naming conventions fix (#37)

* naming conventions fix

* add static page aliases for organizations

main.tf

@@ -19,7 +19,7 @@ data "aws_acm_certificate" "cdn" {
 }
 
 locals {
-  namespace = "${var.eb_env_namespace}-${var.eb_env_stage}-${var.eb_env_name}"
+  namespace = "${var.eb_env_namespace}-${var.eb_env_name}"
 
   static_alias = (
     var.static_site_alias != ""
@@ -37,6 +37,8 @@ locals {
       "*.${var.site_domain_name}"
     ]
   )
+
+  static_page_asset_aliases = [var.site_domain_name, "*.${var.site_domain_name}"] # adds support for organizations subdomains
 }
 
 ###
@@ -46,7 +48,6 @@ locals {
 module "cdn_static" {
   source               = "git::https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn?ref=tags/0.74.0"
   namespace            = "static-${var.eb_env_namespace}"
-  stage                = var.eb_env_stage
   name                 = var.eb_env_name
   aliases              = [local.static_alias]
   cors_allowed_origins = local.static_cors_allowed_origins
@@ -61,7 +62,7 @@ module "cdn_static" {
 
 # export s3 arn so serverless can pick it up to configure iam policies
 resource "aws_ssm_parameter" "cdn_content_param" {
-  name        = "/${var.eb_env_name}/${var.eb_env_stage}/s3_content_arn"
+  name        = "/${var.eb_env_name}/s3_content_arn"
   description = "S3 content (videos, images) bucket ARN"
   type        = "SecureString"
   value       = module.cdn_static.s3_bucket_arn
@@ -70,7 +71,7 @@ resource "aws_ssm_parameter" "cdn_content_param" {
 
 # TODO remove
 resource "aws_ssm_parameter" "cdn_content_param_deprecated" {
-  name        = "/${var.eb_env_name}/${var.eb_env_stage}/s3_static_arn"
+  name        = "/${var.eb_env_name}/s3_static_arn"
   description = "S3 content (videos, images) bucket ARN"
   type        = "SecureString"
   value       = module.cdn_static.s3_bucket_arn
@@ -103,7 +104,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "content_bucket_version_expire_
 module "content_backup" {
   count  = var.enable_content_backup ? 1 : 0
   source = "git::https://github.com/mentorpal/terraform-modules//modules/backup?ref=tags/v1.5.1"
-  name   = "${var.eb_env_name}-s3-backup-${var.eb_env_stage}"
+  name   = "${var.eb_env_name}-s3-backup"
 
   resources = [
     module.cdn_static.s3_bucket_arn
@@ -121,7 +122,7 @@ module "content_backup" {
 #####
 module "cdn_firewall" {
   source     = "git::https://github.com/mentorpal/terraform-modules//modules/api-waf?ref=tags/v1.6.0"
-  name       = "${var.eb_env_name}-cdn-${var.eb_env_stage}"
+  name       = "${var.eb_env_name}-cdn"
   scope      = "CLOUDFRONT"
   rate_limit = 1000
 
@@ -147,7 +148,7 @@ module "cdn_firewall" {
 
 module "api_firewall" {
   source     = "git::https://github.com/mentorpal/terraform-modules//modules/api-waf?ref=tags/v1.6.0"
-  name       = "${var.eb_env_name}-api-${var.eb_env_stage}"
+  name       = "${var.eb_env_name}-api"
   scope      = "REGIONAL"
   rate_limit = 1000
 
@@ -165,7 +166,7 @@ module "api_firewall" {
 }
 
 resource "aws_ssm_parameter" "api_firewall_ssm" {
-  name  = "/${var.eb_env_name}/${var.eb_env_stage}/api_firewall_arn"
+  name  = "/${var.eb_env_name}/api_firewall_arn"
   type  = "String"
   value = module.api_firewall.wafv2_webacl_arn
   tags  = var.eb_env_tags
@@ -223,7 +224,7 @@ resource "aws_cloudfront_function" "cf_fn_origin_root" {
 module "cdn_static_assets" {
   source                             = "git::https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn.git?ref=tags/0.82.4"
   acm_certificate_arn                = data.aws_acm_certificate.cdn.arn
-  aliases                            = [var.site_domain_name]
+  aliases                            = local.static_page_asset_aliases
   allowed_methods                    = ["HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH"]
   block_origin_public_access_enabled = true # so only CDN can access it
   # having a default cache policy made the apply fail:
@@ -286,7 +287,6 @@ module "cdn_static_assets" {
   parent_zone_name     = var.aws_route53_zone_name
   # https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html
   price_class = "PriceClass_100"
-  stage       = var.eb_env_stage
   # this are artifacts generated from github code, no need to version them:
   versioning_enabled     = true # test backup
   viewer_protocol_policy = "redirect-to-https"
@@ -297,15 +297,15 @@ module "cdn_static_assets" {
 
 # cicd pipeline runs in us-east-1 so its easier to have them too in the same region
 resource "aws_ssm_parameter" "cdn_id" {
-  name     = "/${var.eb_env_name}/${var.eb_env_stage}/CLOUDFRONT_DISTRIBUTION_ID"
+  name     = "/${var.eb_env_name}/CLOUDFRONT_DISTRIBUTION_ID"
   type     = "String"
   value    = module.cdn_static_assets.cf_id
   provider = aws.us-east-1
   tags     = var.eb_env_tags
 }
 
 resource "aws_ssm_parameter" "cdn_s3_websites_arn" {
-  name        = "/${var.eb_env_name}/${var.eb_env_stage}/s3-websites/ARN"
+  name        = "/${var.eb_env_name}/s3-websites/ARN"
   description = "Bucket that stores frontend apps"
   type        = "String"
   value       = module.cdn_static_assets.s3_bucket_arn
@@ -314,7 +314,7 @@ resource "aws_ssm_parameter" "cdn_s3_websites_arn" {
 }
 
 resource "aws_ssm_parameter" "cdn_s3_websites_name" {
-  name        = "/${var.eb_env_name}/${var.eb_env_stage}/s3-websites/NAME"
+  name        = "/${var.eb_env_name}/s3-websites/NAME"
   description = "Bucket that stores frontend apps"
   type        = "String"
   value       = module.cdn_static_assets.s3_bucket

template/global.tf.template

@@ -7,17 +7,17 @@ module "notify_slack" {
   source  = "terraform-aws-modules/notify-slack/aws"
   version = "~> 4.0"
 
-  sns_topic_name = "slack-alerts-${var.eb_env_stage}-${var.eb_env_namespace}"
+  sns_topic_name = "slack-alerts-${var.eb_env_namespace}"
 
-  lambda_function_name = "notify-slack-${var.eb_env_stage}-${var.eb_env_namespace}"
+  lambda_function_name = "notify-slack-${var.eb_env_namespace}"
 
   slack_webhook_url = var.cloudwatch_slack_webhook
   slack_channel     = var.alerts_slack_channel
   slack_username    = var.alerts_slack_username
 }
 
 resource "aws_ssm_parameter" "sns_alert_topic_arn" {
-  name        = "/${var.eb_env_name}/${var.eb_env_stage}/shared/sns_alert_topic_arn"
+  name        = "/${var.eb_env_name}/shared/sns_alert_topic_arn"
   description = "Slack alert topic"
   type        = "String"
   value       = module.notify_slack.this_slack_topic_arn

template/main.tf

@@ -8,11 +8,30 @@ module "mentorpal_beanstalk_deployment" {
   aws_region                  = var.aws_region
   aws_route53_zone_name       = var.aws_route53_zone_name
   eb_env_namespace            = var.eb_env_namespace
-  eb_env_stage                = var.eb_env_stage
   site_domain_name            = var.site_domain_name
   static_cors_allowed_origins = var.static_cors_allowed_origins
   enable_api_firewall_logging = var.enable_api_firewall_logging
   enable_cdn_firewall_logging = var.enable_cdn_firewall_logging
   enable_content_backup       = true
   alert_topic_arn             = module.notify_slack.this_slack_topic_arn
 }
+
+module "notify_slack" {
+  source  = "terraform-aws-modules/notify-slack/aws"
+  version = "~> 4.0"
+
+  sns_topic_name = "slack-alerts-${var.eb_env_namespace}"
+
+  lambda_function_name = "notify-slack-${var.eb_env_namespace}"
+
+  slack_webhook_url = var.cloudwatch_slack_webhook
+  slack_channel     = "ls-alerts-prod"
+  slack_username    = "uscictlsalerts"
+}
+
+resource "aws_ssm_parameter" "sns_alert_topic_arn" {
+  name        = "/${var.eb_env_name}/shared/sns_alert_topic_arn"
+  description = "Slack alert topic"
+  type        = "String"
+  value       = module.notify_slack.this_slack_topic_arn
+}

template/terraform.tfvars

@@ -1,20 +1,18 @@
 # must be in AWS certificate manager:
-aws_acm_certificate_domain = "mentorpal.info"
+aws_acm_certificate_domain = "mentorpal.org"
 
 # e.g. us-east-1
 aws_region = "us-east-1"
 
 # usualy name as `aws_acm_certificate_domain` with . at the end
-aws_route53_zone_name = "mentorpal.info"
+aws_route53_zone_name = "mentorpal.org"
 
 # namespace to prefix all things your app
 eb_env_namespace = "mentorpal"
 eb_env_name      = "mentorpal"
-# name of stage, e.g 'test' or 'dev' or 'prod'
-eb_env_stage = "qa"
 
-site_domain_name = "qa.mentorpal.info"
-static_cors_allowed_origins = ["mentorpal.info", "*.mentorpal.info"]
+site_domain_name = "mentorpal.org"
+static_cors_allowed_origins = ["mentorpal.org", "*.mentorpal.org"]
 
 enable_api_firewall_logging = true
-enable_cdn_firewall_logging = false
+enable_cdn_firewall_logging = false

template/terragrunt.hcl

@@ -8,7 +8,7 @@ remote_state {
     # name for an s3 bucket that will store terraform state
     # e.g. MY_APP_NAME-s3-state
     # terragrunt will create this for us
-    bucket          = "mentorpal-info-s3-state"
+    bucket          = "qamentorpal-s3-state"
 
     # probably can leave this as is
     key             = "mentorpal/terraform.tfstate"
@@ -23,6 +23,6 @@ remote_state {
     # name of the AWS dynamodb table used for locking state
     # e.g. MY_APP_NAME-s3-state-locks
     # terragrunt will create this for us
-    dynamodb_table  = "mentorpal-info-s3-state-locks"
+    dynamodb_table  = "mentorpal-s3-state-locks"
   }
 }

vars.tf

@@ -10,7 +10,7 @@ variable "aws_region" {
 
 variable "aws_route53_zone_name" {
   type        = string
-  description = "name to find aws route53 zone, e.g. mentorpal.info."
+  description = "name to find aws route53 zone, e.g. mentorpal.org."
 }
 
 variable "eb_env_name" {
@@ -24,12 +24,6 @@ variable "eb_env_namespace" {
   description = "Namespace, which could be your organization name, e.g. 'eg' or 'cp'"
 }
 
-variable "eb_env_stage" {
-  type        = string
-  description = "Stage, e.g. 'prod', 'staging', 'dev', or 'test'"
-  default     = "test"
-}
-
 variable "eb_env_tags" {
   type        = map(string)
   default     = {}