Merge pull request #39 from meltwater/ateam11172-update-docs

Update docs and example
meltwater · Sep 2, 2021 · 498537e · 498537e
2 parents c08fb91 + 859e67b
commit 498537e
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 33 deletions.
diff --git a/README.md b/README.md
@@ -21,7 +21,9 @@ Create an ASG and set the `asg:hostname_pattern` tag for example like this:
 asg-test-#instanceid.asg-handler-vpc.testing@Z3QP9GZSRL8IVA
 ```
 
-Could be interpolated in Terraform like this:
+`#instanceid`  is converted by a Lambda function within this module to the actual AWS instance_id that corresponds to the launched instance.  The `@` symbol is used to split the FQDN from the Route 53 zone_id.
+
+This could be interpolated in Terraform like this:
 
 ```hcl
 tag {

diff --git a/example/asg-dns-agent/main.tf b/example/asg-dns-agent/main.tf
@@ -61,36 +61,17 @@ resource "aws_autoscaling_group" "test" {
 
   tag {
     key                 = "asg:hostname_pattern"
+    # Ensure that the value you choose here contains a fully qualified domain name for the zone before the @ symbol
     value               = "asg-test-#instanceid.asg-handler-vpc.testing@${aws_route53_zone.test.id}"
     propagate_at_launch = true
   }
 }
 
-resource "aws_security_group" "test" {
-  vpc_id = module.vpc.vpc_id
-  name   = "asg-handler-vpc-test-agent"
+resource "aws_route53_zone" "test" {
+  name          = "asg-handler-vpc.testing"
+  force_destroy = true
 
-  tags = {
-    Name = "asg-handler"
+  vpc {
+    vpc_id = module.vpc.vpc_id
   }
-
-  # allow traffic within security group
-  ingress {
-    from_port = 0
-    to_port   = 0
-    protocol  = "-1"
-
-    cidr_blocks = module.vpc.private_subnets_cidr_blocks
-  }
-
-  egress {
-    from_port = 0
-    to_port   = 0
-    protocol  = "-1"
-
-    cidr_blocks = [
-      "0.0.0.0/0",
-    ]
-  }
-}
-
+}
diff --git a/example/asg-dns-agent/vpc.tf b/example/asg-dns-agent/vpc.tf
@@ -18,12 +18,30 @@ module "vpc" {
   enable_vpn_gateway = true
 }
 
-resource "aws_route53_zone" "test" {
-  name          = "asg-handler-vpc.testing"
-  force_destroy = true
+resource "aws_security_group" "test" {
+  vpc_id = module.vpc.vpc_id
+  name   = "asg-handler-vpc-test-agent"
 
-  vpc {
-    vpc_id = module.vpc.vpc_id
+  tags = {
+    Name = "asg-handler"
+  }
+
+  # allow traffic within security group
+  ingress {
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
+
+    cidr_blocks = module.vpc.private_subnets_cidr_blocks
   }
-}
 
+  egress {
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
+
+    cidr_blocks = [
+      "0.0.0.0/0",
+    ]
+  }
+}