add modules

blaize-tech · Mar 20, 2024 · 1ad44b3 · 1ad44b3
1 parent 931d79b
commit 1ad44b3
Show file tree

Hide file tree

Showing 53 changed files with 1,120 additions and 103 deletions.
diff --git a/aws_amplify/main.tf b/aws_amplify/main.tf
@@ -0,0 +1,39 @@
+resource "aws_amplify_app" "this" {
+  name         = var.app_name
+  repository   = var.repository
+  platform     = "WEB_COMPUTE"
+  access_token = var.access_token
+  build_spec   = var.build_spec
+
+  dynamic "custom_rule" {
+    for_each = var.custom_rules
+    content {
+      source    = custom_rule.value.source
+      status    = custom_rule.value.status
+      target    = custom_rule.value.target
+      condition = custom_rule.value.condition
+    }
+  }
+
+  environment_variables = var.environment_variables
+}
+
+resource "aws_amplify_branch" "this" {
+  app_id            = aws_amplify_app.this.id
+  branch_name       = var.branch_name
+  framework         = var.framework
+  stage             = var.stage
+  enable_auto_build = true
+
+}
+
+resource "aws_amplify_domain_association" "this" {
+  app_id                = aws_amplify_app.this.id
+  domain_name           = var.domain_name
+  wait_for_verification = false
+
+  sub_domain {
+    branch_name = aws_amplify_branch.this.branch_name
+    prefix      = var.dns_prefix_branch
+  }
+}
diff --git a/aws_amplify/outputs.tf b/aws_amplify/outputs.tf
@@ -0,0 +1,14 @@
+output "frontend_default_domain" {
+  description = "Default domain for the Amplify app"
+  value       = aws_amplify_app.this.default_domain
+}
+
+output "frontend_certificate_verification_dns_record" {
+  description = "The DNS record for certificate verification"
+  value       = aws_amplify_domain_association.this.certificate_verification_dns_record
+}
+
+output "cloudfront_dns_record" {
+  description = "DNS record for domain"
+  value       = aws_amplify_domain_association.this.sub_domain[*].dns_record
+}
diff --git a/aws_amplify/variables.tf b/aws_amplify/variables.tf
@@ -0,0 +1,64 @@
+variable "region" {
+  description = "AWS Region"
+  type        = string
+}
+
+variable "access_token" {
+  description = "Personal access token for repository"
+  type        = string
+}
+
+variable "repository" {
+  description = "Repository for an Amplify app"
+  type        = string
+}
+
+variable "app_name" {
+  description = "Name for an Amplify app"
+  type        = string
+}
+
+variable "branch_name" {
+  description = "Branch name for the production branch"
+  type        = string
+}
+
+variable "framework" {
+  description = "Framework for the autocreated branch"
+  type        = string
+}
+
+variable "stage" {
+  description = "Current stage for the created branch. PRODUCTION, BETA, DEVELOPMENT, EXPERIMENTAL, PULL_REQUEST"
+  type        = string
+}
+
+variable "environment_variables" {
+  description = "Environment variables map for an Amplify app"
+  type        = map(string)
+}
+
+variable "domain_name" {
+  description = "Domain name for the domain association"
+  type        = string
+}
+
+variable "dns_prefix_branch" {
+  description = "Prefix setting for the subdomain"
+  type        = string
+}
+
+variable "build_spec" {
+  description = "The build specification for an Amplify app"
+  type        = string
+}
+
+variable "custom_rules" {
+  description = "Rewrite or redirect rule"
+  type = list(object({
+    source    = string
+    status    = string
+    target    = string
+    condition = string
+  }))
+}
diff --git a/aws_certificate_manager/main.tf b/aws_certificate_manager/main.tf
@@ -0,0 +1,15 @@
+resource "aws_acm_certificate" "cert" {
+  domain_name       = var.domain_name
+  validation_method = var.validation_method
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}-cert"
+    Project     = var.project_name
+    Environment = var.env
+    Terraform   = true
+  }
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
diff --git a/aws_certificate_manager/outputs.tf b/aws_certificate_manager/outputs.tf
@@ -0,0 +1,11 @@
+output "domain_name" {
+  value = aws_acm_certificate.cert.domain_name
+}
+
+output "certificate_arn" {
+  value = aws_acm_certificate.cert.arn
+}
+
+output "domain_validation_options" {
+  value = aws_acm_certificate.cert.domain_validation_options
+}
diff --git a/aws_certificate_manager/variables.tf b/aws_certificate_manager/variables.tf
@@ -0,0 +1,18 @@
+variable "project_name" {
+  type = string
+}
+
+variable "env" {
+  type = string
+}
+
+variable "validation_method" {
+  description = "Which method to use for validation. DNS or EMAIL"
+  type        = string
+  default     = "DNS"
+}
+
+variable "domain_name" {
+  description = "Domain name for which the certificate should be issued"
+  type        = string
+}
diff --git a/aws_ecr/main.tf b/aws_ecr/main.tf
@@ -0,0 +1,18 @@
+resource "aws_ecr_repository" "service" {
+  force_delete         = var.force_delete
+  image_tag_mutability = var.image_tag_mutability
+  name                 = "${var.project_name}-${var.repository_name}"
+  encryption_configuration {
+    encryption_type = "AES256"
+    kms_key         = null
+  }
+  image_scanning_configuration {
+    scan_on_push = var.scan_on_push
+  }
+  tags = {
+    Name        = "${var.project_name}-${var.repository_name}"
+    Project     = var.project_name
+    Environment = var.env
+    Terraform   = true
+  }
+}
diff --git a/aws_ecr/outputs.tf b/aws_ecr/outputs.tf
@@ -0,0 +1,3 @@
+output "repository_url" {
+  value = aws_ecr_repository.service.repository_url
+}
diff --git a/aws_ecr/variables.tf b/aws_ecr/variables.tf
@@ -0,0 +1,27 @@
+variable "scan_on_push" {
+  type    = bool
+  default = false
+}
+
+variable "project_name" {
+  type = string
+}
+
+variable "env" {
+  type = string
+}
+
+variable "repository_name" {
+  type = string
+}
+
+variable "image_tag_mutability" {
+  type    = string
+  default = "MUTABLE"
+}
+
+variable "force_delete" {
+  description = "If true, will delete repository with containers"
+  type        = bool
+  default     = false
+}
diff --git a/aws_ecs_cluster/main.tf b/aws_ecs_cluster/main.tf
@@ -0,0 +1,15 @@
+resource "aws_ecs_cluster" "this" {
+  name = "${var.project_name}-${var.env}-cluster"
+
+  setting {
+    name  = "containerInsights"
+    value = "enabled"
+  }
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}-cluster"
+    Project     = var.project_name
+    Environment = var.env
+    Terraform   = true
+  }
+}
diff --git a/aws_ecs_cluster/outputs.tf b/aws_ecs_cluster/outputs.tf
@@ -0,0 +1,3 @@
+output "ecs_cluster_id" {
+  value = aws_ecs_cluster.this.id
+}
diff --git a/aws_ecs_cluster/variable.tf b/aws_ecs_cluster/variable.tf
@@ -0,0 +1,12 @@
+variable "project_name" {
+  description = "Project name"
+  validation {
+    condition     = length(var.project_name) > 3
+    error_message = "The project_name value must be set and more than 3 symbols."
+  }
+}
+
+variable "env" {
+  description = "Project environment"
+  type        = string
+}
diff --git a/aws_ecs_service/data.tf b/aws_ecs_service/data.tf
@@ -0,0 +1 @@
+data "aws_iam_role" "ecs_task_execution_role" { name = "AWSServiceRoleForECS" }
diff --git a/aws_ecs_service/main.tf b/aws_ecs_service/main.tf
@@ -0,0 +1,27 @@
+resource "aws_ecs_service" "weway-backend" {
+  name            = var.name
+  cluster         = var.ecs_cluster_id
+  task_definition = var.ecs_task_definition_arn
+  launch_type     = "FARGATE"
+  # iam_role             = data.aws_iam_role.ecs_task_execution_role.arn
+  desired_count        = var.desired_count
+  force_new_deployment = var.force_new_deployment
+  load_balancer {
+    container_name   = var.container_name
+    container_port   = var.container_port
+    target_group_arn = var.target_group_arns
+  }
+
+  network_configuration {
+    security_groups  = [aws_security_group.this.id]
+    subnets          = var.public_subnet_ids
+    assign_public_ip = true
+  }
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}"
+    Project     = var.project_name
+    Environment = var.env
+    Terraform   = true
+  }
+}
diff --git a/aws_ecs_service/outputs.tf b/aws_ecs_service/outputs.tf
diff --git a/aws_ecs_service/sg.tf b/aws_ecs_service/sg.tf
@@ -0,0 +1,32 @@
+resource "aws_security_group" "this" {
+  # description = "Security Group for instance"
+  name   = "${var.project_name}-${var.env}-ecs-container"
+  vpc_id = var.vpc_id
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}-sg"
+    Project     = var.project_name,
+    Environment = var.env
+    Terraform   = true
+  }
+}
+
+resource "aws_security_group_rule" "access_from_vpc" {
+  security_group_id = aws_security_group.this.id
+  description       = "Allow connecting from VPC"
+  type              = "ingress"
+  from_port         = 0
+  to_port           = 0
+  protocol          = "all"
+  cidr_blocks       = [var.cidr_vpc]
+}
+
+resource "aws_security_group_rule" "access_to_anywhere" {
+  security_group_id = aws_security_group.this.id
+  description       = "Allow outbound traffic"
+  type              = "egress"
+  from_port         = 0
+  to_port           = 0
+  protocol          = "all"
+  cidr_blocks       = ["0.0.0.0/0"]
+}
diff --git a/aws_ecs_service/variables.tf b/aws_ecs_service/variables.tf
@@ -0,0 +1,55 @@
+variable "project_name" {
+  type = string
+}
+
+variable "env" {
+  description = "env"
+  type        = string
+}
+
+variable "vpc_id" {
+  description = "VPC for instance"
+  type        = string
+}
+
+variable "cidr_vpc" {
+  description = "VPC_cidr_block"
+  type        = string
+}
+
+variable "public_subnet_ids" {
+  type = any
+}
+
+variable "name" {
+  type = string
+}
+
+variable "desired_count" {
+  type    = number
+  default = 1
+}
+
+variable "ecs_cluster_id" {
+  type = string
+}
+
+variable "ecs_task_definition_arn" {
+  type = string
+}
+
+variable "force_new_deployment" {
+  type = bool
+}
+
+variable "container_name" {
+  type = string
+}
+
+variable "container_port" {
+  type = string
+}
+
+variable "target_group_arns" {
+  type = any
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		data "aws_iam_role" "ecs_task_execution_role" { name = "AWSServiceRoleForECS" }