diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a6cd3694..52fd864d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,8 +1,9 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.100.1 hooks: - id: terraform_fmt + - id: terraform_wrapper_module_for_each - id: terraform_docs args: - '--args=--lockfile=false' @@ -23,7 +24,7 @@ repos: - '--args=--only=terraform_workspace_remote' - id: terraform_validate - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + rev: v6.0.0 hooks: - id: check-merge-conflict - id: end-of-file-fixer diff --git a/wrappers/README.md b/wrappers/README.md new file mode 100644 index 00000000..a17dbaa0 --- /dev/null +++ b/wrappers/README.md @@ -0,0 +1,100 @@ +# Wrapper for the root module + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_instance/README.md b/wrappers/db_instance/README.md new file mode 100644 index 00000000..75eecded --- /dev/null +++ b/wrappers/db_instance/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_instance` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_instance" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_instance?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_instance" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_instance/main.tf b/wrappers/db_instance/main.tf new file mode 100644 index 00000000..6f4d1d60 --- /dev/null +++ b/wrappers/db_instance/main.tf @@ -0,0 +1,92 @@ +module "wrapper" { + source = "../../modules/db_instance" + + for_each = var.items + + allocated_storage = try(each.value.allocated_storage, var.defaults.allocated_storage, null) + allow_major_version_upgrade = try(each.value.allow_major_version_upgrade, var.defaults.allow_major_version_upgrade, false) + apply_immediately = try(each.value.apply_immediately, var.defaults.apply_immediately, false) + auto_minor_version_upgrade = try(each.value.auto_minor_version_upgrade, var.defaults.auto_minor_version_upgrade, true) + availability_zone = try(each.value.availability_zone, var.defaults.availability_zone, null) + backup_retention_period = try(each.value.backup_retention_period, var.defaults.backup_retention_period, null) + backup_window = try(each.value.backup_window, var.defaults.backup_window, null) + blue_green_update = try(each.value.blue_green_update, var.defaults.blue_green_update, {}) + ca_cert_identifier = try(each.value.ca_cert_identifier, var.defaults.ca_cert_identifier, null) + character_set_name = try(each.value.character_set_name, var.defaults.character_set_name, null) + cloudwatch_log_group_class = try(each.value.cloudwatch_log_group_class, var.defaults.cloudwatch_log_group_class, null) + cloudwatch_log_group_kms_key_id = try(each.value.cloudwatch_log_group_kms_key_id, var.defaults.cloudwatch_log_group_kms_key_id, null) + cloudwatch_log_group_retention_in_days = try(each.value.cloudwatch_log_group_retention_in_days, var.defaults.cloudwatch_log_group_retention_in_days, 7) + cloudwatch_log_group_skip_destroy = try(each.value.cloudwatch_log_group_skip_destroy, var.defaults.cloudwatch_log_group_skip_destroy, null) + cloudwatch_log_group_tags = try(each.value.cloudwatch_log_group_tags, var.defaults.cloudwatch_log_group_tags, {}) + copy_tags_to_snapshot = try(each.value.copy_tags_to_snapshot, var.defaults.copy_tags_to_snapshot, false) + create = try(each.value.create, var.defaults.create, true) + create_cloudwatch_log_group = try(each.value.create_cloudwatch_log_group, var.defaults.create_cloudwatch_log_group, false) + create_monitoring_role = try(each.value.create_monitoring_role, var.defaults.create_monitoring_role, false) + custom_iam_instance_profile = try(each.value.custom_iam_instance_profile, var.defaults.custom_iam_instance_profile, null) + database_insights_mode = try(each.value.database_insights_mode, var.defaults.database_insights_mode, null) + db_instance_tags = try(each.value.db_instance_tags, var.defaults.db_instance_tags, {}) + db_name = try(each.value.db_name, var.defaults.db_name, null) + db_subnet_group_name = try(each.value.db_subnet_group_name, var.defaults.db_subnet_group_name, null) + dedicated_log_volume = try(each.value.dedicated_log_volume, var.defaults.dedicated_log_volume, false) + delete_automated_backups = try(each.value.delete_automated_backups, var.defaults.delete_automated_backups, true) + deletion_protection = try(each.value.deletion_protection, var.defaults.deletion_protection, false) + domain = try(each.value.domain, var.defaults.domain, null) + domain_auth_secret_arn = try(each.value.domain_auth_secret_arn, var.defaults.domain_auth_secret_arn, null) + domain_dns_ips = try(each.value.domain_dns_ips, var.defaults.domain_dns_ips, null) + domain_fqdn = try(each.value.domain_fqdn, var.defaults.domain_fqdn, null) + domain_iam_role_name = try(each.value.domain_iam_role_name, var.defaults.domain_iam_role_name, null) + domain_ou = try(each.value.domain_ou, var.defaults.domain_ou, null) + enabled_cloudwatch_logs_exports = try(each.value.enabled_cloudwatch_logs_exports, var.defaults.enabled_cloudwatch_logs_exports, []) + engine = try(each.value.engine, var.defaults.engine, null) + engine_lifecycle_support = try(each.value.engine_lifecycle_support, var.defaults.engine_lifecycle_support, null) + engine_version = try(each.value.engine_version, var.defaults.engine_version, null) + final_snapshot_identifier_prefix = try(each.value.final_snapshot_identifier_prefix, var.defaults.final_snapshot_identifier_prefix, "final") + iam_database_authentication_enabled = try(each.value.iam_database_authentication_enabled, var.defaults.iam_database_authentication_enabled, false) + identifier = try(each.value.identifier, var.defaults.identifier) + instance_class = try(each.value.instance_class, var.defaults.instance_class, null) + iops = try(each.value.iops, var.defaults.iops, null) + kms_key_id = try(each.value.kms_key_id, var.defaults.kms_key_id, null) + license_model = try(each.value.license_model, var.defaults.license_model, null) + maintenance_window = try(each.value.maintenance_window, var.defaults.maintenance_window, null) + manage_master_user_password = try(each.value.manage_master_user_password, var.defaults.manage_master_user_password, true) + manage_master_user_password_rotation = try(each.value.manage_master_user_password_rotation, var.defaults.manage_master_user_password_rotation, false) + master_user_password_rotate_immediately = try(each.value.master_user_password_rotate_immediately, var.defaults.master_user_password_rotate_immediately, null) + master_user_password_rotation_automatically_after_days = try(each.value.master_user_password_rotation_automatically_after_days, var.defaults.master_user_password_rotation_automatically_after_days, null) + master_user_password_rotation_duration = try(each.value.master_user_password_rotation_duration, var.defaults.master_user_password_rotation_duration, null) + master_user_password_rotation_schedule_expression = try(each.value.master_user_password_rotation_schedule_expression, var.defaults.master_user_password_rotation_schedule_expression, null) + master_user_secret_kms_key_id = try(each.value.master_user_secret_kms_key_id, var.defaults.master_user_secret_kms_key_id, null) + max_allocated_storage = try(each.value.max_allocated_storage, var.defaults.max_allocated_storage, 0) + monitoring_interval = try(each.value.monitoring_interval, var.defaults.monitoring_interval, 0) + monitoring_role_arn = try(each.value.monitoring_role_arn, var.defaults.monitoring_role_arn, null) + monitoring_role_description = try(each.value.monitoring_role_description, var.defaults.monitoring_role_description, null) + monitoring_role_name = try(each.value.monitoring_role_name, var.defaults.monitoring_role_name, "rds-monitoring-role") + monitoring_role_permissions_boundary = try(each.value.monitoring_role_permissions_boundary, var.defaults.monitoring_role_permissions_boundary, null) + monitoring_role_use_name_prefix = try(each.value.monitoring_role_use_name_prefix, var.defaults.monitoring_role_use_name_prefix, false) + multi_az = try(each.value.multi_az, var.defaults.multi_az, false) + nchar_character_set_name = try(each.value.nchar_character_set_name, var.defaults.nchar_character_set_name, null) + network_type = try(each.value.network_type, var.defaults.network_type, null) + option_group_name = try(each.value.option_group_name, var.defaults.option_group_name, null) + parameter_group_name = try(each.value.parameter_group_name, var.defaults.parameter_group_name, null) + password = try(each.value.password, var.defaults.password, null) + performance_insights_enabled = try(each.value.performance_insights_enabled, var.defaults.performance_insights_enabled, false) + performance_insights_kms_key_id = try(each.value.performance_insights_kms_key_id, var.defaults.performance_insights_kms_key_id, null) + performance_insights_retention_period = try(each.value.performance_insights_retention_period, var.defaults.performance_insights_retention_period, 7) + port = try(each.value.port, var.defaults.port, null) + publicly_accessible = try(each.value.publicly_accessible, var.defaults.publicly_accessible, false) + replica_mode = try(each.value.replica_mode, var.defaults.replica_mode, null) + replicate_source_db = try(each.value.replicate_source_db, var.defaults.replicate_source_db, null) + restore_to_point_in_time = try(each.value.restore_to_point_in_time, var.defaults.restore_to_point_in_time, null) + s3_import = try(each.value.s3_import, var.defaults.s3_import, null) + skip_final_snapshot = try(each.value.skip_final_snapshot, var.defaults.skip_final_snapshot, false) + snapshot_identifier = try(each.value.snapshot_identifier, var.defaults.snapshot_identifier, null) + storage_encrypted = try(each.value.storage_encrypted, var.defaults.storage_encrypted, true) + storage_throughput = try(each.value.storage_throughput, var.defaults.storage_throughput, null) + storage_type = try(each.value.storage_type, var.defaults.storage_type, null) + tags = try(each.value.tags, var.defaults.tags, {}) + timeouts = try(each.value.timeouts, var.defaults.timeouts, {}) + timezone = try(each.value.timezone, var.defaults.timezone, null) + upgrade_storage_config = try(each.value.upgrade_storage_config, var.defaults.upgrade_storage_config, null) + use_identifier_prefix = try(each.value.use_identifier_prefix, var.defaults.use_identifier_prefix, false) + username = try(each.value.username, var.defaults.username, null) + vpc_security_group_ids = try(each.value.vpc_security_group_ids, var.defaults.vpc_security_group_ids, []) +} diff --git a/wrappers/db_instance/outputs.tf b/wrappers/db_instance/outputs.tf new file mode 100644 index 00000000..706a14e5 --- /dev/null +++ b/wrappers/db_instance/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + sensitive = true # At least one sensitive module output (db_instance_username) found (requires Terraform 0.14+) +} diff --git a/wrappers/db_instance/variables.tf b/wrappers/db_instance/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_instance/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_instance/versions.tf b/wrappers/db_instance/versions.tf new file mode 100644 index 00000000..749fc65a --- /dev/null +++ b/wrappers/db_instance/versions.tf @@ -0,0 +1,15 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + + random = { + source = "hashicorp/random" + version = ">= 3.1" + } + } +} diff --git a/wrappers/db_instance_automated_backups_replication/README.md b/wrappers/db_instance_automated_backups_replication/README.md new file mode 100644 index 00000000..f7769a72 --- /dev/null +++ b/wrappers/db_instance_automated_backups_replication/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_instance_automated_backups_replication` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_instance_automated_backups_replication" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_instance_automated_backups_replication?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_instance_automated_backups_replication" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_instance_automated_backups_replication/main.tf b/wrappers/db_instance_automated_backups_replication/main.tf new file mode 100644 index 00000000..1cb0063f --- /dev/null +++ b/wrappers/db_instance_automated_backups_replication/main.tf @@ -0,0 +1,11 @@ +module "wrapper" { + source = "../../modules/db_instance_automated_backups_replication" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + kms_key_arn = try(each.value.kms_key_arn, var.defaults.kms_key_arn, null) + pre_signed_url = try(each.value.pre_signed_url, var.defaults.pre_signed_url, null) + retention_period = try(each.value.retention_period, var.defaults.retention_period, 7) + source_db_instance_arn = try(each.value.source_db_instance_arn, var.defaults.source_db_instance_arn, null) +} diff --git a/wrappers/db_instance_automated_backups_replication/outputs.tf b/wrappers/db_instance_automated_backups_replication/outputs.tf new file mode 100644 index 00000000..ec6da5f4 --- /dev/null +++ b/wrappers/db_instance_automated_backups_replication/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/db_instance_automated_backups_replication/variables.tf b/wrappers/db_instance_automated_backups_replication/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_instance_automated_backups_replication/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_instance_automated_backups_replication/versions.tf b/wrappers/db_instance_automated_backups_replication/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/db_instance_automated_backups_replication/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +} diff --git a/wrappers/db_instance_role_association/README.md b/wrappers/db_instance_role_association/README.md new file mode 100644 index 00000000..3cdfd9a7 --- /dev/null +++ b/wrappers/db_instance_role_association/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_instance_role_association` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_instance_role_association" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_instance_role_association?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_instance_role_association" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_instance_role_association/main.tf b/wrappers/db_instance_role_association/main.tf new file mode 100644 index 00000000..152cdc20 --- /dev/null +++ b/wrappers/db_instance_role_association/main.tf @@ -0,0 +1,10 @@ +module "wrapper" { + source = "../../modules/db_instance_role_association" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + db_instance_identifier = try(each.value.db_instance_identifier, var.defaults.db_instance_identifier, null) + feature_name = try(each.value.feature_name, var.defaults.feature_name, null) + role_arn = try(each.value.role_arn, var.defaults.role_arn, null) +} diff --git a/wrappers/db_instance_role_association/outputs.tf b/wrappers/db_instance_role_association/outputs.tf new file mode 100644 index 00000000..ec6da5f4 --- /dev/null +++ b/wrappers/db_instance_role_association/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/db_instance_role_association/variables.tf b/wrappers/db_instance_role_association/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_instance_role_association/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_instance_role_association/versions.tf b/wrappers/db_instance_role_association/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/db_instance_role_association/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +} diff --git a/wrappers/db_option_group/README.md b/wrappers/db_option_group/README.md new file mode 100644 index 00000000..2132ef56 --- /dev/null +++ b/wrappers/db_option_group/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_option_group` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_option_group" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_option_group?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_option_group" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_option_group/main.tf b/wrappers/db_option_group/main.tf new file mode 100644 index 00000000..76d55fd1 --- /dev/null +++ b/wrappers/db_option_group/main.tf @@ -0,0 +1,16 @@ +module "wrapper" { + source = "../../modules/db_option_group" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + engine_name = try(each.value.engine_name, var.defaults.engine_name, null) + major_engine_version = try(each.value.major_engine_version, var.defaults.major_engine_version, null) + name = try(each.value.name, var.defaults.name, "") + option_group_description = try(each.value.option_group_description, var.defaults.option_group_description, null) + options = try(each.value.options, var.defaults.options, []) + skip_destroy = try(each.value.skip_destroy, var.defaults.skip_destroy, null) + tags = try(each.value.tags, var.defaults.tags, {}) + timeouts = try(each.value.timeouts, var.defaults.timeouts, {}) + use_name_prefix = try(each.value.use_name_prefix, var.defaults.use_name_prefix, true) +} diff --git a/wrappers/db_option_group/outputs.tf b/wrappers/db_option_group/outputs.tf new file mode 100644 index 00000000..ec6da5f4 --- /dev/null +++ b/wrappers/db_option_group/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/db_option_group/variables.tf b/wrappers/db_option_group/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_option_group/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_option_group/versions.tf b/wrappers/db_option_group/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/db_option_group/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +} diff --git a/wrappers/db_parameter_group/README.md b/wrappers/db_parameter_group/README.md new file mode 100644 index 00000000..11d938bd --- /dev/null +++ b/wrappers/db_parameter_group/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_parameter_group` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_parameter_group" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_parameter_group?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_parameter_group" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_parameter_group/main.tf b/wrappers/db_parameter_group/main.tf new file mode 100644 index 00000000..6cff6a09 --- /dev/null +++ b/wrappers/db_parameter_group/main.tf @@ -0,0 +1,14 @@ +module "wrapper" { + source = "../../modules/db_parameter_group" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + description = try(each.value.description, var.defaults.description, null) + family = try(each.value.family, var.defaults.family, null) + name = try(each.value.name, var.defaults.name, "") + parameters = try(each.value.parameters, var.defaults.parameters, []) + skip_destroy = try(each.value.skip_destroy, var.defaults.skip_destroy, null) + tags = try(each.value.tags, var.defaults.tags, {}) + use_name_prefix = try(each.value.use_name_prefix, var.defaults.use_name_prefix, true) +} diff --git a/wrappers/db_parameter_group/outputs.tf b/wrappers/db_parameter_group/outputs.tf new file mode 100644 index 00000000..ec6da5f4 --- /dev/null +++ b/wrappers/db_parameter_group/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/db_parameter_group/variables.tf b/wrappers/db_parameter_group/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_parameter_group/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_parameter_group/versions.tf b/wrappers/db_parameter_group/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/db_parameter_group/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +} diff --git a/wrappers/db_subnet_group/README.md b/wrappers/db_subnet_group/README.md new file mode 100644 index 00000000..2b173e56 --- /dev/null +++ b/wrappers/db_subnet_group/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/db_subnet_group` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/rds/aws//wrappers/db_subnet_group" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-rds.git//wrappers/db_subnet_group?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/rds/aws//wrappers/db_subnet_group" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/db_subnet_group/main.tf b/wrappers/db_subnet_group/main.tf new file mode 100644 index 00000000..5aa843bb --- /dev/null +++ b/wrappers/db_subnet_group/main.tf @@ -0,0 +1,12 @@ +module "wrapper" { + source = "../../modules/db_subnet_group" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + description = try(each.value.description, var.defaults.description, null) + name = try(each.value.name, var.defaults.name, "") + subnet_ids = try(each.value.subnet_ids, var.defaults.subnet_ids, []) + tags = try(each.value.tags, var.defaults.tags, {}) + use_name_prefix = try(each.value.use_name_prefix, var.defaults.use_name_prefix, true) +} diff --git a/wrappers/db_subnet_group/outputs.tf b/wrappers/db_subnet_group/outputs.tf new file mode 100644 index 00000000..ec6da5f4 --- /dev/null +++ b/wrappers/db_subnet_group/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/db_subnet_group/variables.tf b/wrappers/db_subnet_group/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/db_subnet_group/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/db_subnet_group/versions.tf b/wrappers/db_subnet_group/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/db_subnet_group/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +} diff --git a/wrappers/main.tf b/wrappers/main.tf new file mode 100644 index 00000000..c0bb1e2b --- /dev/null +++ b/wrappers/main.tf @@ -0,0 +1,114 @@ +module "wrapper" { + source = "../" + + for_each = var.items + + allocated_storage = try(each.value.allocated_storage, var.defaults.allocated_storage, null) + allow_major_version_upgrade = try(each.value.allow_major_version_upgrade, var.defaults.allow_major_version_upgrade, false) + apply_immediately = try(each.value.apply_immediately, var.defaults.apply_immediately, false) + auto_minor_version_upgrade = try(each.value.auto_minor_version_upgrade, var.defaults.auto_minor_version_upgrade, true) + availability_zone = try(each.value.availability_zone, var.defaults.availability_zone, null) + backup_retention_period = try(each.value.backup_retention_period, var.defaults.backup_retention_period, null) + backup_window = try(each.value.backup_window, var.defaults.backup_window, null) + blue_green_update = try(each.value.blue_green_update, var.defaults.blue_green_update, {}) + ca_cert_identifier = try(each.value.ca_cert_identifier, var.defaults.ca_cert_identifier, null) + character_set_name = try(each.value.character_set_name, var.defaults.character_set_name, null) + cloudwatch_log_group_class = try(each.value.cloudwatch_log_group_class, var.defaults.cloudwatch_log_group_class, null) + cloudwatch_log_group_kms_key_id = try(each.value.cloudwatch_log_group_kms_key_id, var.defaults.cloudwatch_log_group_kms_key_id, null) + cloudwatch_log_group_retention_in_days = try(each.value.cloudwatch_log_group_retention_in_days, var.defaults.cloudwatch_log_group_retention_in_days, 7) + cloudwatch_log_group_skip_destroy = try(each.value.cloudwatch_log_group_skip_destroy, var.defaults.cloudwatch_log_group_skip_destroy, null) + cloudwatch_log_group_tags = try(each.value.cloudwatch_log_group_tags, var.defaults.cloudwatch_log_group_tags, {}) + copy_tags_to_snapshot = try(each.value.copy_tags_to_snapshot, var.defaults.copy_tags_to_snapshot, false) + create_cloudwatch_log_group = try(each.value.create_cloudwatch_log_group, var.defaults.create_cloudwatch_log_group, false) + create_db_instance = try(each.value.create_db_instance, var.defaults.create_db_instance, true) + create_db_option_group = try(each.value.create_db_option_group, var.defaults.create_db_option_group, true) + create_db_parameter_group = try(each.value.create_db_parameter_group, var.defaults.create_db_parameter_group, true) + create_db_subnet_group = try(each.value.create_db_subnet_group, var.defaults.create_db_subnet_group, false) + create_monitoring_role = try(each.value.create_monitoring_role, var.defaults.create_monitoring_role, false) + custom_iam_instance_profile = try(each.value.custom_iam_instance_profile, var.defaults.custom_iam_instance_profile, null) + database_insights_mode = try(each.value.database_insights_mode, var.defaults.database_insights_mode, null) + db_instance_role_associations = try(each.value.db_instance_role_associations, var.defaults.db_instance_role_associations, {}) + db_instance_tags = try(each.value.db_instance_tags, var.defaults.db_instance_tags, {}) + db_name = try(each.value.db_name, var.defaults.db_name, null) + db_option_group_tags = try(each.value.db_option_group_tags, var.defaults.db_option_group_tags, {}) + db_parameter_group_tags = try(each.value.db_parameter_group_tags, var.defaults.db_parameter_group_tags, {}) + db_subnet_group_description = try(each.value.db_subnet_group_description, var.defaults.db_subnet_group_description, null) + db_subnet_group_name = try(each.value.db_subnet_group_name, var.defaults.db_subnet_group_name, null) + db_subnet_group_tags = try(each.value.db_subnet_group_tags, var.defaults.db_subnet_group_tags, {}) + db_subnet_group_use_name_prefix = try(each.value.db_subnet_group_use_name_prefix, var.defaults.db_subnet_group_use_name_prefix, true) + dedicated_log_volume = try(each.value.dedicated_log_volume, var.defaults.dedicated_log_volume, false) + delete_automated_backups = try(each.value.delete_automated_backups, var.defaults.delete_automated_backups, true) + deletion_protection = try(each.value.deletion_protection, var.defaults.deletion_protection, false) + domain = try(each.value.domain, var.defaults.domain, null) + domain_auth_secret_arn = try(each.value.domain_auth_secret_arn, var.defaults.domain_auth_secret_arn, null) + domain_dns_ips = try(each.value.domain_dns_ips, var.defaults.domain_dns_ips, null) + domain_fqdn = try(each.value.domain_fqdn, var.defaults.domain_fqdn, null) + domain_iam_role_name = try(each.value.domain_iam_role_name, var.defaults.domain_iam_role_name, null) + domain_ou = try(each.value.domain_ou, var.defaults.domain_ou, null) + enabled_cloudwatch_logs_exports = try(each.value.enabled_cloudwatch_logs_exports, var.defaults.enabled_cloudwatch_logs_exports, []) + engine = try(each.value.engine, var.defaults.engine, null) + engine_lifecycle_support = try(each.value.engine_lifecycle_support, var.defaults.engine_lifecycle_support, null) + engine_version = try(each.value.engine_version, var.defaults.engine_version, null) + family = try(each.value.family, var.defaults.family, null) + final_snapshot_identifier_prefix = try(each.value.final_snapshot_identifier_prefix, var.defaults.final_snapshot_identifier_prefix, "final") + iam_database_authentication_enabled = try(each.value.iam_database_authentication_enabled, var.defaults.iam_database_authentication_enabled, false) + identifier = try(each.value.identifier, var.defaults.identifier) + instance_class = try(each.value.instance_class, var.defaults.instance_class, null) + instance_use_identifier_prefix = try(each.value.instance_use_identifier_prefix, var.defaults.instance_use_identifier_prefix, false) + iops = try(each.value.iops, var.defaults.iops, null) + kms_key_id = try(each.value.kms_key_id, var.defaults.kms_key_id, null) + license_model = try(each.value.license_model, var.defaults.license_model, null) + maintenance_window = try(each.value.maintenance_window, var.defaults.maintenance_window, null) + major_engine_version = try(each.value.major_engine_version, var.defaults.major_engine_version, null) + manage_master_user_password = try(each.value.manage_master_user_password, var.defaults.manage_master_user_password, true) + manage_master_user_password_rotation = try(each.value.manage_master_user_password_rotation, var.defaults.manage_master_user_password_rotation, false) + master_user_password_rotate_immediately = try(each.value.master_user_password_rotate_immediately, var.defaults.master_user_password_rotate_immediately, null) + master_user_password_rotation_automatically_after_days = try(each.value.master_user_password_rotation_automatically_after_days, var.defaults.master_user_password_rotation_automatically_after_days, null) + master_user_password_rotation_duration = try(each.value.master_user_password_rotation_duration, var.defaults.master_user_password_rotation_duration, null) + master_user_password_rotation_schedule_expression = try(each.value.master_user_password_rotation_schedule_expression, var.defaults.master_user_password_rotation_schedule_expression, null) + master_user_secret_kms_key_id = try(each.value.master_user_secret_kms_key_id, var.defaults.master_user_secret_kms_key_id, null) + max_allocated_storage = try(each.value.max_allocated_storage, var.defaults.max_allocated_storage, 0) + monitoring_interval = try(each.value.monitoring_interval, var.defaults.monitoring_interval, 0) + monitoring_role_arn = try(each.value.monitoring_role_arn, var.defaults.monitoring_role_arn, null) + monitoring_role_description = try(each.value.monitoring_role_description, var.defaults.monitoring_role_description, null) + monitoring_role_name = try(each.value.monitoring_role_name, var.defaults.monitoring_role_name, "rds-monitoring-role") + monitoring_role_permissions_boundary = try(each.value.monitoring_role_permissions_boundary, var.defaults.monitoring_role_permissions_boundary, null) + monitoring_role_use_name_prefix = try(each.value.monitoring_role_use_name_prefix, var.defaults.monitoring_role_use_name_prefix, false) + multi_az = try(each.value.multi_az, var.defaults.multi_az, false) + nchar_character_set_name = try(each.value.nchar_character_set_name, var.defaults.nchar_character_set_name, null) + network_type = try(each.value.network_type, var.defaults.network_type, null) + option_group_description = try(each.value.option_group_description, var.defaults.option_group_description, null) + option_group_name = try(each.value.option_group_name, var.defaults.option_group_name, null) + option_group_skip_destroy = try(each.value.option_group_skip_destroy, var.defaults.option_group_skip_destroy, null) + option_group_timeouts = try(each.value.option_group_timeouts, var.defaults.option_group_timeouts, {}) + option_group_use_name_prefix = try(each.value.option_group_use_name_prefix, var.defaults.option_group_use_name_prefix, true) + options = try(each.value.options, var.defaults.options, []) + parameter_group_description = try(each.value.parameter_group_description, var.defaults.parameter_group_description, null) + parameter_group_name = try(each.value.parameter_group_name, var.defaults.parameter_group_name, null) + parameter_group_skip_destroy = try(each.value.parameter_group_skip_destroy, var.defaults.parameter_group_skip_destroy, null) + parameter_group_use_name_prefix = try(each.value.parameter_group_use_name_prefix, var.defaults.parameter_group_use_name_prefix, true) + parameters = try(each.value.parameters, var.defaults.parameters, []) + password = try(each.value.password, var.defaults.password, null) + performance_insights_enabled = try(each.value.performance_insights_enabled, var.defaults.performance_insights_enabled, false) + performance_insights_kms_key_id = try(each.value.performance_insights_kms_key_id, var.defaults.performance_insights_kms_key_id, null) + performance_insights_retention_period = try(each.value.performance_insights_retention_period, var.defaults.performance_insights_retention_period, 7) + port = try(each.value.port, var.defaults.port, null) + publicly_accessible = try(each.value.publicly_accessible, var.defaults.publicly_accessible, false) + putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true) + replica_mode = try(each.value.replica_mode, var.defaults.replica_mode, null) + replicate_source_db = try(each.value.replicate_source_db, var.defaults.replicate_source_db, null) + restore_to_point_in_time = try(each.value.restore_to_point_in_time, var.defaults.restore_to_point_in_time, null) + s3_import = try(each.value.s3_import, var.defaults.s3_import, null) + skip_final_snapshot = try(each.value.skip_final_snapshot, var.defaults.skip_final_snapshot, false) + snapshot_identifier = try(each.value.snapshot_identifier, var.defaults.snapshot_identifier, null) + storage_encrypted = try(each.value.storage_encrypted, var.defaults.storage_encrypted, true) + storage_throughput = try(each.value.storage_throughput, var.defaults.storage_throughput, null) + storage_type = try(each.value.storage_type, var.defaults.storage_type, null) + subnet_ids = try(each.value.subnet_ids, var.defaults.subnet_ids, []) + tags = try(each.value.tags, var.defaults.tags, {}) + timeouts = try(each.value.timeouts, var.defaults.timeouts, {}) + timezone = try(each.value.timezone, var.defaults.timezone, null) + upgrade_storage_config = try(each.value.upgrade_storage_config, var.defaults.upgrade_storage_config, null) + username = try(each.value.username, var.defaults.username, null) + vpc_security_group_ids = try(each.value.vpc_security_group_ids, var.defaults.vpc_security_group_ids, []) +} diff --git a/wrappers/outputs.tf b/wrappers/outputs.tf new file mode 100644 index 00000000..706a14e5 --- /dev/null +++ b/wrappers/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + sensitive = true # At least one sensitive module output (db_instance_username) found (requires Terraform 0.14+) +} diff --git a/wrappers/variables.tf b/wrappers/variables.tf new file mode 100644 index 00000000..a6ea0962 --- /dev/null +++ b/wrappers/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/versions.tf b/wrappers/versions.tf new file mode 100644 index 00000000..66da6fb6 --- /dev/null +++ b/wrappers/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.92" + } + } +}