From c94a8048fdd37f5931bb2870aa3432e5f7b44700 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Fri, 12 May 2023 15:36:36 +0800
Subject: [PATCH 1/2] add AWS tags

---
 .terraformignore              |  6 ++++++
 terraform/.terraform.lock.hcl | 21 ++++++++++++++++++---
 terraform/cloud.tf            |  9 +++++++++
 terraform/main.tf             | 10 +---------
 terraform/outputs.tf          |  9 +++++++++
 terraform/providers.tf        | 10 ++++++++++
 terraform/variables.tf        | 22 ++++++++++++++++++++++
 7 files changed, 75 insertions(+), 12 deletions(-)
 create mode 100644 .terraformignore
 create mode 100644 terraform/cloud.tf
 create mode 100644 terraform/outputs.tf

diff --git a/.terraformignore b/.terraformignore
new file mode 100644
index 0000000..47ddbe2
--- /dev/null
+++ b/.terraformignore
@@ -0,0 +1,6 @@
+# controls what directories get uploaded to TFC for remote runs
+#
+# deny by default
+*
+# explicitly list included directories
+!terraform/
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index 38fe924..b6967eb 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -2,9 +2,24 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/aws" {
-  version     = "4.2.0"
-  constraints = "~> 4.0"
+  version     = "4.67.0"
+  constraints = ">= 2.0.0, ~> 4.0, < 5.0.0"
   hashes = [
-    "h1:qfnMtwFbsVJWvzxUCajm4zUkjEH9GDdT3FFYffEEhYQ=",
+    "h1:dCRc4GqsyfqHEMjgtlM1EympBcgTmcTkWaJmtd91+KA=",
+    "zh:0843017ecc24385f2b45f2c5fce79dc25b258e50d516877b3affee3bef34f060",
+    "zh:19876066cfa60de91834ec569a6448dab8c2518b8a71b5ca870b2444febddac6",
+    "zh:24995686b2ad88c1ffaa242e36eee791fc6070e6144f418048c4ce24d0ba5183",
+    "zh:4a002990b9f4d6d225d82cb2fb8805789ffef791999ee5d9cb1fef579aeff8f1",
+    "zh:559a2b5ace06b878c6de3ecf19b94fbae3512562f7a51e930674b16c2f606e29",
+    "zh:6a07da13b86b9753b95d4d8218f6dae874cf34699bca1470d6effbb4dee7f4b7",
+    "zh:768b3bfd126c3b77dc975c7c0e5db3207e4f9997cf41aa3385c63206242ba043",
+    "zh:7be5177e698d4b547083cc738b977742d70ed68487ce6f49ecd0c94dbf9d1362",
+    "zh:8b562a818915fb0d85959257095251a05c76f3467caa3ba95c583ba5fe043f9b",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:9c385d03a958b54e2afd5279cd8c7cbdd2d6ca5c7d6a333e61092331f38af7cf",
+    "zh:b3ca45f2821a89af417787df8289cb4314b273d29555ad3b2a5ab98bb4816b3b",
+    "zh:da3c317f1db2469615ab40aa6baba63b5643bae7110ff855277a1fb9d8eb4f2c",
+    "zh:dc6430622a8dc5cdab359a8704aec81d3825ea1d305bbb3bbd032b1c6adfae0c",
+    "zh:fac0d2ddeadf9ec53da87922f666e1e73a603a611c57bcbc4b86ac2821619b1d",
   ]
 }
diff --git a/terraform/cloud.tf b/terraform/cloud.tf
new file mode 100644
index 0000000..db1b111
--- /dev/null
+++ b/terraform/cloud.tf
@@ -0,0 +1,9 @@
+terraform {
+  cloud {
+    organization = "gtis"
+
+    workspaces {
+      name = "serverless-mfa-api"
+    }
+  }
+}
diff --git a/terraform/main.tf b/terraform/main.tf
index 7955f89..8376014 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -4,17 +4,9 @@
  */
 module "serverless-user" {
   source  = "silinternational/serverless-user/aws"
-  version = "0.1.2"
+  version = "0.1.3"
 
   app_name           = "mfa-api"
   aws_region         = var.aws_region
   enable_api_gateway = true
 }
-
-output "serverless-access-key-id" {
-  value = module.serverless-user.aws_access_key_id
-}
-output "serverless-secret-access-key" {
-  value     = module.serverless-user.aws_secret_access_key
-  sensitive = true
-}
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
new file mode 100644
index 0000000..3d5987b
--- /dev/null
+++ b/terraform/outputs.tf
@@ -0,0 +1,9 @@
+
+output "serverless-access-key-id" {
+  value = module.serverless-user.aws_access_key_id
+}
+
+output "serverless-secret-access-key" {
+  value     = module.serverless-user.aws_secret_access_key
+  sensitive = true
+}
diff --git a/terraform/providers.tf b/terraform/providers.tf
index 9910713..0efdcd1 100644
--- a/terraform/providers.tf
+++ b/terraform/providers.tf
@@ -2,4 +2,14 @@ provider "aws" {
   region     = var.aws_region
   access_key = var.aws_access_key_id
   secret_key = var.aws_secret_access_key
+
+  default_tags {
+    tags = {
+      managed_by        = "terraform"
+      workspace         = terraform.workspace
+      itse_app_customer = var.app_customer
+      itse_app_env      = var.app_environment
+      itse_app_name     = var.app_name
+    }
+  }
 }
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 06bfeb9..166ac69 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -7,3 +7,25 @@ variable "aws_access_key_id" {
 
 variable "aws_secret_access_key" {
 }
+
+/*
+ * AWS tag values
+ */
+
+variable "app_customer" {
+  description = "customer name to use for the itse_app_customer tag"
+  type        = string
+  default     = "shared"
+}
+
+variable "app_environment" {
+  description = "environment name to use for the itse_app_environment tag, e.g. staging, production"
+  type        = string
+  default     = "production"
+}
+
+variable "app_name" {
+  description = "app name to use for the itse_app_name tag"
+  type        = string
+  default     = "serverless-mfa-api"
+}

From 6393c9bef3eb97ce64a1d89ca77a3ec05f36752e Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Fri, 12 May 2023 15:47:32 +0800
Subject: [PATCH 2/2] Changed app_name default to idp

---
 terraform/variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/variables.tf b/terraform/variables.tf
index 166ac69..631ae54 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -27,5 +27,5 @@ variable "app_environment" {
 variable "app_name" {
   description = "app name to use for the itse_app_name tag"
   type        = string
-  default     = "serverless-mfa-api"
+  default     = "idp"
 }