-
Notifications
You must be signed in to change notification settings - Fork 97
/
main.tf
66 lines (54 loc) · 1.65 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
resource "random_string" "friendly_name" {
length = 4
upper = false # Some AWS resources do not accept uppercase characters.
numeric = false
special = false
}
# Keypair for SSH
# ---------------
resource "tls_private_key" "main" {
algorithm = "RSA"
}
resource "local_file" "private_key_pem" {
filename = "${path.module}/work/private-key.pem"
content = tls_private_key.main.private_key_pem
file_permission = "0600"
}
resource "aws_key_pair" "main" {
public_key = tls_private_key.main.public_key_openssh
key_name = "${local.friendly_name_prefix}-ssh"
}
# Key Management Service
# ----------------------
module "kms" {
source = "../../fixtures/kms"
key_alias = "${local.friendly_name_prefix}-key"
}
# Store TFE License as secret
# ---------------------------
module "secrets" {
source = "../../fixtures/secrets"
tfe_license = {
name = "${local.friendly_name_prefix}-license"
path = var.license_file
}
}
# TFE installation into an existing vm image
# ------------------------------------------
module "existing_image" {
source = "../../"
acm_certificate_arn = var.acm_certificate_arn
domain_name = var.domain_name
friendly_name_prefix = local.friendly_name_prefix
tfe_subdomain = var.tfe_subdomain
tfe_license_secret_id = module.secrets.tfe_license_secret_id
ami_id = local.ami_id
distribution = "ubuntu"
iact_subnet_list = var.iact_subnet_list
key_name = aws_key_pair.main.key_name
kms_key_arn = module.kms.key
load_balancing_scheme = "PUBLIC"
asg_tags = var.tags
}