auto-format all code (#17)

dbl-works · Jul 13, 2021 · 0cd6e56 · 0cd6e56
1 parent 6a5396e
commit 0cd6e56
Show file tree

Hide file tree

Showing 11 changed files with 94 additions and 94 deletions.
diff --git a/cognito/user-pool.tf b/cognito/user-pool.tf
@@ -37,10 +37,10 @@ resource "aws_cognito_user_pool" "pool" {
   mfa_configuration = "OPTIONAL"
 
   password_policy {
-    minimum_length    = 8
-    require_lowercase = true
-    require_numbers   = true
-    require_symbols   = true
+    minimum_length                   = 8
+    require_lowercase                = true
+    require_numbers                  = true
+    require_symbols                  = true
     temporary_password_validity_days = 7
   }
 

diff --git a/ecs/alb.tf b/ecs/alb.tf
@@ -1,15 +1,15 @@
 # Main load balancer for user facing traffic
 resource "aws_alb" "alb" {
-  name = local.name
+  name    = local.name
   subnets = var.subnet_public_ids
   security_groups = [
     aws_security_group.alb.id,
   ]
   enable_http2 = "true"
   idle_timeout = 600
   tags = {
-    Name = "${var.project}-${var.environment}"
-    Project = var.project
+    Name        = "${var.project}-${var.environment}"
+    Project     = var.project
     Environment = var.environment
   }
 }
@@ -22,8 +22,8 @@ resource "aws_alb_listener" "http" {
   default_action {
     type = "redirect"
     redirect {
-      port = "443"
-      protocol = "HTTPS"
+      port        = "443"
+      protocol    = "HTTPS"
       status_code = "HTTP_301"
     }
   }
@@ -33,10 +33,10 @@ resource "aws_alb_listener" "https" {
   load_balancer_arn = aws_alb.alb.id
   port              = "443"
   protocol          = "HTTPS"
-  certificate_arn    = var.certificate_arn
+  certificate_arn   = var.certificate_arn
 
   default_action {
     target_group_arn = aws_alb_target_group.ecs.arn
-    type = "forward"
+    type             = "forward"
   }
 }
diff --git a/ecs/log-group.tf b/ecs/log-group.tf
@@ -1,9 +1,9 @@
 resource "aws_cloudwatch_log_group" "ecs-app" {
-  name = "/ecs/${var.project}/app/${var.environment}"
+  name              = "/ecs/${var.project}/app/${var.environment}"
   retention_in_days = 3
 
   tags = {
-    Project = var.project
+    Project     = var.project
     Environment = var.environment
   }
 }
diff --git a/ecs/security-groups.tf b/ecs/security-groups.tf
@@ -1,77 +1,77 @@
 # Load balancer to receive all incoming traffic infront of the cluster
 resource "aws_security_group" "alb" {
   vpc_id = var.vpc_id
-  name = "${var.project}-${var.environment}-alb"
+  name   = "${var.project}-${var.environment}-alb"
   tags = {
-    Name = "${var.project}-${var.environment}-alb"
+    Name        = "${var.project}-${var.environment}-alb"
     Description = "Incoming internet traffic to Load Balancer"
-    Project = var.project
+    Project     = var.project
     Environment = var.environment
   }
 
   egress {
-    from_port = 0
-    to_port = 0
-    protocol = -1
+    from_port   = 0
+    to_port     = 0
+    protocol    = -1
     cidr_blocks = ["0.0.0.0/0"] # TODO: Change this to internal IPs only
   }
 }
 
 resource "aws_security_group_rule" "lb-http" {
-  type = "ingress"
-  from_port = 80
-  to_port = 80
-  protocol = "tcp"
+  type              = "ingress"
+  from_port         = 80
+  to_port           = 80
+  protocol          = "tcp"
   security_group_id = aws_security_group.alb.id
-  cidr_blocks = ["0.0.0.0/0"]
+  cidr_blocks       = ["0.0.0.0/0"]
 }
 
 resource "aws_security_group_rule" "lb-https" {
-  type = "ingress"
-  from_port = 443
-  to_port = 443
-  protocol = "tcp"
+  type              = "ingress"
+  from_port         = 443
+  to_port           = 443
+  protocol          = "tcp"
   security_group_id = aws_security_group.alb.id
-  cidr_blocks = ["0.0.0.0/0"]
+  cidr_blocks       = ["0.0.0.0/0"]
 }
 
 
 
 # ECS cluster should only be able to receive traffic to container ports from the ALB
 resource "aws_security_group" "ecs" {
   vpc_id = var.vpc_id
-  name = "${var.project}-${var.environment}-ecs"
+  name   = "${var.project}-${var.environment}-ecs"
   tags = {
-    Name = "${var.project}-${var.environment}-ecs"
+    Name        = "${var.project}-${var.environment}-ecs"
     Description = "Internal ECS communication"
-    Project = var.project
+    Project     = var.project
     Environment = var.environment
   }
 
   # This allows outbound traffic to systems like ECR, and internal rails application API calls
   egress {
-    from_port = 0
-    to_port = 0
-    protocol = -1
+    from_port   = 0
+    to_port     = 0
+    protocol    = -1
     cidr_blocks = ["0.0.0.0/0"] # TODO: Change this to only allow NAT/proxy traffic
   }
 }
 
 resource "aws_security_group_rule" "ecs-lb-3000" {
-  type = "ingress"
-  from_port = 3000
-  to_port = 3000
-  protocol = "tcp"
-  security_group_id = aws_security_group.ecs.id
+  type                     = "ingress"
+  from_port                = 3000
+  to_port                  = 3000
+  protocol                 = "tcp"
+  security_group_id        = aws_security_group.ecs.id
   source_security_group_id = aws_security_group.alb.id
 }
 
 resource "aws_security_group_rule" "ecs-ssh" {
-  count = length(var.allowlisted_ssh_ips) > 0 ? 1 : 0
-  type = "ingress"
-  from_port = 22
-  to_port = 22
-  protocol = "tcp"
+  count             = length(var.allowlisted_ssh_ips) > 0 ? 1 : 0
+  type              = "ingress"
+  from_port         = 22
+  to_port           = 22
+  protocol          = "tcp"
   security_group_id = aws_security_group.ecs.id
-  cidr_blocks = var.allowlisted_ssh_ips
+  cidr_blocks       = var.allowlisted_ssh_ips
 }
diff --git a/kms-key/kms-aliases.tf b/kms-key/kms-aliases.tf
@@ -1,4 +1,4 @@
 resource "aws_kms_alias" "a" {
-  name = "alias/${var.project}/${var.environment}/${var.alias}"
+  name          = "alias/${var.project}/${var.environment}/${var.alias}"
   target_key_id = aws_kms_key.key.key_id
 }
diff --git a/kms-key/kms-key.tf b/kms-key/kms-key.tf
@@ -1,9 +1,9 @@
 resource "aws_kms_key" "key" {
-  description = var.description
+  description             = var.description
   deletion_window_in_days = var.deletion_window_in_days
-  enable_key_rotation = true
+  enable_key_rotation     = true
   tags = {
-    Project = var.project
+    Project     = var.project
     Environment = var.environment
   }
 }
diff --git a/rds/parameter-group.tf b/rds/parameter-group.tf
@@ -1,5 +1,5 @@
 resource "aws_db_parameter_group" "postgres13" {
-  name = "${var.project}-${var.environment}-postgres13"
+  name   = "${var.project}-${var.environment}-postgres13"
   family = "postgres13"
   parameter {
     name  = "log_statement"
@@ -10,7 +10,7 @@ resource "aws_db_parameter_group" "postgres13" {
     value = "0"
   }
   parameter {
-    name = "rds.force_ssl"
+    name  = "rds.force_ssl"
     value = 1
   }
 }
diff --git a/rds/rds.tf b/rds/rds.tf
@@ -1,36 +1,36 @@
 resource "aws_db_instance" "main" {
   db_subnet_group_name = aws_db_subnet_group.main.name
-  allocated_storage = var.allocated_storage
-  storage_type = "gp2"
-  engine = "postgres"
-  engine_version = var.engine_version
-  instance_class = var.instance_class
-  identifier = "${var.project}-${var.environment}"
-  skip_final_snapshot = true
-  username = var.username
-  password = var.password
+  allocated_storage    = var.allocated_storage
+  storage_type         = "gp2"
+  engine               = "postgres"
+  engine_version       = var.engine_version
+  instance_class       = var.instance_class
+  identifier           = "${var.project}-${var.environment}"
+  skip_final_snapshot  = true
+  username             = var.username
+  password             = var.password
   parameter_group_name = aws_db_parameter_group.postgres13.name
-  apply_immediately = true
-  multi_az = var.multi_az
-  publicly_accessible = var.publicly_accessible
-  deletion_protection = true
+  apply_immediately    = true
+  multi_az             = var.multi_az
+  publicly_accessible  = var.publicly_accessible
+  deletion_protection  = true
   vpc_security_group_ids = [
     aws_security_group.db.id,
   ]
-  backup_retention_period = 7
-  storage_encrypted = true
-  kms_key_id = var.kms_key_arn
-  monitoring_interval = 5
-  monitoring_role_arn = aws_iam_role.rds-enhanced-monitoring.arn
-  performance_insights_enabled = true
+  backup_retention_period         = 7
+  storage_encrypted               = true
+  kms_key_id                      = var.kms_key_arn
+  monitoring_interval             = 5
+  monitoring_role_arn             = aws_iam_role.rds-enhanced-monitoring.arn
+  performance_insights_enabled    = true
   performance_insights_kms_key_id = var.kms_key_arn
   enabled_cloudwatch_logs_exports = [
     "postgresql",
     "upgrade",
   ]
   tags = {
-    Name = "${var.project}-${var.environment}"
-    Project = var.project
+    Name        = "${var.project}-${var.environment}"
+    Project     = var.project
     Environment = var.environment
   }
 }
diff --git a/rds/role-enhanced-monitoring.tf b/rds/role-enhanced-monitoring.tf
@@ -1,16 +1,16 @@
 # RDS Enhanced Monitoring requires a specific role + KMS key to operate
 resource "aws_iam_role" "rds-enhanced-monitoring" {
-  name = "rds-enhanced-monitoring-${var.project}-${var.environment}"
+  name               = "rds-enhanced-monitoring-${var.project}-${var.environment}"
   assume_role_policy = data.aws_iam_policy_document.rds_enhanced_monitoring.json
 
   tags = {
-    Project = var.project
+    Project     = var.project
     Environment = var.environment
   }
 }
 
 resource "aws_iam_role_policy_attachment" "rds_enhanced_monitoring" {
-  role = aws_iam_role.rds-enhanced-monitoring.name
+  role       = aws_iam_role.rds-enhanced-monitoring.name
   policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
 }
 

diff --git a/rds/security-group.tf b/rds/security-group.tf
@@ -1,20 +1,20 @@
 resource "aws_security_group" "db" {
-  name = "${var.project}-${var.environment}-db"
+  name   = "${var.project}-${var.environment}-db"
   vpc_id = var.vpc_id
 
   tags = {
-    Name = "${var.project}-${var.environment}-db"
-    Project = var.project
+    Name        = "${var.project}-${var.environment}-db"
+    Project     = var.project
     Environment = var.environment
   }
 }
 
 resource "aws_security_group_rule" "db-from-cidr-blocks" {
-  count = length(var.allow_from_cidr_blocks)
-  type = "ingress"
-  from_port = 5432
-  to_port = 5432
-  protocol = "tcp"
+  count             = length(var.allow_from_cidr_blocks)
+  type              = "ingress"
+  from_port         = 5432
+  to_port           = 5432
+  protocol          = "tcp"
   security_group_id = aws_security_group.db.id
   cidr_blocks = [
     var.allow_from_cidr_blocks[count.index],
@@ -23,12 +23,12 @@ resource "aws_security_group_rule" "db-from-cidr-blocks" {
 }
 
 resource "aws_security_group_rule" "db-from-security-groups" {
-  count = length(var.allow_from_security_groups)
-  type = "ingress"
-  from_port = 5432
-  to_port = 5432
-  protocol = "tcp"
-  security_group_id = aws_security_group.db.id
+  count                    = length(var.allow_from_security_groups)
+  type                     = "ingress"
+  from_port                = 5432
+  to_port                  = 5432
+  protocol                 = "tcp"
+  security_group_id        = aws_security_group.db.id
   source_security_group_id = var.allow_from_security_groups[count.index]
-  description = "From security group: ${var.allow_from_security_groups[count.index]}"
+  description              = "From security group: ${var.allow_from_security_groups[count.index]}"
 }
diff --git a/rds/subnet-group.tf b/rds/subnet-group.tf
@@ -1,10 +1,10 @@
 resource "aws_db_subnet_group" "main" {
-  name = "${var.project}-${var.environment}"
+  name       = "${var.project}-${var.environment}"
   subnet_ids = var.subnet_ids
 
   tags = {
-    Name = "${var.project}-${var.environment}"
-    Project = var.project
+    Name        = "${var.project}-${var.environment}"
+    Project     = var.project
     Environment = var.environment
   }
 }