Merge pull request #523 from SmartColumbusOS/aip_migration

srashee1 · web-flow · commit 39b2b6de9579 · 2021-08-18T09:21:58.000-05:00
Adding visibility tag to vpc
diff --git a/features/elasticsearch.hcl b/features/elasticsearch.hcl
@@ -133,7 +133,7 @@ POLICY
 }
 
 resource "aws_iam_service_linked_role" "elasticsearch" {
-  count = var.sandbox ? 0 : 1
+  count            = var.sandbox ? 0 : 1
   aws_service_name = "es.amazonaws.com"
 }
 
@@ -161,10 +161,10 @@ resource "aws_security_group_rule" "vpn_to_elasticsearch" {
   description       = "Allow VPN hosts to communicate with ElasticSearch instances."
   protocol          = "tcp"
   security_group_id = aws_security_group.elasticsearch.id
-  cidr_blocks = [data.terraform_remote_state.alm_remote_state.outputs.vpc_cidr_block]
-  from_port   = 443
-  to_port     = 443
-  type        = "ingress"
+  cidr_blocks       = [data.terraform_remote_state.alm_remote_state.outputs.vpc_cidr_block]
+  from_port         = 443
+  to_port           = 443
+  type              = "ingress"
 }
 
 resource "aws_security_group_rule" "elasticsearch_intra_cluster" {
diff --git a/features/redis.hcl b/features/redis.hcl
@@ -36,7 +36,7 @@ resource "aws_security_group_rule" "eks_workers_to_redis" {
 }
 
 resource "aws_elasticache_subnet_group" "redis_cache_subnet" {
-  name = "redis-cache-subnet-${terraform.workspace}"
+  name       = "redis-cache-subnet-${terraform.workspace}"
   subnet_ids = module.vpc.private_subnets
 }
 
diff --git a/s3.tf b/s3.tf
@@ -61,7 +61,7 @@ resource "aws_s3_bucket_public_access_block" "os_hosted_datasets_s3_access" {
 }
 
 resource "aws_s3_bucket_policy" "os_hosted_datasets_ssl_policy" {
-  depends_on = [ aws_s3_bucket_public_access_block.os_hosted_datasets_s3_access ]
+  depends_on = [aws_s3_bucket_public_access_block.os_hosted_datasets_s3_access]
 
   bucket = aws_s3_bucket.os_hosted_datasets.id
 
@@ -112,7 +112,7 @@ resource "aws_s3_bucket_public_access_block" "ckan_s3_access" {
 }
 
 resource "aws_s3_bucket_policy" "ckan_ssl_policy" {
-  depends_on = [ aws_s3_bucket_public_access_block.ckan_s3_access ]
+  depends_on = [aws_s3_bucket_public_access_block.ckan_s3_access]
 
   bucket = aws_s3_bucket.ckan.id
 
@@ -178,7 +178,7 @@ resource "aws_s3_bucket_public_access_block" "andi_public_sample_datasets_access
 }
 
 resource "aws_s3_bucket_policy" "andi_ssl_policy" {
-  depends_on = [ aws_s3_bucket_public_access_block.andi_public_sample_datasets_access ]
+  depends_on = [aws_s3_bucket_public_access_block.andi_public_sample_datasets_access]
 
   bucket = aws_s3_bucket.andi_public_sample_datasets.id
 
diff --git a/shared b/shared
@@ -1 +1 @@
-Subproject commit d2aa095d2fa609ae7280b018fc2f832e08261562
+Subproject commit e3d50107fc13750aceec9d7fd82537cc355b3c9f
diff --git a/vpc.tf b/vpc.tf
@@ -47,6 +47,11 @@ module "vpc" {
   private_subnet_tags = {
     "kubernetes.io/role/internal-elb" = ""
     "kubernetes.io/role/alb-ingress"  = ""
+    "Visibility"                      = "private"
+  }
+
+  public_subnet_tags = {
+    "Visibility" = "public"
   }
 
   tags = {
@@ -60,7 +65,7 @@ module "vpc" {
 resource "aws_db_subnet_group" "default" {
   name        = "environment db ${terraform.workspace} subnet group"
   description = "DB Subnet Group"
-  subnet_ids = module.vpc.private_subnets
+  subnet_ids  = module.vpc.private_subnets
 
   tags = {
     Name = "Subnet Group for Environment ${terraform.workspace} VPC"

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ resource "aws_security_group_rule" "eks_workers_to_redis" {`
`36`	`36`	`}`
`37`	`37`
`38`	`38`	`resource "aws_elasticache_subnet_group" "redis_cache_subnet" {`
`39`		`- name = "redis-cache-subnet-${terraform.workspace}"`
	`39`	`+ name = "redis-cache-subnet-${terraform.workspace}"`
`40`	`40`	`subnet_ids = module.vpc.private_subnets`
`41`	`41`	`}`
`42`	`42`
Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,7 @@ resource "aws_s3_bucket_public_access_block" "os_hosted_datasets_s3_access" {`
`61`	`61`	`}`
`62`	`62`
`63`	`63`	`resource "aws_s3_bucket_policy" "os_hosted_datasets_ssl_policy" {`
`64`		`- depends_on = [ aws_s3_bucket_public_access_block.os_hosted_datasets_s3_access ]`
	`64`	`+ depends_on = [aws_s3_bucket_public_access_block.os_hosted_datasets_s3_access]`
`65`	`65`
`66`	`66`	`bucket = aws_s3_bucket.os_hosted_datasets.id`
`67`	`67`
`@@ -112,7 +112,7 @@ resource "aws_s3_bucket_public_access_block" "ckan_s3_access" {`
`112`	`112`	`}`
`113`	`113`
`114`	`114`	`resource "aws_s3_bucket_policy" "ckan_ssl_policy" {`
`115`		`- depends_on = [ aws_s3_bucket_public_access_block.ckan_s3_access ]`
	`115`	`+ depends_on = [aws_s3_bucket_public_access_block.ckan_s3_access]`
`116`	`116`
`117`	`117`	`bucket = aws_s3_bucket.ckan.id`
`118`	`118`
`@@ -178,7 +178,7 @@ resource "aws_s3_bucket_public_access_block" "andi_public_sample_datasets_access`
`178`	`178`	`}`
`179`	`179`
`180`	`180`	`resource "aws_s3_bucket_policy" "andi_ssl_policy" {`
`181`		`- depends_on = [ aws_s3_bucket_public_access_block.andi_public_sample_datasets_access ]`
	`181`	`+ depends_on = [aws_s3_bucket_public_access_block.andi_public_sample_datasets_access]`
`182`	`182`
`183`	`183`	`bucket = aws_s3_bucket.andi_public_sample_datasets.id`
`184`	`184`