aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bump-ui-commit-4fc3244'
${ noResults }
boundary/enos/modules/aws_boundary/main.tf

84 lines
2.7 KiB
Raw Permalink Blame History

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: BUSL-1.1
terraform {
required_version = ">= 1.1.2"
required_providers {
enos = {
source = "registry.terraform.io/hashicorp-forge/enos"
version = ">= 0.3.25"
}
}
}
locals {
name_prefix = "${var.project_name}-${var.environment}"
boundary_cluster_tag = "boundary-server-${random_string.cluster_id.result}"
is_restored_db = var.db_snapshot_identifier != null
default_boundary_db_name = "boundary"
db_name = coalesce(var.db_name, local.default_boundary_db_name)
common_tags = merge(var.common_tags,
{
Module = "aws_boundary"
Pet = random_pet.default.id
},
)
network_stack = {
"4" = {
ingress_cidr_blocks = flatten([
formatlist("%s/32", data.enos_environment.localhost.public_ipv4_addresses),
join(",", data.aws_vpc.infra.cidr_block_associations.*.cidr_block),
formatlist("%s/32", var.alb_sg_additional_ips),
])
ingress_ipv6_cidr_blocks = [],
egress_cidr_blocks = ["0.0.0.0/0"],
egress_ipv6_cidr_blocks = [],
ipv6_address_count = 0,
vault_address = var.vault_address,
},
"6" = {
ingress_cidr_blocks = [],
ingress_ipv6_cidr_blocks = flatten([
try([for ip in coalesce(data.enos_environment.localhost.public_ipv6_addresses, []) : cidrsubnet("${ip}/64", 0, 0)], []),
[data.aws_vpc.infra.ipv6_cidr_block],
[for ip in var.alb_sg_additional_ipv6_ips : cidrsubnet("${ip}/64", 0, 0)],
])
egress_cidr_blocks = [],
egress_ipv6_cidr_blocks = ["::/0"],
ipv6_address_count = 1,
vault_address = format("[%s]", var.vault_address)
},
"dual" = {
ingress_cidr_blocks = flatten([
formatlist("%s/32", data.enos_environment.localhost.public_ipv4_addresses),
join(",", data.aws_vpc.infra.cidr_block_associations.*.cidr_block),
formatlist("%s/32", var.alb_sg_additional_ips),
])
ingress_ipv6_cidr_blocks = flatten([
try([for ip in coalesce(data.enos_environment.localhost.public_ipv6_addresses, []) : cidrsubnet("${ip}/64", 0, 0)], []),
[data.aws_vpc.infra.ipv6_cidr_block],
[for ip in var.alb_sg_additional_ipv6_ips : cidrsubnet("${ip}/64", 0, 0)],
]),
egress_cidr_blocks = ["0.0.0.0/0"],
egress_ipv6_cidr_blocks = ["::/0"],
ipv6_address_count = 1,
vault_address = try(format("[%s]", var.vault_address), "")
}
}
}
resource "random_string" "cluster_id" {
length = 8
lower = true
upper = false
numeric = false
special = false
}
resource "random_pet" "default" {
separator = "_"
}
Reference in new issue View Git Blame Copy Permalink