LZA-163: S3 and CUR modules

modules/aws/README.md

@@ -9,5 +9,8 @@ The following modules are available:
 - [Group Account Assignments](./group_account_assignments/README.md)
 - [Group User Memberships](./group_user_memberships/README.md)
 - [Groups](./groups/README.md)
+- [Permission Sets](./permission_sets/README.md)
 - [Identity Center Instance](./ssoadmin_instance/README.md)
 - [Users](./users/README.md)
+- [S3 Buckets](./s3_buckets/README.md)
+- [Cost and Usage Reports](./cost_usage_reports/README.md)

modules/aws/cost_usage_reports/README.md

@@ -0,0 +1,40 @@
+# Core Cloud AWS Cost & Usage Report Module
+
+This module is responsible for creating and managing Cost and Usage Reports in AWS.
+
+## Usage
+
+```hcl
+module "cost_usage_reports" {
+  source = "git::ssh://[email protected]/UKHomeOffice/core-cloud-terraform-modules.git//modules/aws/cost_usage_reports"
+
+  report_name                   = <VALUE>
+  time_unit                     = <VALUE>
+  format                        = <VALUE>
+  compression                   = <VALUE>
+  additional_schema_elements    = <VALUE>
+  s3_bucket                     = <VALUE>
+  s3_region                     = <VALUE>
+  additional_artifacts          = <VALUE>
+  s3_prefix                     = <VALUE>
+  refresh_closed_reports        = <VALUE>
+  report_versioning             = <VALUE>
+  
+  
+}
+```
+
+## Validation
+
+This module expects the variables to conform to the following:
+- `report_name` - Must be a string between 1 and 256 characters.
+- `time_unit` - Valid values for time_unit are DAILY, HOURLY or MONTHLY.
+- `format` - Valid values for format are textORcsv or Parquet.
+- `compression` - Valid values for time_unit are GZIP, ZIP or Parquet.
+- `additional_schema_elements` - Valid values for additional_schema_elements are RESOURCES or SPLIT_COST_ALLOCATION_DATA.
+- `s3_bucket` - Must be a string between 1 and 64 characters.
+- `s3_region` - - Must be a string between 1 and 20 characters.
+- `additional_artifacts` - Valid values for time_unit are REDSHIFT, QUICKSHIFT or ATHENA.
+- `s3_prefix` - Must be a string between 1 and 256 characters.
+- `refresh_closed_reports`
+- `report_versioning`

modules/aws/cost_usage_reports/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "> 5.0.0, < 6.0.0"
+    }
+  }
+}
+
+resource "aws_cur_report_definition" "cur_report_definitions" {
+  report_name                = var.report_name
+  time_unit                  = var.time_unit
+  format                     = var.format
+  compression                = var.compression
+  additional_schema_elements = var.additional_schema_elements
+  s3_bucket                  = var.bucket_name
+  s3_region                  = var.bucket_region
+  additional_artifacts       = var.additional_artifacts
+  s3_prefix                  = var.s3_prefix
+  refresh_closed_reports     = var.refresh_closed_reports
+  report_versioning          = var.report_versioning
+}

modules/aws/cost_usage_reports/variables.tf

@@ -0,0 +1,99 @@
+variable "report_name" {
+  type        = string
+  description = "The name of the cost and usage report to create."
+
+  validation {
+    condition     = length(var.report_name) >= 1 && length(var.report_name) <= 256
+    error_message = "The report_name name must be less than 256 characters."
+  }
+}
+
+variable "time_unit" {
+  type        = string
+  description = "The frequency on which report data are measured and displayed."
+
+  validation {
+    condition     = contains(["DAILY", "HOURLY", "MONTHLY"], var.time_unit)
+    error_message = "Valid values for time_unit are (DAILY, HOURLY, MONTHLY)"
+  }
+}
+
+variable "format" {
+  type        = string
+  description = "The format for the report."
+
+  validation {
+    condition     = contains(["textORcsv", "Parquet"], var.format)
+    error_message = "Valid values for format are (textORcsv, Parquet)"
+  }
+}
+
+variable "compression" {
+  type        = string
+  description = "Compression format for report."
+
+  validation {
+    condition     = contains(["GZIP", "ZIP", "Parquet"], var.compression)
+    error_message = "Valid values for time_unit are (GZIP, ZIP, Parquet)"
+  }
+}
+
+variable "additional_schema_elements" {
+  type        = string
+  description = "A list of schema elements."
+
+  validation {
+    condition     = contains(["RESOURCES", "SPLIT_COST_ALLOCATION_DATA"], var.additional_schema_elements)
+    error_message = "Valid values for additional_schema_elements are (RESOURCES, SPLIT_COST_ALLOCATION_DATA)"
+  }
+}
+
+variable "bucket_name" {
+  type        = string
+  description = "The name of the existing s3 bucket store generated reports"
+
+  validation {
+    condition     = length(var.bucket_name) >= 1 && length(var.bucket_name) <= 64
+    error_message = "The bucket_name name must be less than 64 characters."
+  }
+}
+
+variable "bucket_region" {
+  type        = string
+  description = "Region of the existing S3 bucket to hold generated reports."
+
+  validation {
+    condition     = length(var.bucket_region) >= 1 && length(var.bucket_region) <= 20
+    error_message = "The bucket_region name must be less than 20 characters."
+  }
+}
+
+variable "additional_artifacts" {
+  type        = string
+  description = "A list of additional artifacts."
+
+  validation {
+    condition     = contains(["REDSHIFT", "QUICKSHIFT", "ATHENA"], var.additional_artifacts)
+    error_message = "Valid values for time_unit are (REDSHIFT, QUICKSHIFT, ATHENA)"
+  }
+}
+
+variable "s3_prefix" {
+  type        = string
+  description = "Report path prefix."
+
+  validation {
+    condition     = length(var.s3_prefix) >= 1 && length(var.s3_prefix) <= 256
+    error_message = "The s3_prefix must be less than 256 characters."
+  }
+}
+
+variable "refresh_closed_reports" {
+  type        = string
+  description = "Set to true to update your reports after they have been finalized if AWS detects charges related to previous months."
+}
+
+variable "report_versioning" {
+  type        = string
+  description = "Overwrite the previous version of each report or to deliver the report in addition to the previous versions. Valid values are (CREATE_NEW_REPORT and OVERWRITE_REPORT)"
+}

modules/aws/s3_buckets/README.md

@@ -0,0 +1,19 @@
+# Core Cloud AWS S3 Bucket Module
+
+This module is responsible for creating and managing S3 Buckets in AWS.
+
+## Usage
+
+```hcl
+module "s3_buckets" {
+  source = "git::ssh://[email protected]/UKHomeOffice/core-cloud-terraform-modules.git//modules/aws/s3_buckets"
+
+  bucket_name        = <VALUE>
+}
+```
+
+## Validation
+
+This module expects the variables to conform to the following:
+- `bucket_name` - Must be a string between 1 and 64 characters.
+

modules/aws/s3_buckets/main.tf

@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "> 5.0.0, < 6.0.0"
+    }
+  }
+}
+
+resource "aws_s3_bucket" "s3_buckets" {
+  bucket = var.bucket_name
+}

modules/aws/s3_buckets/variables.tf

@@ -0,0 +1,9 @@
+variable "bucket_name" {
+  type        = string
+  description = "The name of the s3 bucket to create."
+
+  validation {
+    condition     = length(var.bucket_name) >= 1 && length(var.bucket_name) <= 64
+    error_message = "The bucket_name name must be less than 64 characters."
+  }
+}