devsecblueprint
diff --git a/‎.github/workflows/main.yml‎
Lines changed: 8 additions & 2 deletions b/‎.github/workflows/main.yml‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎.github/workflows/terraform-apply-eks.yml‎
Lines changed: 42 additions & 0 deletions b/‎.github/workflows/terraform-apply-eks.yml‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎.github/workflows/terraform-apply.yml‎ ‎…/workflows/terraform-apply-pipelines.yml‎.github/workflows/terraform-apply.yml renamed to .github/workflows/terraform-apply-pipelines.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/terraform-apply.yml‎ ‎…/workflows/terraform-apply-pipelines.yml‎.github/workflows/terraform-apply.yml renamed to .github/workflows/terraform-apply-pipelines.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎terraform/eks-cluster/data.tf‎
Lines changed: 1 addition & 0 deletions b/‎terraform/eks-cluster/data.tf‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎terraform/eks-cluster/main.tf‎
Lines changed: 23 additions & 0 deletions b/‎terraform/eks-cluster/main.tf‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎terraform/modules/eks/main.tf‎ ‎terraform/eks-cluster/modules/eks/main.tf‎terraform/modules/eks/main.tf renamed to terraform/eks-cluster/modules/eks/main.tf b/‎terraform/modules/eks/main.tf‎ ‎terraform/eks-cluster/modules/eks/main.tf‎terraform/modules/eks/main.tf renamed to terraform/eks-cluster/modules/eks/main.tf
diff --git a/‎terraform/modules/eks/outputs.tf‎ ‎…aform/eks-cluster/modules/eks/outputs.tf‎terraform/modules/eks/outputs.tf renamed to terraform/eks-cluster/modules/eks/outputs.tf b/‎terraform/modules/eks/outputs.tf‎ ‎…aform/eks-cluster/modules/eks/outputs.tf‎terraform/modules/eks/outputs.tf renamed to terraform/eks-cluster/modules/eks/outputs.tf
diff --git a/‎terraform/modules/eks/variables.tf‎ ‎…orm/eks-cluster/modules/eks/variables.tf‎terraform/modules/eks/variables.tf renamed to terraform/eks-cluster/modules/eks/variables.tf b/‎terraform/modules/eks/variables.tf‎ ‎…orm/eks-cluster/modules/eks/variables.tf‎terraform/modules/eks/variables.tf renamed to terraform/eks-cluster/modules/eks/variables.tf
diff --git a/‎terraform/eks-cluster/provider.tf‎
Lines changed: 13 additions & 0 deletions b/‎terraform/eks-cluster/provider.tf‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎terraform/eks-cluster/variables.tf‎
Lines changed: 11 additions & 0 deletions b/‎terraform/eks-cluster/variables.tf‎
Lines changed: 11 additions & 0 deletions
@@ -5,8 +5,14 @@ on:
     workflow_dispatch:
 
 jobs:
-    terraform-apply:
-        uses: ./.github/workflows/terraform-apply.yml
+    terraform-apply-eks:
+        uses: ./.github/workflows/terraform-apply-eks.yml
+        permissions:
+            contents: read
+        secrets: inherit
+    terraform-apply-pipelines:
+        needs: terraform-apply-eks
+        uses: ./.github/workflows/terraform-apply-pipelines.yml
         permissions:
             contents: read
         secrets: inherit
@@ -0,0 +1,42 @@
+name: "Terraform Apply"
+
+on:
+  workflow_call:
+
+env:
+  TF_CLOUD_ORGANIZATION: "DSB"
+  TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
+  TF_WORKSPACE: "dsb-aws-devsecops-pipelines"
+  CONFIG_DIRECTORY: "./terraform/eks-cluster"
+
+jobs:
+  terraform:
+    name: "Terraform Apply"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Upload Configuration
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: apply-upload
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          directory: ${{ env.CONFIG_DIRECTORY }}
+
+      - name: Create Apply Run
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        id: apply-run
+        with:
+          workspace: ${{ env.TF_WORKSPACE }}
+          configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
+
+      - name: Apply
+        uses: hashicorp/tfc-workflows-github/actions/[email protected]
+        if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
+        id: apply
+        with:
+          run: ${{ steps.apply-run.outputs.run_id }}
+          comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"
@@ -7,7 +7,7 @@ env:
   TF_CLOUD_ORGANIZATION: "DSB"
   TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
   TF_WORKSPACE: "dsb-aws-devsecops-pipelines"
-  CONFIG_DIRECTORY: "./terraform"
+  CONFIG_DIRECTORY: "./terraform/pipelines"
 
 jobs:
   terraform:
 
@@ -0,0 +1 @@
+data "aws_caller_identity" "current" {}
@@ -0,0 +1,23 @@
+# Default Networking Configuration
+resource "aws_default_subnet" "default_subnet_a" {
+  availability_zone = "${var.region}a"
+}
+
+resource "aws_default_subnet" "default_subnet_b" {
+  availability_zone = "${var.region}b"
+}
+
+# EKS Cluster
+module "default_cluster" {
+  source       = "./modules/eks"
+  cluster_name = "${var.resource_prefix}-devsecops-cluster"
+  subnet_ids = [
+    aws_default_subnet.default_subnet_a.id,
+    aws_default_subnet.default_subnet_b.id
+  ]
+  node_group_min_size         = 1
+  node_group_max_size         = 3
+  node_group_desired_capacity = 2
+  instance_types              = ["t3.medium"]
+  node_group_disk_size        = 20
+}
@@ -0,0 +1,13 @@
+provider "aws" {
+  region = var.region
+}
+
+terraform {
+  cloud {
+    organization = "DSB"
+
+    workspaces {
+      name = "dsb-aws-devsecops-eks-cluster"
+    }
+  }
+}
@@ -0,0 +1,11 @@
+variable "resource_prefix" {
+  type        = string
+  description = "Prefix for AWS Resources"
+  default     = "dsb"
+}
+
+variable "region" {
+  type        = string
+  description = "AWS Region"
+  default     = "us-east-1"
+}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+data "aws_caller_identity" "current" {}`