From 5b0bb22f4a782dadf661eb6efdae934f18527649 Mon Sep 17 00:00:00 2001 From: Venkata Para Date: Tue, 29 Oct 2024 11:02:08 +0000 Subject: [PATCH] adding terraform-docs --- modules/aws/networking/alb/README.md | 12 +++ modules/aws/networking/alb/terraform-docs.yml | 3 +- .../networking/central-ingress-alb/main.tf | 65 ------------- .../networking/central-ingress-alb/outputs.tf | 10 -- .../aws/networking/central-ingress-alb/sg.tf | 29 ------ .../central-ingress-alb/variables.tf | 95 ------------------ .../networking/central-ingress-nlb/main.tf | 80 ---------------- .../networking/central-ingress-nlb/outputs.tf | 22 ----- .../aws/networking/central-ingress-nlb/sg.tf | 31 ------ .../central-ingress-nlb/variables.tf | 96 ------------------- 10 files changed, 13 insertions(+), 430 deletions(-) create mode 100644 modules/aws/networking/alb/README.md delete mode 100644 modules/aws/networking/central-ingress-alb/main.tf delete mode 100644 modules/aws/networking/central-ingress-alb/outputs.tf delete mode 100644 modules/aws/networking/central-ingress-alb/sg.tf delete mode 100644 modules/aws/networking/central-ingress-alb/variables.tf delete mode 100644 modules/aws/networking/central-ingress-nlb/main.tf delete mode 100644 modules/aws/networking/central-ingress-nlb/outputs.tf delete mode 100644 modules/aws/networking/central-ingress-nlb/sg.tf delete mode 100644 modules/aws/networking/central-ingress-nlb/variables.tf diff --git a/modules/aws/networking/alb/README.md b/modules/aws/networking/alb/README.md new file mode 100644 index 0000000..88aed76 --- /dev/null +++ b/modules/aws/networking/alb/README.md @@ -0,0 +1,12 @@ + +header: | + # My Terraform Module + + This module provisions resources for ... + _(Brief description of the module's purpose)_ + +footer: | + ## Contributing + + Contributions are welcome! Please create a pull request or open an issue for suggestions and improvements. + \ No newline at end of file diff --git a/modules/aws/networking/alb/terraform-docs.yml b/modules/aws/networking/alb/terraform-docs.yml index 317ec2e..d3053f5 100644 --- a/modules/aws/networking/alb/terraform-docs.yml +++ b/modules/aws/networking/alb/terraform-docs.yml @@ -6,7 +6,7 @@ output: file: README.md mode: inject -content: +content: | header: | # My Terraform Module @@ -44,7 +44,6 @@ settings: - footer templates: - # Customize formatting for specific sections inputs: | ## Inputs diff --git a/modules/aws/networking/central-ingress-alb/main.tf b/modules/aws/networking/central-ingress-alb/main.tf deleted file mode 100644 index 0d475cd..0000000 --- a/modules/aws/networking/central-ingress-alb/main.tf +++ /dev/null @@ -1,65 +0,0 @@ -resource "aws_lb" "lb" { - name = var.name - internal = var.load_balancer_internal - load_balancer_type = var.load_balancer_type - subnets = var.subnets - security_groups = [aws_security_group.sg.id] - enable_cross_zone_load_balancing = true - enable_deletion_protection = true - enable_http2 = false - -# access_logs { -# bucket = var.access_logs_bucket -# enabled = true -# } - - tags = { - Name = var.name - } -} - -resource "aws_lb_listener" "https" { - load_balancer_arn = aws_lb.lb.arn - port = 443 - protocol = "HTTPS" - - ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01" - certificate_arn = var.certificate_arn - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.lb_target_group.arn - } -} - -resource "aws_lb_target_group" "lb_target_group" { - name = "${var.prefix}-tg" # name can't be longer than 32 chars - port = var.tg_port - protocol = var.tg_protocol - vpc_id = var.vpc_id - target_type = var.target_type - - health_check { - protocol = "HTTPS" - healthy_threshold = 3 - unhealthy_threshold = 3 - timeout = 10 - interval = 30 - } - - tags = { - Name = var.name - } -} - - -# Target Group Attachment for IP targets -resource "aws_lb_target_group_attachment" "lb_target_group_attachment" { - for_each = var.target_type == "ip" ? var.nlb_ips : {} - - target_group_arn = aws_lb_target_group.lb_target_group.arn - target_id = each.key # each.key is the IP address - port = var.tg_port - availability_zone = each.value # each.value is the availability zone -} - diff --git a/modules/aws/networking/central-ingress-alb/outputs.tf b/modules/aws/networking/central-ingress-alb/outputs.tf deleted file mode 100644 index 3b5b2c1..0000000 --- a/modules/aws/networking/central-ingress-alb/outputs.tf +++ /dev/null @@ -1,10 +0,0 @@ -# Outputs - -output "alb_dns_name" { - description = "The DNS name of the LB" - value = aws_lb.lb.dns_name -} - -output "alb_security_group_id" { - value = aws_security_group.sg.id -} \ No newline at end of file diff --git a/modules/aws/networking/central-ingress-alb/sg.tf b/modules/aws/networking/central-ingress-alb/sg.tf deleted file mode 100644 index e55e958..0000000 --- a/modules/aws/networking/central-ingress-alb/sg.tf +++ /dev/null @@ -1,29 +0,0 @@ -resource "aws_security_group" "sg" { - name = "${var.name}-sg" - description = "SG for ${var.name}" - vpc_id = var.vpc_id - - # Ingress rules - dynamic "ingress" { - for_each = var.ingress_rules - content { - from_port = ingress.value.from_port - to_port = ingress.value.to_port - protocol = ingress.value.protocol - cidr_blocks = ingress.value.cidr_blocks - description = ingress.value.description - } - } - - # Egress rules - dynamic "egress" { - for_each = var.egress_rules - content { - from_port = egress.value.from_port - to_port = egress.value.to_port - protocol = egress.value.protocol - cidr_blocks = egress.value.cidr_blocks - description = egress.value.description - } - } -} \ No newline at end of file diff --git a/modules/aws/networking/central-ingress-alb/variables.tf b/modules/aws/networking/central-ingress-alb/variables.tf deleted file mode 100644 index a207176..0000000 --- a/modules/aws/networking/central-ingress-alb/variables.tf +++ /dev/null @@ -1,95 +0,0 @@ -# Load Balancer related - -variable "vpc_id" { - type = string - description = "VPC ID where NLB will be deployed" -} - -variable "subnets" { - type = list(string) - description = "Subnets where NLB will be deployed" -} - -variable "certificate_arn" { - type = string - description = "ARN of the SSL certificate for HTTPS listener" -} - -variable "target_type" { - type = string - description = "Allowed values: ip or instance or alb" -} - -variable "tg_port" { - type = string - description = "target group port" -} - -variable "tg_protocol" { - type = string - description = "target group protocol" -} - -variable "access_logs_bucket" { - type = string - description = "S3 bucket for NLB access logs" -} - -variable "enable_deletion_protection" { - type = string - description = "enable_deletion_protection true or false" -} - -variable "load_balancer_type" { - type = string - description = "load_balancer_type - network or application" -} - -variable "load_balancer_internal" { - type = string - description = "load_balancer_internal - true or false" -} - -variable "name" { - type = string - description = "Name of the resource/component" -} - -variable "prefix" { - type = string - description = "prefix for the resource/component" -} - -variable "nlb_ips" { - description = "Map of IP addresses to availability zones for target group attachment" - type = map(string) - # Example: - # nlb_ips = { - # "10.0.1.10" = "eu-west-2a", - # "10.0.2.10" = "eu-west-2b" - # } -} - -# SG related - -variable "ingress_rules" { - description = "A list of ingress rules" - type = list(object({ - from_port = number - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - })) -} - -variable "egress_rules" { - description = "A list of egress rules" - type = list(object({ - from_port = number - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - })) -} diff --git a/modules/aws/networking/central-ingress-nlb/main.tf b/modules/aws/networking/central-ingress-nlb/main.tf deleted file mode 100644 index 166bb3b..0000000 --- a/modules/aws/networking/central-ingress-nlb/main.tf +++ /dev/null @@ -1,80 +0,0 @@ -resource "aws_lb" "lb" { - name = var.name - internal = var.load_balancer_internal - load_balancer_type = var.load_balancer_type - subnets = var.subnets - security_groups = [aws_security_group.sg.id] - enable_cross_zone_load_balancing = true - enable_deletion_protection = true - enable_http2 = false - -# access_logs { -# bucket = var.access_logs_bucket -# enabled = true -# } - - tags = { - Name = var.name - } -} - -resource "aws_lb_listener" "https" { - load_balancer_arn = aws_lb.lb.arn - port = 443 - protocol = "TLS" - - ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01" - certificate_arn = var.certificate_arn - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.lb_target_group.arn - } -} - -resource "aws_lb_target_group" "lb_target_group" { - name = "${var.prefix}-tg" # name can't be longer than 32 chars - port = var.tg_port # "80" - protocol = var.tg_protocol # "TCP" - vpc_id = var.vpc_id - target_type = var.target_type - - health_check { - protocol = "HTTP" - healthy_threshold = 3 - unhealthy_threshold = 3 - timeout = 10 - interval = 30 - } - - tags = { - Name = var.name - } -} - - -# Create target group attachments for instance targets -resource "aws_lb_target_group_attachment" "instance_target_group_attachment" { - for_each = var.target_type == "instance" ? var.instance_targets : {} - - target_group_arn = aws_lb_target_group.lb_target_group.arn - target_id = each.key # each.key is the instance ID - port = 80 -} - - -# Data source to fetch the network interfaces for the NLB -data "aws_network_interfaces" "lb_enis" { - depends_on = [aws_lb.lb] - filter { - name = "description" - values = ["ELB ${aws_lb.lb.arn_suffix}"] - } -} -# Fetch the details of each network interface using its ID -data "aws_network_interface" "lb_interface" { - for_each = toset(data.aws_network_interfaces.lb_enis.ids) - - id = each.value -} - diff --git a/modules/aws/networking/central-ingress-nlb/outputs.tf b/modules/aws/networking/central-ingress-nlb/outputs.tf deleted file mode 100644 index ec773ed..0000000 --- a/modules/aws/networking/central-ingress-nlb/outputs.tf +++ /dev/null @@ -1,22 +0,0 @@ -# Outputs - -output "nlb_dns_name" { - description = "The DNS name of the NLB" - value = aws_lb.lb.dns_name -} - -# Output the private IP addresses of NLB ENIs - -# output "nlb_private_ips_and_azs" { -# value = [ -# for eni in data.aws_network_interface.lb_interface : -# { -# private_ip = eni.private_ip, -# availability_zone = eni.availability_zone -# } -# ] -# } - -output "nlb_security_group_id" { - value = aws_security_group.sg.id -} \ No newline at end of file diff --git a/modules/aws/networking/central-ingress-nlb/sg.tf b/modules/aws/networking/central-ingress-nlb/sg.tf deleted file mode 100644 index f401b86..0000000 --- a/modules/aws/networking/central-ingress-nlb/sg.tf +++ /dev/null @@ -1,31 +0,0 @@ -resource "aws_security_group" "sg" { - name = "${var.name}-sg" - description = "SG for ${var.name}" - vpc_id = var.vpc_id - - # Ingress rules - dynamic "ingress" { - for_each = var.ingress_rules - content { - from_port = ingress.value.from_port - to_port = ingress.value.to_port - protocol = ingress.value.protocol - cidr_blocks = ingress.value.cidr_blocks - description = ingress.value.description - } - } - - # Egress rules - dynamic "egress" { - for_each = var.egress_rules - content { - from_port = egress.value.from_port - to_port = egress.value.to_port - protocol = egress.value.protocol - cidr_blocks = egress.value.cidr_blocks - description = egress.value.description - } - } -} - - diff --git a/modules/aws/networking/central-ingress-nlb/variables.tf b/modules/aws/networking/central-ingress-nlb/variables.tf deleted file mode 100644 index 367a243..0000000 --- a/modules/aws/networking/central-ingress-nlb/variables.tf +++ /dev/null @@ -1,96 +0,0 @@ -# Load Balancer related - -variable "vpc_id" { - type = string - description = "VPC ID where NLB will be deployed" -} - -variable "subnets" { - type = list(string) - description = "Subnets where NLB will be deployed" -} - -variable "certificate_arn" { - type = string - description = "ARN of the SSL certificate for HTTPS listener" -} - -variable "target_type" { - type = string - description = "Allowed values: ip or instance or alb" -} - -variable "tg_port" { - type = string - description = "target group port" -} - -variable "tg_protocol" { - type = string - description = "target group protocol" -} - -variable "access_logs_bucket" { - type = string - description = "S3 bucket for NLB access logs" -} - -variable "enable_deletion_protection" { - type = string - description = "enable_deletion_protection true or false" -} - -variable "load_balancer_type" { - type = string - description = "load_balancer_type - network or application" -} - -variable "load_balancer_internal" { - type = string - description = "load_balancer_internal - true or false" -} - -variable "name" { - type = string - description = "Name of the resource/component" -} - -variable "prefix" { - type = string - description = "prefix for the resource/component" -} - -variable "instance_targets" { - description = "Map of instance IDs to availability zones for target group attachment" - type = map(string) - # Example: - # instance_targets = { - # "i-0123456789abcdef0" = "eu-west-2a", - # "i-0123456789abcdef1" = "eu-west-2b", - # "i-0123456789abcdef2" = "eu-west-2c" - # } -} - -# SG related - -variable "ingress_rules" { - description = "A list of ingress rules" - type = list(object({ - from_port = number - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - })) -} - -variable "egress_rules" { - description = "A list of egress rules" - type = list(object({ - from_port = number - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - })) -}