-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoutputs.tf
More file actions
144 lines (121 loc) · 5.31 KB
/
outputs.tf
File metadata and controls
144 lines (121 loc) · 5.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
output "app" {
description = "The short name for the delivery team or ADO."
sensitive = false
value = local.app
}
output "service" {
description = "The name of the current service or terraservice."
sensitive = false
value = local.service
}
output "primary_region" {
description = "The primary data.aws_region object from the current caller identity"
sensitive = false
value = data.aws_region.primary
}
output "secondary_region" {
description = "The secondary data.aws_region object associated with the secondary region."
sensitive = false
value = data.aws_region.secondary
}
output "account_id" {
description = "Deprecated. Use `aws_caller_identity.account_id`. The AWS account ID associated with the current caller identity"
sensitive = true
value = data.aws_caller_identity.this.account_id
}
output "aws_caller_identity" {
description = "The current data.aws_caller_identity object."
sensitive = true
value = data.aws_caller_identity.this
}
output "env" {
description = "The solution's application environment name."
sensitive = false
value = local.env
}
output "sdlc_env" {
description = "The SDLC (production vs non-production) environment."
sensitive = false
value = local.sdlc_env
}
output "is_ephemeral_env" {
description = "Returns true when environment is _ephemeral_, false when _established_"
sensitive = false
value = local.env != local.parent_env
}
output "parent_env" {
description = "The solution's source environment. For established environments this is equal to the environment's name"
sensitive = false
value = local.parent_env
}
output "default_tags" {
description = "Map of tags for use in AWS provider block `default_tags`. Merges collection of standard tags with optional, user-specificed `additional_tags`"
sensitive = false
value = merge(var.additional_tags, local.static_tags)
}
output "vpc_id" {
description = "The current environment VPC ID value"
sensitive = false
value = data.aws_vpc.this.id
}
output "private_subnets" {
description = "Map of current VPC **private** [aws_subnet data sources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet), keyed by `subnet_id`"
sensitive = true
value = data.aws_subnet.private
}
output "public_subnets" {
description = "Map of current VPC **public** [aws_subnet data sources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet), keyed by `id`"
sensitive = true
value = data.aws_subnet.public
}
output "logging_bucket" {
description = "The designated access log bucket [aws_s3_bucket data source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket#attribute-reference) for the current environment"
sensitive = false
value = data.aws_s3_bucket.access_logs
}
output "security_groups" {
description = "Map of current VPC's common [aws_security_group data sources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group#attribute-reference), keyed by `name`"
sensitive = true
value = data.aws_security_group.this
}
output "platform_cidr" {
description = "The CIDR-range for the CDAP-managed VPC for CI and other administrative functions."
sensitive = true
value = data.aws_ssm_parameter.platform_cidr.value
}
output "kion_roles" {
description = "Map of common kion/cloudtamer [aws_iam_role data sources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role#attributes-reference), keyed by `name`."
sensitive = true
value = data.aws_iam_role.this
}
output "nat_gateways" {
description = "Map of current VPC **available** [aws_nat_gateway data sources](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role#attributes-reference), keyed by `id`."
sensitive = true
value = data.aws_nat_gateway.this
}
output "kms_alias_primary" {
description = "Primary [KMS Key Alias Data Source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_alias#attribute-reference)"
sensitive = true
value = data.aws_kms_alias.primary
}
output "kms_alias_secondary" {
description = "Secondary [KMS Key Alias Data Source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_alias#attribute-reference)"
sensitive = true
value = data.aws_kms_alias.secondary
}
output "iam_defaults" {
description = "Map of default permissions `boundary` and IAM resources `path`."
sensitive = false
value = {
boundary = data.aws_iam_policy.permissions_boundary.arn
path = "/delegatedadmin/developer/"
}
}
output "ssm" {
description = "SSM parameter resources available based on the `var.ssm_root_map` input variable."
value = { for named_root, data in data.aws_ssm_parameters_by_path.ssm : named_root => { for each in [for arn, value in zipmap(data.arns, data.values) : { "value" = value, "arn" = arn }] : reverse(split("/", each.arn))[0] => each } }
}
output "network_access_logs_bucket" {
description = "Standardized CMS Hybrid Cloud Providued Network Access Logs bucket Name"
value = "cms-cloud-${data.aws_caller_identity.this.account_id}-${data.aws_region.primary.name}"
}