_acm\_certificate\_arn) | The ARN of the ACM certificate | `any` | n/a | yes | +| [cognito\_client\_id](#input\_cognito\_client\_id) | The ID of the Cognito user pool client | `any` | n/a | yes | +| [cognito\_domain](#input\_cognito\_domain) | The domain of the Cognito user pool | `any` | n/a | yes | +| [cognito\_user\_pool\_arn](#input\_cognito\_user\_pool\_arn) | The ARN of the Cognito user pool | `any` | n/a | yes | +| [domain\_name](#input\_domain\_name) | The domain name to use | `string` | n/a | yes | +| [ecr\_bucket\_name](#input\_ecr\_bucket\_name) | The name of the ECR bucket | `string` | n/a | yes | +| [ecr\_viewer\_s3\_role\_arn](#input\_ecr\_viewer\_s3\_role\_arn) | The s3 Role ARN for the ECR Viewer Service | `any` | n/a | yes | +| [eks\_name](#input\_eks\_name) | n/a | `string` | `"phdi-playground-eks"` | no | +| [enable\_cognito](#input\_enable\_cognito) | Enable Cognito | `bool` | `true` | no | +| [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs | `list(string)` | n/a | yes | +| [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet IDs | `list(string)` | n/a | yes | +| [region](#input\_region) | n/a | `string` | `"us-east-1"` | no | +| [services\_to\_chart](#input\_services\_to\_chart) | Note: The chart names are limited to 15 characters | `map(string)` | 
{
  "ecr-viewer": "ecr-viewer",
  "fhir-converter": "fhir-converter",
  "ingestion": "ingestion",
  "message-parser": "message-parser",
  "message-refiner": "message-refiner",
  "orchestration": "orchestration",
  "tefca-viewer": "tefca-viewer",
  "trigger-code-reference": "trigger-code-reference",
  "validation": "validation"
}
| no | +| [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes | +| [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes | +| [tefca\_db\_connection\_string](#input\_tefca\_db\_connection\_string) | Connection string to the tefca database | `any` | n/a | yes | +| [tefca\_viewer\_db\_role\_arn](#input\_tefca\_viewer\_db\_role\_arn) | The db Role ARN for the Tefca Viewer Service | `any` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [eks\_assume\_role\_policy](#output\_eks\_assume\_role\_policy) | n/a | +| [ingress\_created](#output\_ingress\_created) | n/a | + \ No newline at end of file diff --git a/terraform/aws/implementation/modules/eks/main.tf b/terraform/aws/implementation/modules/eks/main.tf index f7276c7d..c125dbf4 100644 --- a/terraform/aws/implementation/modules/eks/main.tf +++ b/terraform/aws/implementation/modules/eks/main.tf @@ -309,7 +309,6 @@ resource "helm_release" "building_blocks" { set { name = "databaseUrl" value = var.tefca_db_connection_string - # postgres://postgres:pw@db:5432/tefca_db } set { diff --git a/terraform/aws/implementation/modules/rds/README.md b/terraform/aws/implementation/modules/rds/README.md new file mode 100644 index 00000000..fbf40593 --- /dev/null +++ b/terraform/aws/implementation/modules/rds/README.md @@ -0,0 +1,52 @@ + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | +| [random](#provider\_random) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_db_instance.tefca-viewer-db](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance) | resource | +| [aws_db_parameter_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_parameter_group) | resource | +| [aws_db_subnet_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_subnet_group) | resource | +| [aws_iam_policy.db_tefca_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.db_role_for_tefca_viewer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.db_tefca_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_security_group.ds_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource | +| [random_string.setup_rds_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource | +| [aws_iam_policy_document.tefca_viewer_db_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [db\_identifier](#input\_db\_identifier) | Name of RDS Instance | `string` | `"tefca-viewer-db"` | no | +| [db\_username](#input\_db\_username) | Username of RDS Instance | `string` | `"tefcaViewerDbUser"` | no | +| [eks\_assume\_role\_policy](#input\_eks\_assume\_role\_policy) | n/a | `string` | n/a | yes | +| [engine\_type](#input\_engine\_type) | Engine of RDS Instance | `string` | `"postgres"` | no | +| [engine\_version](#input\_engine\_version) | Engine Version of RDS Instance | `string` | `"16.3"` | no | +| [family](#input\_family) | RDS Family | `string` | `"postgres16"` | no | +| [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs | `list(string)` | n/a | yes | +| [region](#input\_region) | n/a | `string` | `"us-east-1"` | no | +| [tefca\_db\_name](#input\_tefca\_db\_name) | The name of the tefca database | `string` | `"tefca_db"` | no | +| [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [tefca\_db\_connection\_string](#output\_tefca\_db\_connection\_string) | n/a | +| [tefca\_viewer\_db\_role\_arn](#output\_tefca\_viewer\_db\_role\_arn) | n/a | + \ No newline at end of file diff --git a/terraform/aws/implementation/modules/rds/output.tf b/terraform/aws/implementation/modules/rds/output.tf index c64c3451..5a47f3dd 100644 --- a/terraform/aws/implementation/modules/rds/output.tf +++ b/terraform/aws/implementation/modules/rds/output.tf @@ -3,6 +3,6 @@ output "tefca_viewer_db_role_arn" { } output "tefca_db_connection_string" { - value = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}" + value = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}" sensitive = true } diff --git a/terraform/aws/implementation/modules/rds/variables.tf b/terraform/aws/implementation/modules/rds/variables.tf index e4163ba9..3a6384c3 100644 --- a/terraform/aws/implementation/modules/rds/variables.tf +++ b/terraform/aws/implementation/modules/rds/variables.tf @@ -50,7 +50,7 @@ variable "vpc_id" { variable "tefca_db_name" { - type = string + type = string description = "The name of the tefca database" - default = "tefca_db" + default = "tefca_db" } \ No newline at end of file diff --git a/terraform/aws/implementation/modules/route53/README.md b/terraform/aws/implementation/modules/route53/README.md new file mode 100644 index 00000000..cf2c9d70 --- /dev/null +++ b/terraform/aws/implementation/modules/route53/README.md @@ -0,0 +1,40 @@ + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_acm_certificate.site_cert](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource | +| [aws_acm_certificate_validation.site_cert_validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource | +| [aws_route53_record.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | +| [aws_route53_record.site_cert_dns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | +| [aws_route53domains_registered_domain.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53domains_registered_domain) | resource | +| [aws_lb.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source | +| [aws_route53_zone.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [domain\_name](#input\_domain\_name) | The domain name to use for the Route53 hosted zone | `string` | `"dibbs.cloud"` | no | +| [ingress\_created](#input\_ingress\_created) | The ID of the Kubernetes Ingress resource | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [aws\_acm\_certificate\_arn](#output\_aws\_acm\_certificate\_arn) | n/a | + \ No newline at end of file diff --git a/terraform/aws/implementation/modules/s3/README.md b/terraform/aws/implementation/modules/s3/README.md new file mode 100644 index 00000000..14692d5f --- /dev/null +++ b/terraform/aws/implementation/modules/s3/README.md @@ -0,0 +1,40 @@ + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_iam_policy.s3_bucket_ecr_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | +| [aws_iam_role.s3_role_for_ecr_viewer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.s3_bucket_ecr_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_s3_bucket.s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | +| [aws_iam_policy_document.ecr_viewer_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [eks\_assume\_role\_policy](#input\_eks\_assume\_role\_policy) | n/a | `string` | n/a | yes | +| [region](#input\_region) | n/a | `string` | `"us-east-1"` | no | +| [s3\_name](#input\_s3\_name) | n/a | `string` | `"processed-ecr-files"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [ecr\_bucket\_name](#output\_ecr\_bucket\_name) | n/a | +| [ecr\_viewer\_s3\_role\_arn](#output\_ecr\_viewer\_s3\_role\_arn) | n/a | + \ No newline at end of file diff --git a/terraform/aws/setup/README.md b/terraform/aws/setup/README.md new file mode 100644 index 00000000..5c43a61b --- /dev/null +++ b/terraform/aws/setup/README.md @@ -0,0 +1,37 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [aws](#requirement\_aws) | =5.61.0 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | =5.61.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_dynamodb_table.tfstate_lock](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/dynamodb_table) | resource | +| [aws_s3_bucket.tfstate](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket) | resource | +| [aws_s3_bucket_public_access_block.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_public_access_block) | resource | +| [aws_s3_bucket_server_side_encryption_configuration.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_server_side_encryption_configuration) | resource | +| [aws_s3_bucket_versioning.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_versioning) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [region](#input\_region) | AWS region | `string` | `"us-east-1"` | no | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/terraform/azure/implementation/README.md b/terraform/azure/implementation/README.md new file mode 100644 index 00000000..de1eccb8 --- /dev/null +++ b/terraform/azure/implementation/README.md @@ -0,0 +1,107 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [azapi](#requirement\_azapi) | = 1.8.0 | +| [azuread](#requirement\_azuread) | = 2.41.0 | +| [azurerm](#requirement\_azurerm) | = 3.69.0 | +| [helm](#requirement\_helm) | = 2.10.1 | +| [kubectl](#requirement\_kubectl) | >= 1.14.0 | +| [random](#requirement\_random) | = 3.5.1 | + +## Providers + +| Name | Version | +|------|---------| +| [azapi](#provider\_azapi) | = 1.8.0 | +| [azuread](#provider\_azuread) | = 2.41.0 | +| [azurerm](#provider\_azurerm) | = 3.69.0 | +| [helm](#provider\_helm) | = 2.10.1 | +| [kubectl](#provider\_kubectl) | >= 1.14.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azapi_resource.ssh_public_key](https://registry.terraform.io/providers/azure/azapi/1.8.0/docs/resources/resource) | resource | +| [azapi_resource_action.ssh_public_key_gen](https://registry.terraform.io/providers/azure/azapi/1.8.0/docs/resources/resource_action) | resource | +| [azuread_application.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/application) | resource | +| [azuread_service_principal.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/service_principal) | resource | +| [azuread_service_principal_password.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/service_principal_password) | resource | +| [azurerm_application_gateway.network](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/application_gateway) | resource | +| [azurerm_kubernetes_cluster.k8s](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/kubernetes_cluster) | resource | +| [azurerm_linux_web_app.playground_webapp](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/linux_web_app) | resource | +| [azurerm_portal_dashboard.pipeline_metrics](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/portal_dashboard) | resource | +| [azurerm_public_ip.aks](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/public_ip) | resource | +| [azurerm_role_assignment.app_gateway_subnet_network_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource | +| [azurerm_role_assignment.gateway_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource | +| [azurerm_role_assignment.monitoring_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource | +| [azurerm_role_assignment.public_ip_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource | +| [azurerm_role_assignment.resource_group_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource | +| [azurerm_service_plan.playground_appserviceplan](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/service_plan) | resource | +| [azurerm_virtual_network.aks_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/virtual_network) | resource | +| [helm_release.agic](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource | +| [helm_release.building_blocks](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource | +| [helm_release.cert_manager](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource | +| [helm_release.keda](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource | +| [kubectl_manifest.cert_manager_issuer](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.keda_scaled_object](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.keda_secret](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [kubectl_manifest.keda_trigger](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource | +| [azuread_client_config.current](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/data-sources/client_config) | data source | +| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/client_config) | data source | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/resource_group) | data source | +| [azurerm_subnet.appgwsubnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/subnet) | data source | +| [azurerm_subnet.kubesubnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/subnet) | data source | +| [kubectl_path_documents.keda_scaled_object](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source | +| [kubectl_path_documents.keda_secret](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source | +| [kubectl_path_documents.keda_trigger](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [aks\_agent\_count](#input\_aks\_agent\_count) | The number of agent nodes for the cluster. | `number` | `1` | no | +| [aks\_agent\_os\_disk\_size](#input\_aks\_agent\_os\_disk\_size) | Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 applies the default disk size for that agentVMSize. | `number` | `40` | no | +| [aks\_agent\_vm\_size](#input\_aks\_agent\_vm\_size) | VM size | `string` | `"Standard_D2_v2"` | no | +| [aks\_dns\_service\_ip](#input\_aks\_dns\_service\_ip) | DNS server IP address | `string` | `"10.0.0.10"` | no | +| [aks\_enable\_rbac](#input\_aks\_enable\_rbac) | Enable RBAC on the AKS cluster. Defaults to false. | `bool` | `"false"` | no | +| [aks\_service\_cidr](#input\_aks\_service\_cidr) | CIDR notation IP range from which to assign service cluster IPs | `string` | `"10.0.0.0/16"` | no | +| [app\_gateway\_sku](#input\_app\_gateway\_sku) | Name of the Application Gateway SKU | `string` | `"Standard_v2"` | no | +| [app\_gateway\_subnet\_address\_prefix](#input\_app\_gateway\_subnet\_address\_prefix) | Subnet server IP address. | `string` | `"10.30.2.0/24"` | no | +| [app\_gateway\_tier](#input\_app\_gateway\_tier) | Tier of the Application Gateway tier | `string` | `"Standard_v2"` | no | +| [client\_id](#input\_client\_id) | Client ID | `any` | n/a | yes | +| [k8s\_subnet\_address\_prefix](#input\_k8s\_subnet\_address\_prefix) | Ip address space for kubernetes subnet vnet | `string` | `"10.30.1.0/24"` | no | +| [k8s\_vnet\_address\_space](#input\_k8s\_vnet\_address\_space) | Ip address space for kubernetes vnet | `string` | `"10.30.0.0/16"` | no | +| [location](#input\_location) | value of the Azure location to deploy to | `string` | `"Central US"` | no | +| [msi\_id](#input\_msi\_id) | The Managed Service Identity ID. Set this value if you're running this example using Managed Identity as the authentication method. | `string` | `null` | no | +| [object\_id](#input\_object\_id) | Object ID | `any` | n/a | yes | +| [resource\_group\_name](#input\_resource\_group\_name) | value of the Azure resource group to deploy to | `any` | n/a | yes | +| [services\_to\_chart](#input\_services\_to\_chart) | Note: The chart names are limited to 15 characters | `map(string)` | 
{
  "fhir-converter": "fhir-converter-chart",
  "ingestion": "ingestion-chart",
  "ingress": "ingress-chart",
  "message-parser": "message-parser-chart",
  "message-refiner": "message-refiner",
  "orchestration": "orchestration",
  "tefca-viewer": "tefca-viewer",
  "trigger-code-reference": "trigger-code-reference",
  "validation": "validation-chart"
}
| no | +| [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes | +| [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes | +| [smarty\_license\_type](#input\_smarty\_license\_type) | value of the SmartyStreets license type to use | `string` | n/a | yes | +| [subscription\_id](#input\_subscription\_id) | value of the Azure Subscription ID to use | `any` | n/a | yes | +| [use\_oidc](#input\_use\_oidc) | Use OIDC for authentication. | `bool` | `false` | no | +| [vm\_username](#input\_vm\_username) | User name for the VM | `string` | `"aks_user"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [aks\_cluster\_name](#output\_aks\_cluster\_name) | n/a | +| [application\_ip\_address](#output\_application\_ip\_address) | n/a | +| [client\_certificate](#output\_client\_certificate) | n/a | +| [client\_key](#output\_client\_key) | n/a | +| [cluster\_ca\_certificate](#output\_cluster\_ca\_certificate) | n/a | +| [cluster\_password](#output\_cluster\_password) | n/a | +| [cluster\_username](#output\_cluster\_username) | n/a | +| [host](#output\_host) | n/a | +| [key\_data](#output\_key\_data) | n/a | +| [kube\_config](#output\_kube\_config) | n/a | + \ No newline at end of file diff --git a/terraform/azure/setup/README.md b/terraform/azure/setup/README.md new file mode 100644 index 00000000..8336fd33 --- /dev/null +++ b/terraform/azure/setup/README.md @@ -0,0 +1,37 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [azurerm](#requirement\_azurerm) | =3.23.0 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | =3.23.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_storage_account.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/3.23.0/docs/resources/storage_account) | resource | +| [azurerm_storage_container.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/3.23.0/docs/resources/storage_container) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [client\_id](#input\_client\_id) | value of the Azure App registration ID to use in the tfstate storage account name | `any` | n/a | yes | +| [location](#input\_location) | value of the Azure location to deploy to | `string` | `"Central US"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | value of the Azure resource group to deploy to | `any` | n/a | yes | +| [subscription\_id](#input\_subscription\_id) | value of the Azure Subscription ID to use | `any` | n/a | yes | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/terraform/utilities/generate_tf_docs.sh b/terraform/utilities/generate_tf_docs.sh new file mode 100755 index 00000000..1e11c3e5 --- /dev/null +++ b/terraform/utilities/generate_tf_docs.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# aws +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/cognito +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/eks +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/rds +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/route53 +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/s3 +terraform-docs markdown table --output-file README.md --output-mode inject ../aws/setup + +# azure +terraform-docs markdown table --output-file README.md --output-mode inject ../azure/implementation +terraform-docs markdown table --output-file README.md --output-mode inject ../azure/setup diff --git a/terraform/utilities/tf_fmt.sh b/terraform/utilities/tf_fmt.sh new file mode 100755 index 00000000..00488f33 --- /dev/null +++ b/terraform/utilities/tf_fmt.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +terraform fmt -recursive ../ \ No newline at end of file