From 1dda6ade309c9aa1559b46818f2b6b9845a304be Mon Sep 17 00:00:00 2001 From: Chandra Reddy Date: Fri, 16 Aug 2024 16:35:44 -0400 Subject: [PATCH] restructure folders to serperate IAM from services --- README.md | 6 +- apprunner/03_iam.tf | 47 +++ apprunner/service/01_provider.tf | 12 + apprunner/service/02_applicationlist.tf | 22 ++ apprunner/{ => service}/03_apprunner.tf | 47 --- apprunner/terraform.tfstate | 9 + apprunner/terraform.tfstate.backup | 368 ++++++++++++++++++++ infrastructure/.terraform.tfstate.lock.info | 1 + infrastructure/terraform.tfstate | 277 +-------------- infrastructure/terraform.tfstate.backup | 135 +------ 10 files changed, 479 insertions(+), 445 deletions(-) create mode 100644 apprunner/03_iam.tf create mode 100644 apprunner/service/01_provider.tf create mode 100644 apprunner/service/02_applicationlist.tf rename apprunner/{ => service}/03_apprunner.tf (50%) create mode 100644 apprunner/terraform.tfstate create mode 100644 apprunner/terraform.tfstate.backup create mode 100644 infrastructure/.terraform.tfstate.lock.info diff --git a/README.md b/README.md index 269313d..f6f0119 100644 --- a/README.md +++ b/README.md @@ -27,4 +27,8 @@ Replace the URL in the middle with the proper endpoint of your database and repl 10. Go to the apprunner folder (`cd ../apprunner`) -11. Run `tofu init` and then `tofu apply` to set up the App Runner services +11. Run `tofu init` and then `tofu apply` to set up the App Runner IAM + +12. Go to the service sub-folder (`cd /service`) + +13. Run 'tofu init' and then 'tofu apply' to set up the App Runner services diff --git a/apprunner/03_iam.tf b/apprunner/03_iam.tf new file mode 100644 index 0000000..7b1e746 --- /dev/null +++ b/apprunner/03_iam.tf @@ -0,0 +1,47 @@ +resource "aws_iam_role" "apprunner_role" { + name = "apprunner-access-role" + + assume_role_policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + Service = "build.apprunner.amazonaws.com" + }, + Action = "sts:AssumeRole" + }, + ] + }) +} + + +resource "aws_iam_policy" "ecr_access_policy" { + name = "apprunner-ecr-access-policy" + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Action = [ + "ecr:GetDownloadUrlForLayer", + "ecr:BatchGetImage", + "ecr:BatchCheckLayerAvailability" + ], + Resource = "*" + }, + { + Effect = "Allow", + Action = "ecr:GetAuthorizationToken", + Resource = "*" + } + ] + }) +} + +resource "aws_iam_role_policy_attachment" "apprunner_ecr_policy_attach" { + role = aws_iam_role.apprunner_role.name + policy_arn = aws_iam_policy.ecr_access_policy.arn +} + diff --git a/apprunner/service/01_provider.tf b/apprunner/service/01_provider.tf new file mode 100644 index 0000000..34edb1b --- /dev/null +++ b/apprunner/service/01_provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "5.62.0" + } + } +} + +provider "aws" { + region = "us-east-1" +} diff --git a/apprunner/service/02_applicationlist.tf b/apprunner/service/02_applicationlist.tf new file mode 100644 index 0000000..1fe5c57 --- /dev/null +++ b/apprunner/service/02_applicationlist.tf @@ -0,0 +1,22 @@ +variable "applications" { + type = list(string) + default = ["announcements"] +} + +variable "environments" { + type = list(string) + default = ["dev", "qa", "prod"] +} + +locals { + app_env_combinations = [ + for app in var.applications : [ + for env in var.environments : { + app = app + env = env + } + ] + ] + + app_env_list = flatten(local.app_env_combinations) +} diff --git a/apprunner/03_apprunner.tf b/apprunner/service/03_apprunner.tf similarity index 50% rename from apprunner/03_apprunner.tf rename to apprunner/service/03_apprunner.tf index 55e4a34..4959c13 100644 --- a/apprunner/03_apprunner.tf +++ b/apprunner/service/03_apprunner.tf @@ -31,53 +31,6 @@ resource "aws_apprunner_service" "app_services" { } -resource "aws_iam_role" "apprunner_role" { - name = "apprunner-access-role" - - assume_role_policy = jsonencode({ - Version = "2012-10-17", - Statement = [ - { - Effect = "Allow", - Principal = { - Service = "build.apprunner.amazonaws.com" - }, - Action = "sts:AssumeRole" - }, - ] - }) -} - - -resource "aws_iam_policy" "ecr_access_policy" { - name = "apprunner-ecr-access-policy" - - policy = jsonencode({ - Version = "2012-10-17", - Statement = [ - { - Effect = "Allow", - Action = [ - "ecr:GetDownloadUrlForLayer", - "ecr:BatchGetImage", - "ecr:BatchCheckLayerAvailability" - ], - Resource = "*" - }, - { - Effect = "Allow", - Action = "ecr:GetAuthorizationToken", - Resource = "*" - } - ] - }) -} - -resource "aws_iam_role_policy_attachment" "apprunner_ecr_policy_attach" { - role = aws_iam_role.apprunner_role.name - policy_arn = aws_iam_policy.ecr_access_policy.arn -} - resource "aws_apprunner_auto_scaling_configuration_version" "app_scaling" { auto_scaling_configuration_name = "app-scaling-config" diff --git a/apprunner/terraform.tfstate b/apprunner/terraform.tfstate new file mode 100644 index 0000000..55cb869 --- /dev/null +++ b/apprunner/terraform.tfstate @@ -0,0 +1,9 @@ +{ + "version": 4, + "terraform_version": "1.7.2", + "serial": 5, + "lineage": "8ebc2ad4-09a6-559d-169e-e7f1af71737f", + "outputs": {}, + "resources": [], + "check_results": null +} diff --git a/apprunner/terraform.tfstate.backup b/apprunner/terraform.tfstate.backup new file mode 100644 index 0000000..5abd4e5 --- /dev/null +++ b/apprunner/terraform.tfstate.backup @@ -0,0 +1,368 @@ +{ + "version": 4, + "terraform_version": "1.7.2", + "serial": 3, + "lineage": "8ebc2ad4-09a6-559d-169e-e7f1af71737f", + "outputs": {}, + "resources": [ + { + "mode": "managed", + "type": "aws_apprunner_auto_scaling_configuration_version", + "name": "app_scaling", + "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/89c7603917ac481284470af92d5053c8", + "auto_scaling_configuration_name": "app-scaling-config", + "auto_scaling_configuration_revision": 2, + "has_associated_service": false, + "id": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/89c7603917ac481284470af92d5053c8", + "is_default": false, + "latest": true, + "max_concurrency": 100, + "max_size": 3, + "min_size": 1, + "status": "active", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "mode": "managed", + "type": "aws_apprunner_service", + "name": "app_services", + "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", + "instances": [ + { + "index_key": "announcements-dev", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:apprunner:us-east-1:654654512735:service/announcements-dev-service/20baaf2ad913404292b9169fd2a1f6c9", + "auto_scaling_configuration_arn": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/89c7603917ac481284470af92d5053c8", + "encryption_configuration": [], + "health_check_configuration": [ + { + "healthy_threshold": 1, + "interval": 5, + "path": "/", + "protocol": "TCP", + "timeout": 2, + "unhealthy_threshold": 5 + } + ], + "id": "arn:aws:apprunner:us-east-1:654654512735:service/announcements-dev-service/20baaf2ad913404292b9169fd2a1f6c9", + "instance_configuration": [ + { + "cpu": "1024", + "instance_role_arn": "", + "memory": "2048" + } + ], + "network_configuration": [ + { + "egress_configuration": [ + { + "egress_type": "DEFAULT", + "vpc_connector_arn": "" + } + ], + "ingress_configuration": [ + { + "is_publicly_accessible": true + } + ], + "ip_address_type": "IPV4" + } + ], + "observability_configuration": [], + "service_id": "20baaf2ad913404292b9169fd2a1f6c9", + "service_name": "announcements-dev-service", + "service_url": "2zwhqeckhj.us-east-1.awsapprunner.com", + "source_configuration": [ + { + "authentication_configuration": [ + { + "access_role_arn": "arn:aws:iam::654654512735:role/apprunner-access-role", + "connection_arn": "" + } + ], + "auto_deployments_enabled": true, + "code_repository": [], + "image_repository": [ + { + "image_configuration": [ + { + "port": "8000", + "runtime_environment_secrets": null, + "runtime_environment_variables": null, + "start_command": "" + } + ], + "image_identifier": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-dev:latest", + "image_repository_type": "ECR" + } + ] + } + ], + "status": "RUNNING", + "tags": { + "Application": "announcements", + "Environment": "dev" + }, + "tags_all": { + "Application": "announcements", + "Environment": "dev" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "aws_apprunner_auto_scaling_configuration_version.app_scaling", + "aws_iam_role.apprunner_role" + ] + }, + { + "index_key": "announcements-prod", + "status": "tainted", + "schema_version": 0, + "attributes": { + "arn": null, + "auto_scaling_configuration_arn": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/89c7603917ac481284470af92d5053c8", + "encryption_configuration": [], + "health_check_configuration": null, + "id": "arn:aws:apprunner:us-east-1:654654512735:service/announcements-prod-service/28fea87571ed4382b7ebfe633386e5ab", + "instance_configuration": [ + { + "cpu": "1024", + "instance_role_arn": "", + "memory": "2048" + } + ], + "network_configuration": null, + "observability_configuration": [], + "service_id": null, + "service_name": "announcements-prod-service", + "service_url": null, + "source_configuration": [ + { + "authentication_configuration": [ + { + "access_role_arn": "arn:aws:iam::654654512735:role/apprunner-access-role", + "connection_arn": "" + } + ], + "auto_deployments_enabled": true, + "code_repository": [], + "image_repository": [ + { + "image_configuration": [ + { + "port": "8000", + "runtime_environment_secrets": null, + "runtime_environment_variables": null, + "start_command": "" + } + ], + "image_identifier": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-prod:latest", + "image_repository_type": "ECR" + } + ] + } + ], + "status": null, + "tags": { + "Application": "announcements", + "Environment": "prod" + }, + "tags_all": { + "Application": "announcements", + "Environment": "prod" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "aws_apprunner_auto_scaling_configuration_version.app_scaling", + "aws_iam_role.apprunner_role" + ] + }, + { + "index_key": "announcements-qa", + "schema_version": 0, + "attributes": { + "arn": "arn:aws:apprunner:us-east-1:654654512735:service/announcements-qa-service/4b31f197ee7040c8ba9db98ce6a1053d", + "auto_scaling_configuration_arn": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/89c7603917ac481284470af92d5053c8", + "encryption_configuration": [], + "health_check_configuration": [ + { + "healthy_threshold": 1, + "interval": 5, + "path": "/", + "protocol": "TCP", + "timeout": 2, + "unhealthy_threshold": 5 + } + ], + "id": "arn:aws:apprunner:us-east-1:654654512735:service/announcements-qa-service/4b31f197ee7040c8ba9db98ce6a1053d", + "instance_configuration": [ + { + "cpu": "1024", + "instance_role_arn": "", + "memory": "2048" + } + ], + "network_configuration": [ + { + "egress_configuration": [ + { + "egress_type": "DEFAULT", + "vpc_connector_arn": "" + } + ], + "ingress_configuration": [ + { + "is_publicly_accessible": true + } + ], + "ip_address_type": "IPV4" + } + ], + "observability_configuration": [], + "service_id": "4b31f197ee7040c8ba9db98ce6a1053d", + "service_name": "announcements-qa-service", + "service_url": "wvq6yzvqck.us-east-1.awsapprunner.com", + "source_configuration": [ + { + "authentication_configuration": [ + { + "access_role_arn": "arn:aws:iam::654654512735:role/apprunner-access-role", + "connection_arn": "" + } + ], + "auto_deployments_enabled": true, + "code_repository": [], + "image_repository": [ + { + "image_configuration": [ + { + "port": "8000", + "runtime_environment_secrets": null, + "runtime_environment_variables": null, + "start_command": "" + } + ], + "image_identifier": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-qa:latest", + "image_repository_type": "ECR" + } + ] + } + ], + "status": "RUNNING", + "tags": { + "Application": "announcements", + "Environment": "qa" + }, + "tags_all": { + "Application": "announcements", + "Environment": "qa" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "aws_apprunner_auto_scaling_configuration_version.app_scaling", + "aws_iam_role.apprunner_role" + ] + } + ] + }, + { + "mode": "managed", + "type": "aws_iam_policy", + "name": "ecr_access_policy", + "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", + "attachment_count": 1, + "description": "", + "id": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", + "name": "apprunner-ecr-access-policy", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":[\"ecr:GetDownloadUrlForLayer\",\"ecr:BatchGetImage\",\"ecr:BatchCheckLayerAvailability\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":\"ecr:GetAuthorizationToken\",\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAZQ3DTDZPT7IM4FZZH", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "mode": "managed", + "type": "aws_iam_role", + "name": "apprunner_role", + "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::654654512735:role/apprunner-access-role", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"build.apprunner.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", + "create_date": "2024-08-16T20:21:54Z", + "description": "", + "force_detach_policies": false, + "id": "apprunner-access-role", + "inline_policy": [], + "managed_policy_arns": [ + "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy" + ], + "max_session_duration": 3600, + "name": "apprunner-access-role", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": {}, + "unique_id": "AROAZQ3DTDZPZW5R3SJ2O" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "apprunner_ecr_policy_attach", + "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "apprunner-access-role-20240816202154756600000001", + "policy_arn": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", + "role": "apprunner-access-role" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "aws_iam_policy.ecr_access_policy", + "aws_iam_role.apprunner_role" + ] + } + ] + } + ], + "check_results": null +} diff --git a/infrastructure/.terraform.tfstate.lock.info b/infrastructure/.terraform.tfstate.lock.info new file mode 100644 index 0000000..6e9328a --- /dev/null +++ b/infrastructure/.terraform.tfstate.lock.info @@ -0,0 +1 @@ +{"ID":"95aaf3b4-390b-d787-ff39-92eb1b52920c","Operation":"OperationTypeApply","Info":"","Who":"ch807460@CMC02WK1HQHTDF.local","Version":"1.7.2","Created":"2024-08-16T20:31:09.955805Z","Path":"terraform.tfstate"} \ No newline at end of file diff --git a/infrastructure/terraform.tfstate b/infrastructure/terraform.tfstate index 2a616a3..46b8914 100644 --- a/infrastructure/terraform.tfstate +++ b/infrastructure/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.7.2", - "serial": 95, + "serial": 96, "lineage": "54543b65-0785-73d9-c782-458033890453", "outputs": {}, "resources": [ @@ -153,222 +153,6 @@ } ] }, - { - "mode": "managed", - "type": "aws_ecr_repository", - "name": "app_repos", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "index_key": "announcements-dev", - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ecr:us-east-1:654654512735:repository/announcements-dev", - "encryption_configuration": [ - { - "encryption_type": "AES256", - "kms_key": "" - } - ], - "force_delete": true, - "id": "announcements-dev", - "image_scanning_configuration": [ - { - "scan_on_push": false - } - ], - "image_tag_mutability": "MUTABLE", - "name": "announcements-dev", - "registry_id": "654654512735", - "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-dev", - "tags": {}, - "tags_all": {}, - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxMjAwMDAwMDAwMDAwfX0=" - }, - { - "index_key": "announcements-prod", - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ecr:us-east-1:654654512735:repository/announcements-prod", - "encryption_configuration": [ - { - "encryption_type": "AES256", - "kms_key": "" - } - ], - "force_delete": true, - "id": "announcements-prod", - "image_scanning_configuration": [ - { - "scan_on_push": false - } - ], - "image_tag_mutability": "MUTABLE", - "name": "announcements-prod", - "registry_id": "654654512735", - "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-prod", - "tags": {}, - "tags_all": {}, - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxMjAwMDAwMDAwMDAwfX0=" - }, - { - "index_key": "announcements-qa", - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ecr:us-east-1:654654512735:repository/announcements-qa", - "encryption_configuration": [ - { - "encryption_type": "AES256", - "kms_key": "" - } - ], - "force_delete": true, - "id": "announcements-qa", - "image_scanning_configuration": [ - { - "scan_on_push": false - } - ], - "image_tag_mutability": "MUTABLE", - "name": "announcements-qa", - "registry_id": "654654512735", - "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-qa", - "tags": {}, - "tags_all": {}, - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxMjAwMDAwMDAwMDAwfX0=" - } - ] - }, - { - "mode": "managed", - "type": "aws_internet_gateway", - "name": "main", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-east-1:654654512735:internet-gateway/igw-066aaa71b99296e33", - "id": "igw-066aaa71b99296e33", - "owner_id": "654654512735", - "tags": {}, - "tags_all": {}, - "timeouts": null, - "vpc_id": "vpc-01c8998b8cc7af9b5" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_vpc.main" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table", - "name": "public", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-east-1:654654512735:route-table/rtb-0d987e6386074c445", - "id": "rtb-0d987e6386074c445", - "owner_id": "654654512735", - "propagating_vgws": [], - "route": [ - { - "carrier_gateway_id": "", - "cidr_block": "0.0.0.0/0", - "core_network_arn": "", - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "igw-066aaa71b99296e33", - "ipv6_cidr_block": "", - "local_gateway_id": "", - "nat_gateway_id": "", - "network_interface_id": "", - "transit_gateway_id": "", - "vpc_endpoint_id": "", - "vpc_peering_connection_id": "" - } - ], - "tags": {}, - "tags_all": {}, - "timeouts": null, - "vpc_id": "vpc-01c8998b8cc7af9b5" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.main", - "aws_vpc.main" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table_association", - "name": "subnet_association", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "gateway_id": "", - "id": "rtbassoc-01e3dbe9b3715e08d", - "route_table_id": "rtb-0d987e6386074c445", - "subnet_id": "subnet-05984c6c711f17fff", - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.main", - "aws_route_table.public", - "aws_subnet.main", - "aws_vpc.main" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table_association", - "name": "subnet_association_alt", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "gateway_id": "", - "id": "rtbassoc-0c9a01bf7f187a77c", - "route_table_id": "rtb-0d987e6386074c445", - "subnet_id": "subnet-0d65101fe65afe6b0", - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.main", - "aws_route_table.public", - "aws_subnet.alternative", - "aws_vpc.main" - ] - } - ] - }, { "mode": "managed", "type": "aws_security_group", @@ -547,65 +331,6 @@ "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" } ] - }, - { - "mode": "managed", - "type": "null_resource", - "name": "create_databases", - "provider": "provider[\"registry.opentofu.org/hashicorp/null\"]", - "instances": [ - { - "index_key": "announcements-dev", - "schema_version": 0, - "attributes": { - "id": "1825374920776603513", - "triggers": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_db_instance.default", - "aws_db_subnet_group.default", - "aws_security_group.rds_sg", - "aws_subnet.alternative", - "aws_subnet.main", - "aws_vpc.main" - ] - }, - { - "index_key": "announcements-prod", - "schema_version": 0, - "attributes": { - "id": "4068045178261638631", - "triggers": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_db_instance.default", - "aws_db_subnet_group.default", - "aws_security_group.rds_sg", - "aws_subnet.alternative", - "aws_subnet.main", - "aws_vpc.main" - ] - }, - { - "index_key": "announcements-qa", - "schema_version": 0, - "attributes": { - "id": "8095755812362962033", - "triggers": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_db_instance.default", - "aws_db_subnet_group.default", - "aws_security_group.rds_sg", - "aws_subnet.alternative", - "aws_subnet.main", - "aws_vpc.main" - ] - } - ] } ], "check_results": null diff --git a/infrastructure/terraform.tfstate.backup b/infrastructure/terraform.tfstate.backup index eed5d6d..2a616a3 100644 --- a/infrastructure/terraform.tfstate.backup +++ b/infrastructure/terraform.tfstate.backup @@ -1,38 +1,10 @@ { "version": 4, "terraform_version": "1.7.2", - "serial": 94, + "serial": 95, "lineage": "54543b65-0785-73d9-c782-458033890453", "outputs": {}, "resources": [ - { - "mode": "managed", - "type": "aws_apprunner_auto_scaling_configuration_version", - "name": "app_scaling", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/0ee09728b5ab4bd19512cadd7f423442", - "auto_scaling_configuration_name": "app-scaling-config", - "auto_scaling_configuration_revision": 2, - "has_associated_service": false, - "id": "arn:aws:apprunner:us-east-1:654654512735:autoscalingconfiguration/app-scaling-config/2/0ee09728b5ab4bd19512cadd7f423442", - "is_default": false, - "latest": true, - "max_concurrency": 100, - "max_size": 3, - "min_size": 1, - "status": "active", - "tags": null, - "tags_all": {} - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, { "mode": "managed", "type": "aws_db_instance", @@ -65,11 +37,11 @@ "deletion_protection": false, "domain": "", "domain_auth_secret_arn": "", - "domain_dns_ips": null, + "domain_dns_ips": [], "domain_fqdn": "", "domain_iam_role_name": "", "domain_ou": "", - "enabled_cloudwatch_logs_exports": null, + "enabled_cloudwatch_logs_exports": [], "endpoint": "cm-appfolio-db.c9o06ok6uz10.us-east-1.rds.amazonaws.com:3306", "engine": "mysql", "engine_lifecycle_support": "open-source-rds-extended-support", @@ -117,7 +89,7 @@ "storage_encrypted": false, "storage_throughput": 0, "storage_type": "gp2", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "timezone": "", @@ -167,7 +139,7 @@ "supported_network_types": [ "IPV4" ], - "tags": null, + "tags": {}, "tags_all": {}, "vpc_id": "vpc-01c8998b8cc7af9b5" }, @@ -209,7 +181,7 @@ "name": "announcements-dev", "registry_id": "654654512735", "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-dev", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null }, @@ -238,7 +210,7 @@ "name": "announcements-prod", "registry_id": "654654512735", "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-prod", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null }, @@ -267,7 +239,7 @@ "name": "announcements-qa", "registry_id": "654654512735", "repository_url": "654654512735.dkr.ecr.us-east-1.amazonaws.com/announcements-qa", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null }, @@ -276,85 +248,6 @@ } ] }, - { - "mode": "managed", - "type": "aws_iam_policy", - "name": "ecr_access_policy", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", - "attachment_count": 0, - "description": "", - "id": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", - "name": "apprunner-ecr-access-policy", - "name_prefix": "", - "path": "/", - "policy": "{\"Statement\":[{\"Action\":[\"ecr:GetDownloadUrlForLayer\",\"ecr:BatchGetImage\",\"ecr:BatchCheckLayerAvailability\"],\"Effect\":\"Allow\",\"Resource\":\"*\"},{\"Action\":\"ecr:GetAuthorizationToken\",\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}", - "policy_id": "ANPAZQ3DTDZPUKZYSYSYB", - "tags": null, - "tags_all": {} - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, - { - "mode": "managed", - "type": "aws_iam_role", - "name": "apprunner_role", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::654654512735:role/apprunner-access-role", - "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"build.apprunner.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", - "create_date": "2024-08-16T20:08:29Z", - "description": "", - "force_detach_policies": false, - "id": "apprunner-access-role", - "inline_policy": [], - "managed_policy_arns": [], - "max_session_duration": 3600, - "name": "apprunner-access-role", - "name_prefix": "", - "path": "/", - "permissions_boundary": "", - "tags": null, - "tags_all": {}, - "unique_id": "AROAZQ3DTDZPRIKF4BUO4" - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, - { - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "apprunner_ecr_policy_attach", - "provider": "provider[\"registry.opentofu.org/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "apprunner-access-role-20240816200830091800000001", - "policy_arn": "arn:aws:iam::654654512735:policy/apprunner-ecr-access-policy", - "role": "apprunner-access-role" - }, - "sensitive_attributes": [], - "private": "bnVsbA==", - "dependencies": [ - "aws_iam_policy.ecr_access_policy", - "aws_iam_role.apprunner_role" - ] - } - ] - }, { "mode": "managed", "type": "aws_internet_gateway", @@ -367,7 +260,7 @@ "arn": "arn:aws:ec2:us-east-1:654654512735:internet-gateway/igw-066aaa71b99296e33", "id": "igw-066aaa71b99296e33", "owner_id": "654654512735", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "vpc_id": "vpc-01c8998b8cc7af9b5" @@ -410,7 +303,7 @@ "vpc_peering_connection_id": "" } ], - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "vpc_id": "vpc-01c8998b8cc7af9b5" @@ -522,7 +415,7 @@ "name_prefix": "terraform-", "owner_id": "654654512735", "revoke_rules_on_delete": false, - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "vpc_id": "vpc-01c8998b8cc7af9b5" @@ -563,7 +456,7 @@ "outpost_arn": "", "owner_id": "654654512735", "private_dns_hostname_type_on_launch": "ip-name", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "vpc_id": "vpc-01c8998b8cc7af9b5" @@ -604,7 +497,7 @@ "outpost_arn": "", "owner_id": "654654512735", "private_dns_hostname_type_on_launch": "ip-name", - "tags": null, + "tags": {}, "tags_all": {}, "timeouts": null, "vpc_id": "vpc-01c8998b8cc7af9b5" @@ -647,7 +540,7 @@ "ipv6_netmask_length": 0, "main_route_table_id": "rtb-0a4606ca11d004b7d", "owner_id": "654654512735", - "tags": null, + "tags": {}, "tags_all": {} }, "sensitive_attributes": [],