Initial implementation (#1)

* Initial implementation

* Update module versions

* Update `BUILD_HARNESS_VERSION`

* Update `region`

* Add `docs` project

* Fix `default` attribute

* Fix `attributes` var

* Fix `docs_cloudfront_origin_access_identity_path` output

* Update `docs` project

* Remove `Host` forwarded header (not needed for S3 website)

* Use `s3_bucket_website_endpoint` as origin

* Add `docs` outputs

* Update module versions. Add `enabled` flags

* Bump `terraform-aws-tfstate-backend` version

* Add `acm_cloudfront` project

* Rename to `acm-cloudfront`

* Update `viewer_protocol_policy` and `aliases`

* Update `aliases`

* Update `aliases`

Author: aknysh

.dockerignore

@@ -0,0 +1,8 @@
+.git
+.gitignore
+.editorconfig
+**/.terraform
+*.tfstate
+*.tfstate.*
+.idea
+*.iml

.editorconfig

@@ -0,0 +1,24 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+# Override for Makefile
+[{Makefile, makefile, GNUmakefile}]
+indent_style = tab
+indent_size = 4
+
+[Makefile.*]
+indent_style = tab
+indent_size = 4
+
+[shell]
+indent_style = tab
+indent_size = 4
+
+[*.sh]
+indent_style = tab
+indent_size = 4

.gitignore

@@ -1,6 +1,7 @@
-# Compiled files
+.build-harness
+build-harness
+.terraform
 *.tfstate
-*.tfstate.backup
-
-# Module directory
-.terraform/
+*.tfstate.*
+.idea
+*.iml

Dockerfile

@@ -0,0 +1,3 @@
+FROM alpine:3.7
+COPY aws/ /aws
+WORKDIR /aws

LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2018 Cloud Posse, LLC
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

Makefile

@@ -0,0 +1,21 @@
+export DOCKER_ORG ?= cloudposse
+export DOCKER_IMAGE ?= $(DOCKER_ORG)/terraform-root-modules
+export DOCKER_TAG ?= latest
+export DOCKER_IMAGE_NAME ?= $(DOCKER_IMAGE):$(DOCKER_TAG)
+export DOCKER_BUILD_FLAGS = 
+
+-include $(shell curl -sSL -o .build-harness "https://git.io/build-harness"; echo .build-harness)
+
+all: init deps build install run
+
+deps:
+	@exit 0
+
+build:
+	@make --no-print-directory docker:build
+
+push:
+	docker push $(DOCKER_IMAGE)
+
+run:
+	docker run -it ${DOCKER_IMAGE_NAME} sh

README.md

@@ -1,2 +1,3 @@
 # terraform-root-modules
-Collection of root modules for provisioning reference architectures
+
+This is a collection of reusable root modules for CloudPosse AWS accounts.

aws/acm-cloudfront/main.tf

@@ -0,0 +1,48 @@
+terraform {
+  required_version = ">= 0.11.2"
+
+  backend "s3" {}
+}
+
+variable "aws_assume_role_arn" {}
+
+provider "aws" {
+  #  CloudFront certs must be created in the `aws-east-1` region, even if your origin is in a different one
+  # This is a CloudFront limitation
+  # https://christian.legnitto.com/blog/2017/10/11/terraform-and-cloudfront-gotchas/
+  # https://medium.com/modern-stack/5-minute-static-ssl-website-in-aws-with-terraform-76819a12d412
+  # https://medium.com/runatlantis/hosting-our-static-site-over-ssl-with-s3-acm-cloudfront-and-terraform-513b799aec0f
+  region = "us-east-1"
+
+  assume_role {
+    role_arn = "${var.aws_assume_role_arn}"
+  }
+}
+
+variable "domain_name" {
+  description = "Domain name (E.g. staging.cloudposse.org)"
+}
+
+module "certificate" {
+  source                           = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=tags/0.1.1"
+  domain_name                      = "${var.domain_name}"
+  proces_domain_validation_options = "true"
+  ttl                              = "300"
+  subject_alternative_names        = ["*.${var.domain_name}"]
+}
+
+output "certificate_domain_name" {
+  value = "${var.domain_name}"
+}
+
+output "certificate_id" {
+  value = "${module.certificate.id}"
+}
+
+output "certificate_arn" {
+  value = "${module.certificate.arn}"
+}
+
+output "certificate_domain_validation_options" {
+  value = "${module.certificate.domain_validation_options}"
+}

aws/acm/main.tf

@@ -0,0 +1,41 @@
+terraform {
+  required_version = ">= 0.11.2"
+
+  backend "s3" {}
+}
+
+variable "aws_assume_role_arn" {}
+
+provider "aws" {
+  assume_role {
+    role_arn = "${var.aws_assume_role_arn}"
+  }
+}
+
+variable "domain_name" {
+  description = "Domain name (E.g. staging.cloudposse.org)"
+}
+
+module "certificate" {
+  source                           = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=tags/0.1.1"
+  domain_name                      = "${var.domain_name}"
+  proces_domain_validation_options = "true"
+  ttl                              = "300"
+  subject_alternative_names        = ["*.${var.domain_name}"]
+}
+
+output "certificate_domain_name" {
+  value = "${var.domain_name}"
+}
+
+output "certificate_id" {
+  value = "${module.certificate.id}"
+}
+
+output "certificate_arn" {
+  value = "${module.certificate.arn}"
+}
+
+output "certificate_domain_validation_options" {
+  value = "${module.certificate.domain_validation_options}"
+}

aws/acm/terraform.tfvars.example

@@ -0,0 +1 @@
+domain_name="foobar.domain.com"