Merge pull request #35 from kunduso/add-scaffolding

Converted outputs to ssm parameter store parameter
kunduso · May 2, 2024 · 52ecce0 · 52ecce0
2 parents fa4144c + 12c0984
commit 52ecce0
Show file tree

Hide file tree

Showing 7 changed files with 22 additions and 24 deletions.
diff --git a/infra/cloud_watch.tf b/infra/cloud_watch.tf
@@ -2,6 +2,6 @@
 resource "aws_cloudwatch_log_group" "logs" {
   name              = "/amazon-ecs/${var.name}/log"
   retention_in_days = 365
-  kms_key_id        = aws_kms_key.app_4_key.arn
-  depends_on        = [aws_kms_key.app_4_key]
+  kms_key_id        = aws_kms_key.custom_kms_key.arn
+  depends_on        = [aws_kms_key.custom_kms_key]
 }
diff --git a/infra/cluster.tf b/infra/cluster.tf
@@ -4,7 +4,7 @@ resource "aws_ecs_cluster" "app_cluster" {
   configuration {
     execute_command_configuration {
       logging    = "OVERRIDE"
-      kms_key_id = aws_kms_key.app_4_key.id
+      kms_key_id = aws_kms_key.custom_kms_key.id
       log_configuration {
         cloud_watch_encryption_enabled = true
         cloud_watch_log_group_name     = aws_cloudwatch_log_group.logs.name

diff --git a/infra/ecr.tf b/infra/ecr.tf
@@ -4,7 +4,7 @@ resource "aws_ecr_repository" "image_repo" {
   image_tag_mutability = "IMMUTABLE"
   encryption_configuration {
     encryption_type = "KMS"
-    kms_key         = aws_kms_key.app_4_key.arn
+    kms_key         = aws_kms_key.custom_kms_key.arn
   }
 
   image_scanning_configuration {

diff --git a/infra/kms.tf b/infra/kms.tf
@@ -1,17 +1,17 @@
 #https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key
-resource "aws_kms_key" "app_4_key" {
-  description             = "KMS key for app-4"
+resource "aws_kms_key" "custom_kms_key" {
+  description             = "KMS key for app-6"
   deletion_window_in_days = 7
   enable_key_rotation     = true
 }
 #https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias
 resource "aws_kms_alias" "key" {
   name          = "alias/${var.name}"
-  target_key_id = aws_kms_key.app_4_key.id
+  target_key_id = aws_kms_key.custom_kms_key.id
 }
 #https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key_policy
 resource "aws_kms_key_policy" "encrypt_app" {
-  key_id = aws_kms_key.app_4_key.id
+  key_id = aws_kms_key.custom_kms_key.id
   policy = jsonencode({
     Id = "encryption-rest"
     Statement = [

diff --git a/infra/output.tf b/infra/output.tf
diff --git a/infra/ssm_parameter.tf b/infra/ssm_parameter.tf
@@ -0,0 +1,13 @@
+#https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter
+resource "aws_ssm_parameter" "infra_output" {
+  name   = "/${var.name}/output"
+  type   = "SecureString"
+  key_id = aws_kms_key.custom_kms_key.id
+  value = jsonencode({
+    "subnet_ids" : [for subnet in aws_subnet.public : subnet.id],
+    "security_group_id" : "${aws_security_group.custom_sg.id}",
+    "aws_lb_target_group" : "${aws_lb_target_group.target_group.arn}",
+    "cluster_id" : "${aws_ecs_cluster.app_cluster.id}",
+    "cloud_watch_log_group_name" : "${aws_cloudwatch_log_group.logs.name}"
+  })
+}
diff --git a/infra/variables.tf b/infra/variables.tf
@@ -21,7 +21,7 @@ variable "secret_key" {
 variable "name" {
   description = "The name of the application."
   type        = string
-  default     = "app-4"
+  default     = "app-6"
 }
 variable "vpc_cidr" {
   description = "The CIDR of the VPC."