CCL-1128/documentation for terraform modules in the path modules/aws/…

…networking (#195) * Adding terraform-docs README.d files * updating terraform-docs README.md files * cleanup of terraform-docs files
UKHomeOffice · Nov 15, 2024 · 6632b39 · 6632b39
1 parent 3fd0789
commit 6632b39
Show file tree

Hide file tree

Showing 12 changed files with 473 additions and 0 deletions.
diff --git a/modules/aws/networking/acp-peering-attachment/README.md b/modules/aws/networking/acp-peering-attachment/README.md
@@ -0,0 +1,37 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform Module for - acp-peering-attachment
+# Example terragrunt.hcl - inputs
+```hcl
+inputs = {
+  acp_account_id = "aws-account-id"
+  acp_region = "eu-west-2"
+  acp_tgw_id = "tgw-id"
+  cc_hub_tgw_id = dependency.hub_tgw.outputs.ec2_transit_gateway_id
+}
+```
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+## Requirements
+
+No requirements.
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ec2_transit_gateway_peering_attachment.peering](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_peering_attachment) | resource |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_acp_account_id"></a> [acp\_account\_id](#input\_acp\_account\_id) | n/a | `string` | `""` | no |
+| <a name="input_acp_region"></a> [acp\_region](#input\_acp\_region) | n/a | `string` | `"eu-west-2"` | no |
+| <a name="input_acp_tgw_id"></a> [acp\_tgw\_id](#input\_acp\_tgw\_id) | n/a | `string` | `""` | no |
+| <a name="input_cc_hub_tgw_id"></a> [cc\_hub\_tgw\_id](#input\_cc\_hub\_tgw\_id) | n/a | `string` | `""` | no |
+## Outputs
+
+No outputs.
+
+<!-- END_TF_DOCS -->
diff --git a/modules/aws/networking/acp-peering-attachment/terraform-docs.yml b/modules/aws/networking/acp-peering-attachment/terraform-docs.yml
@@ -0,0 +1,32 @@
+formatter: markdown
+
+output:
+  file: README.md
+  mode: inject
+
+content: |
+  # Terraform Module for - acp-peering-attachment
+  # Example terragrunt.hcl - inputs
+  ```hcl
+  inputs = {
+    acp_account_id = "aws-account-id"
+    acp_region = "eu-west-2"
+    acp_tgw_id = "tgw-id"
+    cc_hub_tgw_id = dependency.hub_tgw.outputs.ec2_transit_gateway_id
+  }
+  ```
+  {{ .Providers }}
+  {{ .Requirements }}
+  {{ .Resources }}
+  {{ .Inputs }}
+  {{ .Outputs }}
+  {{ .Footer }}
+settings:
+  sections:
+    - header
+    - providers
+    - requirements
+    - resources
+    - inputs
+    - outputs
+    - footer
diff --git a/modules/aws/networking/ctn-connect-attachment/README.md b/modules/aws/networking/ctn-connect-attachment/README.md
@@ -0,0 +1,42 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform Module for - ctn-connect-attachment
+# Example terragrunt.hcl - inputs
+```hcl
+inputs = {
+ctn_transit_gateway_attachment_id = "tgw-attach-id-example"
+cc_hub_tgw_id                     = dependency.hub_tgw.outputs.ec2_transit_gateway_id
+cc_transit_gateway_attachment_id = "cc-tgw-attach-id-example"
+cc_destination_cidr_block = "10.251.0.0/16"
+cc_transit_gateway_route_table_id = "tgw-rtb-id-example"
+}
+```
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+## Requirements
+
+No requirements.
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ec2_transit_gateway_connect.connect](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_connect) | resource |
+| [aws_ec2_transit_gateway_connect_peer.w2-tx01](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_connect_peer) | resource |
+| [aws_ec2_transit_gateway_route.blackhole-route-table-entry](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route) | resource |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cc_destination_cidr_block"></a> [cc\_destination\_cidr\_block](#input\_cc\_destination\_cidr\_block) | n/a | `string` | `""` | no |
+| <a name="input_cc_hub_tgw_id"></a> [cc\_hub\_tgw\_id](#input\_cc\_hub\_tgw\_id) | n/a | `string` | `""` | no |
+| <a name="input_cc_transit_gateway_attachment_id"></a> [cc\_transit\_gateway\_attachment\_id](#input\_cc\_transit\_gateway\_attachment\_id) | n/a | `string` | `""` | no |
+| <a name="input_cc_transit_gateway_route_table_id"></a> [cc\_transit\_gateway\_route\_table\_id](#input\_cc\_transit\_gateway\_route\_table\_id) | n/a | `string` | `""` | no |
+| <a name="input_ctn_transit_gateway_attachment_id"></a> [ctn\_transit\_gateway\_attachment\_id](#input\_ctn\_transit\_gateway\_attachment\_id) | n/a | `string` | `""` | no |
+| <a name="input_tgw_connect"></a> [tgw\_connect](#input\_tgw\_connect) | n/a | `map` | <pre>{<br/>  "ctn_bgp_asn": "65086",<br/>  "gateway_cidr": "10.238.159.0/24",<br/>  "gre_cidr": "169.254.140.0/28",<br/>  "outside_ctn": [<br/>    "10.238.0.34",<br/>    "10.238.0.94"<br/>  ]<br/>}</pre> | no |
+## Outputs
+
+No outputs.
+
+<!-- END_TF_DOCS -->
diff --git a/modules/aws/networking/ctn-connect-attachment/terraform-docs.yml b/modules/aws/networking/ctn-connect-attachment/terraform-docs.yml
@@ -0,0 +1,33 @@
+formatter: markdown
+
+output:
+  file: README.md
+  mode: inject
+
+content: |
+  # Terraform Module for - ctn-connect-attachment
+  # Example terragrunt.hcl - inputs
+  ```hcl
+  inputs = {
+  ctn_transit_gateway_attachment_id = "tgw-attach-id-example"
+  cc_hub_tgw_id                     = dependency.hub_tgw.outputs.ec2_transit_gateway_id
+  cc_transit_gateway_attachment_id = "cc-tgw-attach-id-example"
+  cc_destination_cidr_block = "10.251.0.0/16"
+  cc_transit_gateway_route_table_id = "tgw-rtb-id-example"
+  }
+  ```
+  {{ .Providers }}
+  {{ .Requirements }}
+  {{ .Resources }}
+  {{ .Inputs }}
+  {{ .Outputs }}
+  {{ .Footer }}
+settings:
+  sections:
+    - header
+    - providers
+    - requirements
+    - resources
+    - inputs
+    - outputs
+    - footer
diff --git a/modules/aws/networking/eip/README.md b/modules/aws/networking/eip/README.md
@@ -0,0 +1,39 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform Module for - eip
+# Example terragrunt.hcl inputs 
+```hcl
+inputs = {
+  name        = "cc-networking-tenant-canary-dev"
+  description = "An EIP and its assocaition to transfer family vpc endpoint"
+  aws_region  = local.aws_region
+  tags = {
+    Name = "cc-networking-${get_env("env_name", "")}"
+  }
+}
+```
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+## Requirements
+
+No requirements.
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_eip.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to the resources. | `map(string)` | `{}` | no |
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_eip_address"></a> [eip\_address](#output\_eip\_address) | n/a |
+| <a name="output_eip_id"></a> [eip\_id](#output\_eip\_id) | outputs |
+
+<!-- END_TF_DOCS -->
diff --git a/modules/aws/networking/eip/terraform-docs.yml b/modules/aws/networking/eip/terraform-docs.yml
@@ -0,0 +1,34 @@
+formatter: markdown
+
+output:
+  file: README.md
+  mode: inject
+
+content: |
+  # Terraform Module for - eip
+  # Example terragrunt.hcl inputs 
+  ```hcl
+  inputs = {
+    name        = "cc-networking-tenant-canary-dev"
+    description = "An EIP and its assocaition to transfer family vpc endpoint"
+    aws_region  = local.aws_region
+    tags = {
+      Name = "cc-networking-${get_env("env_name", "")}"
+    }
+  }
+  ```
+  {{ .Providers }}
+  {{ .Requirements }}
+  {{ .Resources }}
+  {{ .Inputs }}
+  {{ .Outputs }}
+  {{ .Footer }}
+settings:
+  sections:
+    - header
+    - providers
+    - requirements
+    - resources
+    - inputs
+    - outputs
+    - footer
diff --git a/modules/aws/networking/network-firewall-rules-egress/README.md b/modules/aws/networking/network-firewall-rules-egress/README.md
@@ -0,0 +1,55 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform Module for - network-firewall-rules-egress
+# Example terragrunt.hcl inputs 
+```hcl
+inputs = {
+  name        = "cc-egress-notprod-nfw-base-rules"
+  description = "cc-egress-notprod-nfw-base-rules"
+  account_id  = "example-aws-account-id"
+  vpc_id      = "vpc-example-id"
+  network_firewall_name = "cc-egress-notprod-nfw"
+  network_firewall_policy_name = "cc-egress-notprod-nfw-policy"
+  cidr_input  = "172.16.0.0/16"    
+  whitelisted_domains = file("./whitelisted-domains.txt")  
+  aws_managed_rule_groups = file("./aws_managed_rule_groups.txt")      
+  aws_region    = local.aws_region
+  tags = {
+    Name = "cc-networking-${get_env("env_name", "")}"
+  }
+}
+```
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+## Requirements
+
+No requirements.
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_networkfirewall_firewall.existing_firewall](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall) | resource |
+| [aws_networkfirewall_firewall_policy.policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall_policy) | resource |
+| [aws_networkfirewall_rule_group.allow_domains_for_nonprod_01](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_rule_group) | resource |
+| [aws_networkfirewall_firewall.existing_firewall](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/networkfirewall_firewall) | data source |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_account_id"></a> [account\_id](#input\_account\_id) | Network Firewall Account-id | `string` | n/a | yes |
+| <a name="input_aws_managed_rule_groups"></a> [aws\_managed\_rule\_groups](#input\_aws\_managed\_rule\_groups) | Network Firewall - A list of AWS maanged stateful rule group arns | `string` | n/a | yes |
+| <a name="input_cidr_input"></a> [cidr\_input](#input\_cidr\_input) | CIDR range | `string` | n/a | yes |
+| <a name="input_network_firewall_name"></a> [network\_firewall\_name](#input\_network\_firewall\_name) | Network Firewall name to be supplied | `string` | n/a | yes |
+| <a name="input_network_firewall_policy_name"></a> [network\_firewall\_policy\_name](#input\_network\_firewall\_policy\_name) | Network Firewall Policy name to be supplied | `string` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to the resources. | `map(string)` | `{}` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC assocaited with Network Firewall | `string` | n/a | yes |
+| <a name="input_whitelisted_domains"></a> [whitelisted\_domains](#input\_whitelisted\_domains) | Network Firewall - whitelisted domains file | `string` | n/a | yes |
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_firewall_policy"></a> [firewall\_policy](#output\_firewall\_policy) | n/a |
+
+<!-- END_TF_DOCS -->
diff --git a/modules/aws/networking/network-firewall-rules-egress/terraform-docs.yml b/modules/aws/networking/network-firewall-rules-egress/terraform-docs.yml
@@ -0,0 +1,41 @@
+formatter: markdown
+
+output:
+  file: README.md
+  mode: inject
+
+content: |
+  # Terraform Module for - network-firewall-rules-egress
+  # Example terragrunt.hcl inputs 
+  ```hcl
+  inputs = {
+    name        = "cc-egress-notprod-nfw-base-rules"
+    description = "cc-egress-notprod-nfw-base-rules"
+    account_id  = "example-aws-account-id"
+    vpc_id      = "vpc-example-id"
+    network_firewall_name = "cc-egress-notprod-nfw"
+    network_firewall_policy_name = "cc-egress-notprod-nfw-policy"
+    cidr_input  = "172.16.0.0/16"    
+    whitelisted_domains = file("./whitelisted-domains.txt")  
+    aws_managed_rule_groups = file("./aws_managed_rule_groups.txt")      
+    aws_region    = local.aws_region
+    tags = {
+      Name = "cc-networking-${get_env("env_name", "")}"
+    }
+  }
+  ```
+  {{ .Providers }}
+  {{ .Requirements }}
+  {{ .Resources }}
+  {{ .Inputs }}
+  {{ .Outputs }}
+  {{ .Footer }}
+settings:
+  sections:
+    - header
+    - providers
+    - requirements
+    - resources
+    - inputs
+    - outputs
+    - footer
diff --git a/modules/aws/networking/network-firewall-rules-inspection/README.md b/modules/aws/networking/network-firewall-rules-inspection/README.md
@@ -0,0 +1,53 @@
+<!-- BEGIN_TF_DOCS -->
+# Terraform Module for - network-firewall-rules-inspection
+# Example terragrunt.hcl inputs 
+```hcl
+inputs = {
+  name        = "cc-inspection-notprod-nfw-base-rules"
+  description = "cc-inspection-notprod-nfw-base-rules"
+  account_id  = "example-aws-account-id"
+  vpc_id      = "vpc-example-id"
+  network_firewall_name = "cc-inspection-notprod-nfw"
+  network_firewall_policy_name = "cc-inspection-notprod-nfw-policy"
+  rules_file = file("./rules.txt") 
+  aws_managed_rule_groups = file("./aws_managed_rule_groups.txt")
+  aws_region    = local.aws_region
+  tags = {
+    Name = "cc-networking-${get_env("env_name", "")}"
+  }
+}
+```
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+## Requirements
+
+No requirements.
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_networkfirewall_firewall.existing_firewall](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall) | resource |
+| [aws_networkfirewall_firewall_policy.policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall_policy) | resource |
+| [aws_networkfirewall_rule_group.main_rules](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_rule_group) | resource |
+| [aws_networkfirewall_firewall.existing_firewall](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/networkfirewall_firewall) | data source |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_account_id"></a> [account\_id](#input\_account\_id) | Network Firewall Account-id | `string` | n/a | yes |
+| <a name="input_aws_managed_rule_groups"></a> [aws\_managed\_rule\_groups](#input\_aws\_managed\_rule\_groups) | Network Firewall - A list of AWS maanged stateful rule group arns | `string` | n/a | yes |
+| <a name="input_network_firewall_name"></a> [network\_firewall\_name](#input\_network\_firewall\_name) | Network Firewall name to be supplied | `string` | n/a | yes |
+| <a name="input_network_firewall_policy_name"></a> [network\_firewall\_policy\_name](#input\_network\_firewall\_policy\_name) | Network Firewall Policy name to be supplied | `string` | n/a | yes |
+| <a name="input_rules_file"></a> [rules\_file](#input\_rules\_file) | Network Firewall rules file | `string` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to the resources. | `map(string)` | `{}` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC assocaited with Network Firewall | `string` | n/a | yes |
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_firewall_policy"></a> [firewall\_policy](#output\_firewall\_policy) | n/a |
+
+<!-- END_TF_DOCS -->