From c1335d572cf34190da300109eea23e7a1680573d Mon Sep 17 00:00:00 2001 From: Byungjin Park Date: Wed, 10 Sep 2025 23:52:09 +0900 Subject: [PATCH] feat: improve how to use resource_group in modules --- modules/access-analyzer/outputs.tf | 16 ++++++++++ modules/access-analyzer/resource-group.tf | 10 +++--- modules/access-analyzer/variables.tf | 32 +++++++++---------- .../cloudtrail-event-data-store/outputs.tf | 16 ++++++++++ .../resource-group.tf | 10 +++--- .../cloudtrail-event-data-store/variables.tf | 32 +++++++++---------- modules/cloudtrail-trail/outputs.tf | 16 ++++++++++ modules/cloudtrail-trail/resource-group.tf | 10 +++--- modules/cloudtrail-trail/variables.tf | 32 +++++++++---------- modules/config-managed-rule/outputs.tf | 16 ++++++++++ modules/config-managed-rule/resource-group.tf | 10 +++--- modules/config-managed-rule/variables.tf | 32 +++++++++---------- modules/config-recorder/outputs.tf | 16 ++++++++++ modules/config-recorder/resource-group.tf | 10 +++--- modules/config-recorder/variables.tf | 32 +++++++++---------- modules/macie-account/outputs.tf | 16 ++++++++++ modules/macie-account/resource-group.tf | 10 +++--- modules/macie-account/variables.tf | 32 +++++++++---------- 18 files changed, 216 insertions(+), 132 deletions(-) diff --git a/modules/access-analyzer/outputs.tf b/modules/access-analyzer/outputs.tf index 9052b16..8c91765 100644 --- a/modules/access-analyzer/outputs.tf +++ b/modules/access-analyzer/outputs.tf @@ -38,3 +38,19 @@ output "archive_rules" { name => rule.filter } } + +output "resource_group" { + description = "The resource group created to manage resources in this module." + value = merge( + { + enabled = var.resource_group.enabled && var.module_tags_enabled + }, + (var.resource_group.enabled && var.module_tags_enabled + ? { + arn = module.resource_group[0].arn + name = module.resource_group[0].name + } + : {} + ) + ) +} diff --git a/modules/access-analyzer/resource-group.tf b/modules/access-analyzer/resource-group.tf index 7487ba0..85c4fb0 100644 --- a/modules/access-analyzer/resource-group.tf +++ b/modules/access-analyzer/resource-group.tf @@ -1,6 +1,6 @@ locals { - resource_group_name = (var.resource_group_name != "" - ? var.resource_group_name + resource_group_name = (var.resource_group.name != "" + ? var.resource_group.name : join(".", [ local.metadata.package, local.metadata.module, @@ -12,12 +12,12 @@ locals { module "resource_group" { source = "tedilabs/misc/aws//modules/resource-group" - version = "~> 0.10.0" + version = "~> 0.12.0" - count = (var.resource_group_enabled && var.module_tags_enabled) ? 1 : 0 + count = (var.resource_group.enabled && var.module_tags_enabled) ? 1 : 0 name = local.resource_group_name - description = var.resource_group_description + description = var.resource_group.description query = { resource_tags = local.module_tags diff --git a/modules/access-analyzer/variables.tf b/modules/access-analyzer/variables.tf index fe276b3..93ee79a 100644 --- a/modules/access-analyzer/variables.tf +++ b/modules/access-analyzer/variables.tf @@ -85,23 +85,21 @@ variable "module_tags_enabled" { # Resource Group ################################################### -variable "resource_group_enabled" { - description = "(Optional) Whether to create Resource Group to find and group AWS resources which are created by this module." - type = bool - default = true - nullable = false -} -variable "resource_group_name" { - description = "(Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`." - type = string - default = "" - nullable = false -} -variable "resource_group_description" { - description = "(Optional) The description of Resource Group." - type = string - default = "Managed by Terraform." - nullable = false + +variable "resource_group" { + description = <