setup formatting and docs generation scripts

CDCgov · Sep 17, 2024 · b341656 · b341656
1 parent e886feb
commit b341656
Showing 15 changed files with 523 additions and 21 deletions.
diff --git a/terraform/aws/implementation/README.md b/terraform/aws/implementation/README.md
@@ -0,0 +1,43 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | =5.61.0 |
+| <a name="requirement_external"></a> [external](#requirement\_external) | = 2.3.3 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | = 2.12.1 |
+| <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 1.14.0 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | = 2.25.2 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_cognito"></a> [cognito](#module\_cognito) | ./modules/cognito | n/a |
+| <a name="module_eks"></a> [eks](#module\_eks) | ./modules/eks | n/a |
+| <a name="module_rds"></a> [rds](#module\_rds) | ./modules/rds | n/a |
+| <a name="module_route53"></a> [route53](#module\_route53) | ./modules/route53 | n/a |
+| <a name="module_s3"></a> [s3](#module\_s3) | ./modules/s3 | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_enable_cognito"></a> [enable\_cognito](#input\_enable\_cognito) | Enable Cognito | `bool` | `true` | no |
+| <a name="input_region"></a> [region](#input\_region) | AWS region | `string` | `"us-east-1"` | no |
+| <a name="input_smarty_auth_id"></a> [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes |
+| <a name="input_smarty_auth_token"></a> [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/implementation/main.tf b/terraform/aws/implementation/main.tf
@@ -31,24 +31,24 @@ module "vpc" {
 }
 
 module "eks" {
-  source                   = "./modules/eks"
-  region                   = var.region
-  eks_name                 = local.name
-  vpc_id                   = module.vpc.vpc_id
-  public_subnet_ids        = module.vpc.public_subnets
-  private_subnet_ids       = module.vpc.private_subnets
-  smarty_auth_id           = var.smarty_auth_id
-  smarty_auth_token        = var.smarty_auth_token
-  aws_acm_certificate_arn  = module.route53.aws_acm_certificate_arn
-  ecr_viewer_s3_role_arn   = module.s3.ecr_viewer_s3_role_arn
-  tefca_viewer_db_role_arn = module.rds.tefca_viewer_db_role_arn
+  source                     = "./modules/eks"
+  region                     = var.region
+  eks_name                   = local.name
+  vpc_id                     = module.vpc.vpc_id
+  public_subnet_ids          = module.vpc.public_subnets
+  private_subnet_ids         = module.vpc.private_subnets
+  smarty_auth_id             = var.smarty_auth_id
+  smarty_auth_token          = var.smarty_auth_token
+  aws_acm_certificate_arn    = module.route53.aws_acm_certificate_arn
+  ecr_viewer_s3_role_arn     = module.s3.ecr_viewer_s3_role_arn
+  tefca_viewer_db_role_arn   = module.rds.tefca_viewer_db_role_arn
   tefca_db_connection_string = module.rds.tefca_db_connection_string
-  domain_name              = local.domain_name
-  ecr_bucket_name          = module.s3.ecr_bucket_name
-  enable_cognito           = var.enable_cognito
-  cognito_user_pool_arn    = module.cognito.cognito_user_pool_arn
-  cognito_client_id        = module.cognito.cognito_client_id
-  cognito_domain           = module.cognito.cognito_domain
+  domain_name                = local.domain_name
+  ecr_bucket_name            = module.s3.ecr_bucket_name
+  enable_cognito             = var.enable_cognito
+  cognito_user_pool_arn      = module.cognito.cognito_user_pool_arn
+  cognito_client_id          = module.cognito.cognito_client_id
+  cognito_domain             = module.cognito.cognito_domain
 }
 
 module "route53" {

diff --git a/terraform/aws/implementation/modules/cognito/README.md b/terraform/aws/implementation/modules/cognito/README.md
@@ -0,0 +1,39 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cognito_user.admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource |
+| [aws_cognito_user.dibbs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource |
+| [aws_cognito_user_pool.pool](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool) | resource |
+| [aws_cognito_user_pool_client.client](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_domain.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_domain) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The domain name for ALB | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_cognito_client_id"></a> [cognito\_client\_id](#output\_cognito\_client\_id) | n/a |
+| <a name="output_cognito_domain"></a> [cognito\_domain](#output\_cognito\_domain) | n/a |
+| <a name="output_cognito_user_pool_arn"></a> [cognito\_user\_pool\_arn](#output\_cognito\_user\_pool\_arn) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/implementation/modules/eks/README.md b/terraform/aws/implementation/modules/eks/README.md
@@ -0,0 +1,91 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 1.14.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_external"></a> [external](#provider\_external) | n/a |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
+| <a name="provider_kubectl"></a> [kubectl](#provider\_kubectl) | >= 1.14.0 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | n/a |
+| <a name="provider_terraform"></a> [terraform](#provider\_terraform) | n/a |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_eks-cluster"></a> [eks-cluster](#module\_eks-cluster) | terraform-aws-modules/eks/aws | 19.21.0 |
+| <a name="module_eks_blueprints_addons"></a> [eks\_blueprints\_addons](#module\_eks\_blueprints\_addons) | aws-ia/eks-blueprints-addons/aws | ~> 1.14 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_iam_policy.cloudwatch_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.eks_service_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [helm_release.building_blocks](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [helm_release.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubectl_manifest.cluster_role](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.cluster_role_binding](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.ingress](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.load_balancer_controller_crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.load_balancer_service_account](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.logging_config_map](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubernetes_namespace_v1.aws_observability](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
+| [terraform_data.helm_setup](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.kubeconfig](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [terraform_data.wait_for_load_balancer_controller](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_ecrpublic_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecrpublic_authorization_token) | data source |
+| [aws_eks_cluster_auth.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source |
+| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.cloudwatch_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.eks_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.load_balancer_controller](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [external_external.chart_versions](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source |
+| [external_external.latest_phdi_release](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source |
+| [kubectl_file_documents.ingress](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source |
+| [kubectl_file_documents.load_balancer_controller_crds](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source |
+| [kubectl_file_documents.load_balancer_service_account](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source |
+| [kubectl_file_documents.logging_config_map](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/file_documents) | data source |
+| [kubectl_path_documents.cluster_role](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source |
+| [kubectl_path_documents.cluster_role_binding](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_aws_acm_certificate_arn"></a> [aws\_acm\_certificate\_arn](#input\_aws\_acm\_certificate\_arn) | The ARN of the ACM certificate | `any` | n/a | yes |
+| <a name="input_cognito_client_id"></a> [cognito\_client\_id](#input\_cognito\_client\_id) | The ID of the Cognito user pool client | `any` | n/a | yes |
+| <a name="input_cognito_domain"></a> [cognito\_domain](#input\_cognito\_domain) | The domain of the Cognito user pool | `any` | n/a | yes |
+| <a name="input_cognito_user_pool_arn"></a> [cognito\_user\_pool\_arn](#input\_cognito\_user\_pool\_arn) | The ARN of the Cognito user pool | `any` | n/a | yes |
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The domain name to use | `string` | n/a | yes |
+| <a name="input_ecr_bucket_name"></a> [ecr\_bucket\_name](#input\_ecr\_bucket\_name) | The name of the ECR bucket | `string` | n/a | yes |
+| <a name="input_ecr_viewer_s3_role_arn"></a> [ecr\_viewer\_s3\_role\_arn](#input\_ecr\_viewer\_s3\_role\_arn) | The s3 Role ARN for the ECR Viewer Service | `any` | n/a | yes |
+| <a name="input_eks_name"></a> [eks\_name](#input\_eks\_name) | n/a | `string` | `"phdi-playground-eks"` | no |
+| <a name="input_enable_cognito"></a> [enable\_cognito](#input\_enable\_cognito) | Enable Cognito | `bool` | `true` | no |
+| <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs | `list(string)` | n/a | yes |
+| <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet IDs | `list(string)` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | n/a | `string` | `"us-east-1"` | no |
+| <a name="input_services_to_chart"></a> [services\_to\_chart](#input\_services\_to\_chart) | Note: The chart names are limited to 15 characters | `map(string)` | <pre>{<br>  "ecr-viewer": "ecr-viewer",<br>  "fhir-converter": "fhir-converter",<br>  "ingestion": "ingestion",<br>  "message-parser": "message-parser",<br>  "message-refiner": "message-refiner",<br>  "orchestration": "orchestration",<br>  "tefca-viewer": "tefca-viewer",<br>  "trigger-code-reference": "trigger-code-reference",<br>  "validation": "validation"<br>}</pre> | no |
+| <a name="input_smarty_auth_id"></a> [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes |
+| <a name="input_smarty_auth_token"></a> [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes |
+| <a name="input_tefca_db_connection_string"></a> [tefca\_db\_connection\_string](#input\_tefca\_db\_connection\_string) | Connection string to the tefca database | `any` | n/a | yes |
+| <a name="input_tefca_viewer_db_role_arn"></a> [tefca\_viewer\_db\_role\_arn](#input\_tefca\_viewer\_db\_role\_arn) | The db Role ARN for the Tefca Viewer Service | `any` | n/a | yes |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_eks_assume_role_policy"></a> [eks\_assume\_role\_policy](#output\_eks\_assume\_role\_policy) | n/a |
+| <a name="output_ingress_created"></a> [ingress\_created](#output\_ingress\_created) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/implementation/modules/eks/main.tf b/terraform/aws/implementation/modules/eks/main.tf
@@ -309,7 +309,6 @@ resource "helm_release" "building_blocks" {
   set {
     name  = "databaseUrl"
     value = var.tefca_db_connection_string
-    # postgres://postgres:pw@db:5432/tefca_db
   }
 
   set {

diff --git a/terraform/aws/implementation/modules/rds/README.md b/terraform/aws/implementation/modules/rds/README.md
@@ -0,0 +1,52 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_db_instance.tefca-viewer-db](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance) | resource |
+| [aws_db_parameter_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_parameter_group) | resource |
+| [aws_db_subnet_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_subnet_group) | resource |
+| [aws_iam_policy.db_tefca_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.db_role_for_tefca_viewer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.db_tefca_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_security_group.ds_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [random_string.setup_rds_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [aws_iam_policy_document.tefca_viewer_db_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_db_identifier"></a> [db\_identifier](#input\_db\_identifier) | Name of RDS Instance | `string` | `"tefca-viewer-db"` | no |
+| <a name="input_db_username"></a> [db\_username](#input\_db\_username) | Username of RDS Instance | `string` | `"tefcaViewerDbUser"` | no |
+| <a name="input_eks_assume_role_policy"></a> [eks\_assume\_role\_policy](#input\_eks\_assume\_role\_policy) | n/a | `string` | n/a | yes |
+| <a name="input_engine_type"></a> [engine\_type](#input\_engine\_type) | Engine of RDS Instance | `string` | `"postgres"` | no |
+| <a name="input_engine_version"></a> [engine\_version](#input\_engine\_version) | Engine Version of RDS Instance | `string` | `"16.3"` | no |
+| <a name="input_family"></a> [family](#input\_family) | RDS Family | `string` | `"postgres16"` | no |
+| <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs | `list(string)` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | n/a | `string` | `"us-east-1"` | no |
+| <a name="input_tefca_db_name"></a> [tefca\_db\_name](#input\_tefca\_db\_name) | The name of the tefca database | `string` | `"tefca_db"` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_tefca_db_connection_string"></a> [tefca\_db\_connection\_string](#output\_tefca\_db\_connection\_string) | n/a |
+| <a name="output_tefca_viewer_db_role_arn"></a> [tefca\_viewer\_db\_role\_arn](#output\_tefca\_viewer\_db\_role\_arn) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/implementation/modules/rds/output.tf b/terraform/aws/implementation/modules/rds/output.tf
@@ -3,6 +3,6 @@ output "tefca_viewer_db_role_arn" {
 }
 
 output "tefca_db_connection_string" {
-  value = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}"
+  value     = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}"
   sensitive = true
 }
diff --git a/terraform/aws/implementation/modules/rds/variables.tf b/terraform/aws/implementation/modules/rds/variables.tf
@@ -50,7 +50,7 @@ variable "vpc_id" {
 
 
 variable "tefca_db_name" {
-  type = string
+  type        = string
   description = "The name of the tefca database"
-  default = "tefca_db"
+  default     = "tefca_db"
 }
diff --git a/terraform/aws/implementation/modules/route53/README.md b/terraform/aws/implementation/modules/route53/README.md
@@ -0,0 +1,40 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_acm_certificate.site_cert](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
+| [aws_acm_certificate_validation.site_cert_validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
+| [aws_route53_record.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_record.site_cert_dns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53domains_registered_domain.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53domains_registered_domain) | resource |
+| [aws_lb.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source |
+| [aws_route53_zone.domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The domain name to use for the Route53 hosted zone | `string` | `"dibbs.cloud"` | no |
+| <a name="input_ingress_created"></a> [ingress\_created](#input\_ingress\_created) | The ID of the Kubernetes Ingress resource | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_aws_acm_certificate_arn"></a> [aws\_acm\_certificate\_arn](#output\_aws\_acm\_certificate\_arn) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/implementation/modules/s3/README.md b/terraform/aws/implementation/modules/s3/README.md
@@ -0,0 +1,40 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_iam_policy.s3_bucket_ecr_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.s3_role_for_ecr_viewer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.s3_bucket_ecr_viewer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_s3_bucket.s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_iam_policy_document.ecr_viewer_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_eks_assume_role_policy"></a> [eks\_assume\_role\_policy](#input\_eks\_assume\_role\_policy) | n/a | `string` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | n/a | `string` | `"us-east-1"` | no |
+| <a name="input_s3_name"></a> [s3\_name](#input\_s3\_name) | n/a | `string` | `"processed-ecr-files"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_ecr_bucket_name"></a> [ecr\_bucket\_name](#output\_ecr\_bucket\_name) | n/a |
+| <a name="output_ecr_viewer_s3_role_arn"></a> [ecr\_viewer\_s3\_role\_arn](#output\_ecr\_viewer\_s3\_role\_arn) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/aws/setup/README.md b/terraform/aws/setup/README.md
@@ -0,0 +1,37 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | =5.61.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | =5.61.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_dynamodb_table.tfstate_lock](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/dynamodb_table) | resource |
+| [aws_s3_bucket.tfstate](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_public_access_block.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_public_access_block) | resource |
+| [aws_s3_bucket_server_side_encryption_configuration.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
+| [aws_s3_bucket_versioning.default](https://registry.terraform.io/providers/hashicorp/aws/5.61.0/docs/resources/s3_bucket_versioning) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_region"></a> [region](#input\_region) | AWS region | `string` | `"us-east-1"` | no |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/terraform/azure/implementation/README.md b/terraform/azure/implementation/README.md
@@ -0,0 +1,107 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_azapi"></a> [azapi](#requirement\_azapi) | = 1.8.0 |
+| <a name="requirement_azuread"></a> [azuread](#requirement\_azuread) | = 2.41.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | = 3.69.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | = 2.10.1 |
+| <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 1.14.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | = 3.5.1 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azapi"></a> [azapi](#provider\_azapi) | = 1.8.0 |
+| <a name="provider_azuread"></a> [azuread](#provider\_azuread) | = 2.41.0 |
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | = 3.69.0 |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | = 2.10.1 |
+| <a name="provider_kubectl"></a> [kubectl](#provider\_kubectl) | >= 1.14.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azapi_resource.ssh_public_key](https://registry.terraform.io/providers/azure/azapi/1.8.0/docs/resources/resource) | resource |
+| [azapi_resource_action.ssh_public_key_gen](https://registry.terraform.io/providers/azure/azapi/1.8.0/docs/resources/resource_action) | resource |
+| [azuread_application.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/application) | resource |
+| [azuread_service_principal.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/service_principal) | resource |
+| [azuread_service_principal_password.aks](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/resources/service_principal_password) | resource |
+| [azurerm_application_gateway.network](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/application_gateway) | resource |
+| [azurerm_kubernetes_cluster.k8s](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/kubernetes_cluster) | resource |
+| [azurerm_linux_web_app.playground_webapp](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/linux_web_app) | resource |
+| [azurerm_portal_dashboard.pipeline_metrics](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/portal_dashboard) | resource |
+| [azurerm_public_ip.aks](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/public_ip) | resource |
+| [azurerm_role_assignment.app_gateway_subnet_network_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.gateway_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.monitoring_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.public_ip_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.resource_group_reader](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/role_assignment) | resource |
+| [azurerm_service_plan.playground_appserviceplan](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/service_plan) | resource |
+| [azurerm_virtual_network.aks_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/resources/virtual_network) | resource |
+| [helm_release.agic](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource |
+| [helm_release.building_blocks](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource |
+| [helm_release.cert_manager](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource |
+| [helm_release.keda](https://registry.terraform.io/providers/hashicorp/helm/2.10.1/docs/resources/release) | resource |
+| [kubectl_manifest.cert_manager_issuer](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.keda_scaled_object](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.keda_secret](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubectl_manifest.keda_trigger](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [azuread_client_config.current](https://registry.terraform.io/providers/hashicorp/azuread/2.41.0/docs/data-sources/client_config) | data source |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/client_config) | data source |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/resource_group) | data source |
+| [azurerm_subnet.appgwsubnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/subnet) | data source |
+| [azurerm_subnet.kubesubnet](https://registry.terraform.io/providers/hashicorp/azurerm/3.69.0/docs/data-sources/subnet) | data source |
+| [kubectl_path_documents.keda_scaled_object](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source |
+| [kubectl_path_documents.keda_secret](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source |
+| [kubectl_path_documents.keda_trigger](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/data-sources/path_documents) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_aks_agent_count"></a> [aks\_agent\_count](#input\_aks\_agent\_count) | The number of agent nodes for the cluster. | `number` | `1` | no |
+| <a name="input_aks_agent_os_disk_size"></a> [aks\_agent\_os\_disk\_size](#input\_aks\_agent\_os\_disk\_size) | Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 applies the default disk size for that agentVMSize. | `number` | `40` | no |
+| <a name="input_aks_agent_vm_size"></a> [aks\_agent\_vm\_size](#input\_aks\_agent\_vm\_size) | VM size | `string` | `"Standard_D2_v2"` | no |
+| <a name="input_aks_dns_service_ip"></a> [aks\_dns\_service\_ip](#input\_aks\_dns\_service\_ip) | DNS server IP address | `string` | `"10.0.0.10"` | no |
+| <a name="input_aks_enable_rbac"></a> [aks\_enable\_rbac](#input\_aks\_enable\_rbac) | Enable RBAC on the AKS cluster. Defaults to false. | `bool` | `"false"` | no |
+| <a name="input_aks_service_cidr"></a> [aks\_service\_cidr](#input\_aks\_service\_cidr) | CIDR notation IP range from which to assign service cluster IPs | `string` | `"10.0.0.0/16"` | no |
+| <a name="input_app_gateway_sku"></a> [app\_gateway\_sku](#input\_app\_gateway\_sku) | Name of the Application Gateway SKU | `string` | `"Standard_v2"` | no |
+| <a name="input_app_gateway_subnet_address_prefix"></a> [app\_gateway\_subnet\_address\_prefix](#input\_app\_gateway\_subnet\_address\_prefix) | Subnet server IP address. | `string` | `"10.30.2.0/24"` | no |
+| <a name="input_app_gateway_tier"></a> [app\_gateway\_tier](#input\_app\_gateway\_tier) | Tier of the Application Gateway tier | `string` | `"Standard_v2"` | no |
+| <a name="input_client_id"></a> [client\_id](#input\_client\_id) | Client ID | `any` | n/a | yes |
+| <a name="input_k8s_subnet_address_prefix"></a> [k8s\_subnet\_address\_prefix](#input\_k8s\_subnet\_address\_prefix) | Ip address space for kubernetes subnet vnet | `string` | `"10.30.1.0/24"` | no |
+| <a name="input_k8s_vnet_address_space"></a> [k8s\_vnet\_address\_space](#input\_k8s\_vnet\_address\_space) | Ip address space for kubernetes vnet | `string` | `"10.30.0.0/16"` | no |
+| <a name="input_location"></a> [location](#input\_location) | value of the Azure location to deploy to | `string` | `"Central US"` | no |
+| <a name="input_msi_id"></a> [msi\_id](#input\_msi\_id) | The Managed Service Identity ID. Set this value if you're running this example using Managed Identity as the authentication method. | `string` | `null` | no |
+| <a name="input_object_id"></a> [object\_id](#input\_object\_id) | Object ID | `any` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | value of the Azure resource group to deploy to | `any` | n/a | yes |
+| <a name="input_services_to_chart"></a> [services\_to\_chart](#input\_services\_to\_chart) | Note: The chart names are limited to 15 characters | `map(string)` | <pre>{<br>  "fhir-converter": "fhir-converter-chart",<br>  "ingestion": "ingestion-chart",<br>  "ingress": "ingress-chart",<br>  "message-parser": "message-parser-chart",<br>  "message-refiner": "message-refiner",<br>  "orchestration": "orchestration",<br>  "tefca-viewer": "tefca-viewer",<br>  "trigger-code-reference": "trigger-code-reference",<br>  "validation": "validation-chart"<br>}</pre> | no |
+| <a name="input_smarty_auth_id"></a> [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes |
+| <a name="input_smarty_auth_token"></a> [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes |
+| <a name="input_smarty_license_type"></a> [smarty\_license\_type](#input\_smarty\_license\_type) | value of the SmartyStreets license type to use | `string` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | value of the Azure Subscription ID to use | `any` | n/a | yes |
+| <a name="input_use_oidc"></a> [use\_oidc](#input\_use\_oidc) | Use OIDC for authentication. | `bool` | `false` | no |
+| <a name="input_vm_username"></a> [vm\_username](#input\_vm\_username) | User name for the VM | `string` | `"aks_user"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_aks_cluster_name"></a> [aks\_cluster\_name](#output\_aks\_cluster\_name) | n/a |
+| <a name="output_application_ip_address"></a> [application\_ip\_address](#output\_application\_ip\_address) | n/a |
+| <a name="output_client_certificate"></a> [client\_certificate](#output\_client\_certificate) | n/a |
+| <a name="output_client_key"></a> [client\_key](#output\_client\_key) | n/a |
+| <a name="output_cluster_ca_certificate"></a> [cluster\_ca\_certificate](#output\_cluster\_ca\_certificate) | n/a |
+| <a name="output_cluster_password"></a> [cluster\_password](#output\_cluster\_password) | n/a |
+| <a name="output_cluster_username"></a> [cluster\_username](#output\_cluster\_username) | n/a |
+| <a name="output_host"></a> [host](#output\_host) | n/a |
+| <a name="output_key_data"></a> [key\_data](#output\_key\_data) | n/a |
+| <a name="output_kube_config"></a> [kube\_config](#output\_kube\_config) | n/a |
+<!-- END_TF_DOCS -->
diff --git a/terraform/azure/setup/README.md b/terraform/azure/setup/README.md
@@ -0,0 +1,37 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =3.23.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | =3.23.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_storage_account.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/3.23.0/docs/resources/storage_account) | resource |
+| [azurerm_storage_container.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/3.23.0/docs/resources/storage_container) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_client_id"></a> [client\_id](#input\_client\_id) | value of the Azure App registration ID to use in the tfstate storage account name | `any` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | value of the Azure location to deploy to | `string` | `"Central US"` | no |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | value of the Azure resource group to deploy to | `any` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | value of the Azure Subscription ID to use | `any` | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/terraform/utilities/generate_tf_docs.sh b/terraform/utilities/generate_tf_docs.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# aws
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/cognito
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/eks
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/rds
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/route53
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/implementation/modules/s3
+terraform-docs markdown table --output-file README.md --output-mode inject ../aws/setup
+
+# azure
+terraform-docs markdown table --output-file README.md --output-mode inject ../azure/implementation
+terraform-docs markdown table --output-file README.md --output-mode inject ../azure/setup
diff --git a/terraform/utilities/tf_fmt.sh b/terraform/utilities/tf_fmt.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+terraform fmt -recursive ../