Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add boostrap action var #1

Draft
wants to merge 19 commits into
base: emr-security-configuration
Choose a base branch
from
Draft

add boostrap action var #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
ee62d2b
add boostrap action var
paulsef Jun 7, 2023
4f2882b
type is map of strings
paulsef Jun 7, 2023
0c84704
default
paulsef Jun 7, 2023
201d7c8
block, not a list
paulsef Jun 7, 2023
c854dd8
unpack var to block
paulsef Jun 7, 2023
0337de2
fix default
paulsef Jun 7, 2023
5ca34ad
any
paulsef Jun 7, 2023
13af5f0
object not map, everything is typed
paulsef Jun 8, 2023
0dac93f
copy from aws module
paulsef Jun 8, 2023
09cfb2f
attach current policy
paulsef Jun 9, 2023
d5b4485
add custom policy for now
paulsef Jun 9, 2023
0dab8f7
typos
paulsef Jun 9, 2023
5652d6e
more typos
paulsef Jun 9, 2023
758b1bb
change hard coded ssm path
paulsef Jun 9, 2023
a4c975f
wildcard
paulsef Jun 9, 2023
f641151
parameter(no-s)
paulsef Jun 9, 2023
7734c1f
make the policy a var
paulsef Jun 9, 2023
2fb781f
use static var in count
paulsef Jun 9, 2023
620d1eb
typo
paulsef Jun 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions aws_datalake/modules/emr/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,16 @@ resource "aws_emr_cluster" "segment_data_lake_emr_cluster" {
service_role = var.iam_emr_service_role
autoscaling_role = var.iam_emr_autoscaling_role
security_configuration = var.security_configuration

dynamic "bootstrap_action" {
for_each = var.bootstrap_action

content {
args = try(bootstrap_action.value.args, null)
name = bootstrap_action.value.name
path = bootstrap_action.value.path
}
}

master_instance_group {
instance_type = var.master_instance_type
Expand Down
6 changes: 6 additions & 0 deletions aws_datalake/modules/emr/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,12 @@ variable "task_instance_max_count" {
default = "4"
}

variable "bootstrap_action" {
description = "Ordered list of bootstrap actions that will be run before Hadoop is started on the cluster nodes"
type = any
default = {}
}

locals {
tags = merge(tomap({"vendor" = "segment"}), var.tags)
}
15 changes: 13 additions & 2 deletions aws_datalake/modules/iam/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -289,9 +289,8 @@ resource "aws_iam_instance_profile" "segment_emr_instance_profile" {
role = aws_iam_role.segment_emr_instance_profile_role.name
}

resource "aws_iam_role_policy" "segment_emr_instance_profile_policy" {
resource "aws_iam_policy" "segment_emr_instance_profile_policy" {
name = "SegmentEMRInstanceProfilePolicy${var.suffix}"
role = aws_iam_role.segment_emr_instance_profile_role.id

policy = <<EOF
{
Expand Down Expand Up @@ -364,6 +363,17 @@ resource "aws_iam_role_policy" "segment_emr_instance_profile_policy" {
EOF
}

resource "aws_iam_role_policy_attachment" "segment_emr_instance_profile_policy_attachment" {
role = aws_iam_role.segment_emr_instance_profile_role.name
policy_arn = aws_iam_policy.segment_emr_instance_profile_policy.arn
}

resource "aws_iam_role_policy_attachment" "segment_emr_instance_profile_policy_custom_attachment" {
count = var.attach_custom_emr_isntance_profile_policy ? 1 : 0
role = aws_iam_role.segment_emr_instance_profile_role.name
policy_arn = var.custom_emr_instance_profile_policy_arn
}

# IAM Role for EMR Autoscaling role
resource "aws_iam_role" "segment_emr_autoscaling_role" {
name = "SegmentEMRAutoscalingRole${var.suffix}"
Expand All @@ -389,6 +399,7 @@ EOF
tags = local.tags
}


resource "aws_iam_role_policy" "segmnet_emr_autoscaling_policy" {
name = "SegmentEMRAutoscalingPolicy${var.suffix}"
role = aws_iam_role.segment_emr_autoscaling_role.id
Expand Down
12 changes: 12 additions & 0 deletions aws_datalake/modules/iam/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,18 @@ variable "tags" {
default = {}
}

variable "custom_emr_instance_profile_policy_arn" {
description = "ARN of a IAM policy. This policy will be attached to the instance profile role"
type = string
default = ""
}

variable "attach_custom_emr_isntance_profile_policy" {
description = "boolean flag to use the above policy arn"
type = bool
default = false
}

locals {
tags = merge(tomap({"vendor" = "segment"}), var.tags)
}