diff --git a/commonimages/base/main.tf b/commonimages/base/main.tf index bf1d5073..ee81194a 100644 --- a/commonimages/base/main.tf +++ b/commonimages/base/main.tf @@ -1,4 +1,6 @@ module "imagebuilder" { + # count = var.configuration_version ? 1 : 0 + source = "./../../modules//imagebuilder" region = var.region diff --git a/commonimages/base/variables.tf b/commonimages/base/variables.tf index 8b42fe77..f6db6a67 100644 --- a/commonimages/base/variables.tf +++ b/commonimages/base/variables.tf @@ -45,6 +45,7 @@ variable "launch_template_exists" { variable "configuration_version" { type = string description = "Version number of this configuration, increment on changes, e.g. 1.0.1" + default = null } variable "description" { diff --git a/commonimages/base/windows_2012_r2_SQL_2014/terraform.tfvars b/commonimages/base/windows_2012_r2_SQL_2014/terraform.tfvars index ae06f6e0..d53215ad 100644 --- a/commonimages/base/windows_2012_r2_SQL_2014/terraform.tfvars +++ b/commonimages/base/windows_2012_r2_SQL_2014/terraform.tfvars @@ -4,7 +4,7 @@ region = "eu-west-2" ami_base_name = "windows_server_2012_r2_SQL_2014_enterprise" -configuration_version = "0.1.0" +configuration_version = "0.1.1" release_or_patch = "release" # or "patch", see nomis AMI image building strategy doc description = "Windows Server 2012 R2 with SQL 2014 Enterprise" @@ -13,9 +13,9 @@ tags = { } parent_image = { - owner = "679593333241" + owner = "374269020027" ami_search_filters = { - name = ["sc-a-216-5d93057e-941a-4d1b-884f-ec900151c1d1-230-5d93057e-941a-4d1b-884f-ec900151c1d1"] # AWS image not available so taken from marketplace. NOTE: This may fail at the build step if there is some sort of licensing restriction + name = ["base_windows_server_2012_r2_release_2023-09-07T*"] # Using values which can be found before this is deleted } } diff --git a/commonimages/base/windows_2012_r2_SQL_2014/terragrunt.hcl.disabled b/commonimages/base/windows_2012_r2_SQL_2014/terragrunt.hcl similarity index 100% rename from commonimages/base/windows_2012_r2_SQL_2014/terragrunt.hcl.disabled rename to commonimages/base/windows_2012_r2_SQL_2014/terragrunt.hcl diff --git a/modules/imagebuilder/main.tf b/modules/imagebuilder/main.tf index 14fe7c31..33186b3e 100644 --- a/modules/imagebuilder/main.tf +++ b/modules/imagebuilder/main.tf @@ -1,155 +1,155 @@ -resource "aws_imagebuilder_component" "this" { - for_each = local.components_custom_yaml - - name = each.value.yaml.name - description = each.value.yaml.description - platform = each.value.yaml.parameters[1].Platform.default - version = each.value.yaml.parameters[0].Version.default - data = each.value.raw - kms_key_id = local.kms_key_id - tags = local.tags - - lifecycle { - create_before_destroy = true - } -} - -resource "aws_imagebuilder_image_recipe" "this" { - name = local.team_ami_base_name - parent_image = try(data.aws_ami.parent[0].id, local.ami_parent_arn) - version = var.configuration_version - description = var.description - user_data_base64 = try(base64encode(var.user_data), null) - tags = local.tags - - dynamic "block_device_mapping" { - for_each = var.block_device_mappings_ebs - - content { - device_name = block_device_mapping.value.device_name - - ebs { - delete_on_termination = true - encrypted = true - kms_key_id = local.kms_key_id - volume_size = block_device_mapping.value.volume_size - volume_type = block_device_mapping.value.volume_type - snapshot_id = block_device_mapping.value.snapshot_id # Optional ebs snapshot id - } - } - } - - dynamic "component" { - for_each = var.components_aws - content { - component_arn = "arn:aws:imagebuilder:${var.region}:aws:component/${component.value}/x.x.x" - } - } - - dynamic "component" { - for_each = var.components_common - content { - component_arn = "arn:aws:imagebuilder:${var.region}:${local.account_id}:component/${replace(component.value["name"], "_", "-")}/${component.value["version"]}" - dynamic "parameter" { - for_each = component.value["parameters"] - content { - name = parameter.value["name"] - value = parameter.value["value"] - } - } - } - } - - dynamic "component" { - for_each = var.components_custom - content { - component_arn = aws_imagebuilder_component.this[basename(component.value["path"])].arn - - dynamic "parameter" { - for_each = component.value["parameters"] - content { - name = parameter.value["name"] - value = parameter.value["value"] - } - } - - } - } - - dynamic "systems_manager_agent" { - for_each = var.systems_manager_agent != null ? [var.systems_manager_agent] : [] - content { - uninstall_after_build = systems_manager_agent.value.uninstall_after_build - } - } - - lifecycle { - create_before_destroy = true - } -} - -resource "aws_imagebuilder_infrastructure_configuration" "this" { - name = replace("${local.team_ami_base_name}_${var.configuration_version}", ".", "_") - instance_profile_name = local.core_shared_services.imagebuilder_mp_tfstate.image_builder_profile - description = var.description - instance_types = var.infrastructure_configuration.instance_types - security_group_ids = [local.core_shared_services.repo_tfstate.image_builder_security_group_id.non_live_data] - subnet_id = local.core_shared_services.repo_tfstate.non_live_private_subnet_ids[0] - terminate_instance_on_failure = true - tags = local.tags - resource_tags = local.tags - - logging { - s3_logs { - s3_bucket_name = local.core_shared_services.repo_tfstate.imagebuilder_log_bucket_id - s3_key_prefix = var.team_name - } - } -} - -resource "aws_imagebuilder_distribution_configuration" "this" { - name = local.team_ami_base_name - description = var.description - tags = local.tags - - distribution { - region = var.region - - ami_distribution_configuration { - name = local.ami_name - description = var.description - kms_key_id = local.kms_key_id - target_account_ids = [for account_id in local.accounts_to_distribute_ami : - local.account_ids_lookup[account_id] - ] - launch_permission { - user_ids = flatten([for name in var.launch_permission_account_names : local.account_ids_lookup[name]]) - } - ami_tags = local.ami_tags - } - - dynamic "launch_template_configuration" { - for_each = var.launch_template_configurations - content { - account_id = local.account_ids_lookup[launch_template_configuration.value.account_name] - launch_template_id = launch_template_configuration.value.launch_template_id - } - } - } -} - -resource "aws_imagebuilder_image_pipeline" "this" { - name = local.team_ami_base_name - description = var.description - image_recipe_arn = aws_imagebuilder_image_recipe.this.arn - infrastructure_configuration_arn = aws_imagebuilder_infrastructure_configuration.this.arn - distribution_configuration_arn = aws_imagebuilder_distribution_configuration.this.arn - tags = local.tags - image_tests_configuration { - image_tests_enabled = false - } - schedule { - schedule_expression = var.image_pipeline.schedule.schedule_expression - pipeline_execution_start_condition = var.image_pipeline.schedule.pipeline_execution_start_condition - } -} +# resource "aws_imagebuilder_component" "this" { +# for_each = local.components_custom_yaml + +# name = each.value.yaml.name +# description = each.value.yaml.description +# platform = each.value.yaml.parameters[1].Platform.default +# version = each.value.yaml.parameters[0].Version.default +# data = each.value.raw +# kms_key_id = local.kms_key_id +# tags = local.tags + +# lifecycle { +# create_before_destroy = true +# } +# } + +# resource "aws_imagebuilder_image_recipe" "this" { +# name = local.team_ami_base_name +# parent_image = try(data.aws_ami.parent[0].id, local.ami_parent_arn) +# version = var.configuration_version +# description = var.description +# user_data_base64 = try(base64encode(var.user_data), null) +# tags = local.tags + +# dynamic "block_device_mapping" { +# for_each = var.block_device_mappings_ebs + +# content { +# device_name = block_device_mapping.value.device_name + +# ebs { +# delete_on_termination = true +# encrypted = true +# kms_key_id = local.kms_key_id +# volume_size = block_device_mapping.value.volume_size +# volume_type = block_device_mapping.value.volume_type +# snapshot_id = block_device_mapping.value.snapshot_id # Optional ebs snapshot id +# } +# } +# } + +# dynamic "component" { +# for_each = var.components_aws +# content { +# component_arn = "arn:aws:imagebuilder:${var.region}:aws:component/${component.value}/x.x.x" +# } +# } + +# dynamic "component" { +# for_each = var.components_common +# content { +# component_arn = "arn:aws:imagebuilder:${var.region}:${local.account_id}:component/${replace(component.value["name"], "_", "-")}/${component.value["version"]}" +# dynamic "parameter" { +# for_each = component.value["parameters"] +# content { +# name = parameter.value["name"] +# value = parameter.value["value"] +# } +# } +# } +# } + +# dynamic "component" { +# for_each = var.components_custom +# content { +# component_arn = aws_imagebuilder_component.this[basename(component.value["path"])].arn + +# dynamic "parameter" { +# for_each = component.value["parameters"] +# content { +# name = parameter.value["name"] +# value = parameter.value["value"] +# } +# } + +# } +# } + +# dynamic "systems_manager_agent" { +# for_each = var.systems_manager_agent != null ? [var.systems_manager_agent] : [] +# content { +# uninstall_after_build = systems_manager_agent.value.uninstall_after_build +# } +# } + +# lifecycle { +# create_before_destroy = true +# } +# } + +# resource "aws_imagebuilder_infrastructure_configuration" "this" { +# name = replace("${local.team_ami_base_name}_${var.configuration_version}", ".", "_") +# instance_profile_name = local.core_shared_services.imagebuilder_mp_tfstate.image_builder_profile +# description = var.description +# instance_types = var.infrastructure_configuration.instance_types +# security_group_ids = [local.core_shared_services.repo_tfstate.image_builder_security_group_id.non_live_data] +# subnet_id = local.core_shared_services.repo_tfstate.non_live_private_subnet_ids[0] +# terminate_instance_on_failure = true +# tags = local.tags +# resource_tags = local.tags + +# logging { +# s3_logs { +# s3_bucket_name = local.core_shared_services.repo_tfstate.imagebuilder_log_bucket_id +# s3_key_prefix = var.team_name +# } +# } +# } + +# resource "aws_imagebuilder_distribution_configuration" "this" { +# name = local.team_ami_base_name +# description = var.description +# tags = local.tags + +# distribution { +# region = var.region + +# ami_distribution_configuration { +# name = local.ami_name +# description = var.description +# kms_key_id = local.kms_key_id +# target_account_ids = [for account_id in local.accounts_to_distribute_ami : +# local.account_ids_lookup[account_id] +# ] +# launch_permission { +# user_ids = flatten([for name in var.launch_permission_account_names : local.account_ids_lookup[name]]) +# } +# ami_tags = local.ami_tags +# } + +# dynamic "launch_template_configuration" { +# for_each = var.launch_template_configurations +# content { +# account_id = local.account_ids_lookup[launch_template_configuration.value.account_name] +# launch_template_id = launch_template_configuration.value.launch_template_id +# } +# } +# } +# } + +# resource "aws_imagebuilder_image_pipeline" "this" { +# name = local.team_ami_base_name +# description = var.description +# image_recipe_arn = aws_imagebuilder_image_recipe.this.arn +# infrastructure_configuration_arn = aws_imagebuilder_infrastructure_configuration.this.arn +# distribution_configuration_arn = aws_imagebuilder_distribution_configuration.this.arn +# tags = local.tags +# image_tests_configuration { +# image_tests_enabled = false +# } +# schedule { +# schedule_expression = var.image_pipeline.schedule.schedule_expression +# pipeline_execution_start_condition = var.image_pipeline.schedule.pipeline_execution_start_condition +# } +# } diff --git a/modules/imagebuilder/versions.tf b/modules/imagebuilder/versions.tf index 207e63af..8cfea343 100644 --- a/modules/imagebuilder/versions.tf +++ b/modules/imagebuilder/versions.tf @@ -19,4 +19,4 @@ provider "aws" { assume_role { role_arn = "arn:aws:iam::${local.environment_management.account_ids[terraform.workspace]}:role/ModernisationPlatformAccess" } -} \ No newline at end of file +}