Skip to content

Releases: sudoblark/sudoblark.terraform.module.aws.state_machine

Initial module setup

18 Sep 14:06
f3f4d28
Compare
Choose a tag to compare

Description

The initial release of the state_machine module.

Changelog available here.

TL; DR

A new terraform module to allow creation of n state machines.

NEW

  • For each dictionary provided, this module:
    • Creates a new state machine, optionally using terraform template syntax to allow for differing inputs per environment
    • Creates an associated IAM role for the state machine to use
    • Bootstraps the IAM role with policies to allow it to:
      • Interact with Cloudwatch logs
      • List its own execute status
    • Associates user-defined policies with the IAM role

Please see examples folder for example instantiation of module.

SUPPORTED MODULE DATA STRUCTURE

Data structure
---------------
A list of dictionaries, where each dictionary has the following attributes:

REQUIRED
---------
- template_file         : File path which this machine corresponds to
- template_input        : A dictionary of key/value pairs, outlining in detail the inputs needed for a template to be instantiated
- suffix                : Friendly name for the state function
- iam_policy_statements : A list of dictionaries where each dictionary is an IAM statement defining glue job permissions
-- Each dictionary in this list must define the following attributes:
--- sid: Friendly name for the policy, no spaces or special characters allowed
--- actions: A list of IAM actions the state machine is allowed to perform
--- resources: Which resource(s) the state machine may perform the above actions against
--- conditions    : An OPTIONAL list of dictionaries, which each defines:
---- test         : Test condition for limiting the action
---- variable     : Value to test
---- values       : A list of strings, denoting what to test for


OPTIONAL
---------
- cloudwatch_retention  : How many days logs should be retained for in Cloudwatch, defaults to 90

FEEDBACK

Submit suggestions for improvements to [email protected].