Created terraform configuration to manage AWS infrastructure.

2019-09-24 22:40:08 -05:00
parent a4b798cec4
commit 0a8f701c3c
11 changed files with 994 additions and 0 deletions
--- a/operations/terraform/main.tf
+++ b/operations/terraform/main.tf
@@ -0,0 +1,30 @@
+resource "aws_s3_bucket" "personal_measure" {
+  bucket = "${var.deploy_bucket_name}"
+  acl    = "log-delivery-write"
+}
+
+module "dev_env" {
+  source = "./deployed_env"
+  
+  environment = "dev"
+  artifact_bucket = aws_s3_bucket.personal_measure
+  cloudfront_ssl_certificate_arn = "arn:aws:acm:us-east-1:063932952339:certificate/48fe3ce0-4700-4eaa-b433-bb634f47934c"
+}
+
+module "prod_env" {
+  source = "./deployed_env"
+  
+  environment = "prod"
+  artifact_bucket = aws_s3_bucket.personal_measure
+  cloudfront_ssl_certificate_arn = "arn:aws:acm:us-east-1:063932952339:certificate/48fe3ce0-4700-4eaa-b433-bb634f47934c"
+}
+
+data "aws_iam_policy_document" "cloudfront_access_policy" {
+  source_json   = "${module.dev_env.oai_access_policy.json}"
+  override_json = "${module.prod_env.oai_access_policy.json}"
+}
+
+resource "aws_s3_bucket_policy" "personal_measure" {
+  bucket = "${aws_s3_bucket.personal_measure.id}"
+  policy = "${data.aws_iam_policy_document.cloudfront_access_policy.json}"
+}