Move Terraform state into S3 (using DynamoDB for locking).
This commit is contained in:
parent
ead77534ce
commit
716f09681c
@ -5,15 +5,7 @@ variable "aws_region" {
|
||||
default = "us-west-2" # Oregon
|
||||
}
|
||||
|
||||
variable "deploy_bucket_name" {
|
||||
variable "app_root_url" {
|
||||
description = "Name of the S3 bucket to store deployed artifacts, logs, etc."
|
||||
default = "pm.jdb-labs.com"
|
||||
}
|
||||
|
||||
#### Provider Configuration
|
||||
|
||||
provider "aws" {
|
||||
region = var.aws_region
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -1,8 +1,28 @@
|
||||
provider "aws" {
|
||||
region = var.aws_region
|
||||
}
|
||||
|
||||
resource "aws_s3_bucket" "personal_measure" {
|
||||
bucket = "${var.deploy_bucket_name}"
|
||||
bucket = "${var.app_root_url}"
|
||||
acl = "log-delivery-write"
|
||||
}
|
||||
|
||||
resource "aws_dynamodb_table" "dynamodb_terraform-state-lock" {
|
||||
name = "terraform-state-lock.${var.app_root_url}"
|
||||
hash_key = "LockID"
|
||||
read_capacity = 20
|
||||
write_capacity = 20
|
||||
|
||||
attribute {
|
||||
name = "LockID"
|
||||
type = "S"
|
||||
}
|
||||
|
||||
tags = {
|
||||
Name = "Terraform DynamoDB State Lock Table"
|
||||
}
|
||||
}
|
||||
|
||||
module "dev_env" {
|
||||
source = "./deployed_env"
|
||||
|
||||
|
||||
8
operations/terraform/terraform.tf
Normal file
8
operations/terraform/terraform.tf
Normal file
@ -0,0 +1,8 @@
|
||||
terraform {
|
||||
backend "s3" {
|
||||
bucket = "pm.jdb-labs.com"
|
||||
region = "us-west-2"
|
||||
key = "terraform.tfstate"
|
||||
dynamodb_table = "terraform-state-lock.pm.jdb-labs.com"
|
||||
}
|
||||
}
|
||||
@ -1,547 +0,0 @@
|
||||
{
|
||||
"version": 4,
|
||||
"terraform_version": "0.12.9",
|
||||
"serial": 13,
|
||||
"lineage": "07ea4679-dcfc-ec03-69c0-9f3b3df53386",
|
||||
"outputs": {},
|
||||
"resources": [
|
||||
{
|
||||
"module": "module.prod_env",
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "bucket_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "4164925389",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"override_json": null,
|
||||
"policy_id": null,
|
||||
"source_json": null,
|
||||
"statement": [
|
||||
{
|
||||
"actions": [
|
||||
"s3:GetObject"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*"
|
||||
],
|
||||
"sid": ""
|
||||
},
|
||||
{
|
||||
"actions": [
|
||||
"s3:ListBucket"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com"
|
||||
],
|
||||
"sid": ""
|
||||
}
|
||||
],
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.dev_env",
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "bucket_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "672870168",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n }\n ]\n}",
|
||||
"override_json": null,
|
||||
"policy_id": null,
|
||||
"source_json": null,
|
||||
"statement": [
|
||||
{
|
||||
"actions": [
|
||||
"s3:GetObject"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*"
|
||||
],
|
||||
"sid": ""
|
||||
},
|
||||
{
|
||||
"actions": [
|
||||
"s3:ListBucket"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com"
|
||||
],
|
||||
"sid": ""
|
||||
}
|
||||
],
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "cloudfront_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "1534115699",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"override_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"policy_id": null,
|
||||
"source_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n }\n ]\n}",
|
||||
"statement": null,
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"module.dev_env",
|
||||
"module.prod_env"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.prod_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_distribution",
|
||||
"name": "s3_distribution",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 1,
|
||||
"attributes": {
|
||||
"active_trusted_signers": {
|
||||
"enabled": "false",
|
||||
"items.#": "0"
|
||||
},
|
||||
"aliases": [
|
||||
"pm.jdb-labs.com"
|
||||
],
|
||||
"arn": "arn:aws:cloudfront::063932952339:distribution/E331OLEUZMJYX2",
|
||||
"cache_behavior": [],
|
||||
"caller_reference": "terraform-20190924171430991900000002",
|
||||
"comment": "Personal Measure prod distribution.",
|
||||
"custom_error_response": [
|
||||
{
|
||||
"error_caching_min_ttl": null,
|
||||
"error_code": 404,
|
||||
"response_code": 200,
|
||||
"response_page_path": "/index.html"
|
||||
}
|
||||
],
|
||||
"default_cache_behavior": [
|
||||
{
|
||||
"allowed_methods": [
|
||||
"GET",
|
||||
"HEAD",
|
||||
"OPTIONS"
|
||||
],
|
||||
"cached_methods": [
|
||||
"GET",
|
||||
"HEAD",
|
||||
"OPTIONS"
|
||||
],
|
||||
"compress": true,
|
||||
"default_ttl": 31536000,
|
||||
"field_level_encryption_id": "",
|
||||
"forwarded_values": [
|
||||
{
|
||||
"cookies": [
|
||||
{
|
||||
"forward": "none",
|
||||
"whitelisted_names": null
|
||||
}
|
||||
],
|
||||
"headers": null,
|
||||
"query_string": false,
|
||||
"query_string_cache_keys": null
|
||||
}
|
||||
],
|
||||
"lambda_function_association": [],
|
||||
"max_ttl": 31536000,
|
||||
"min_ttl": 0,
|
||||
"smooth_streaming": false,
|
||||
"target_origin_id": "S3-PersonalMeasure-prod",
|
||||
"trusted_signers": null,
|
||||
"viewer_protocol_policy": "redirect-to-https"
|
||||
}
|
||||
],
|
||||
"default_root_object": "/index.html",
|
||||
"domain_name": "d1pydbw1mwi6dq.cloudfront.net",
|
||||
"enabled": true,
|
||||
"etag": "E39Y9O0I859AQB",
|
||||
"hosted_zone_id": "Z2FDTNDATAQYW2",
|
||||
"http_version": "http2",
|
||||
"id": "E331OLEUZMJYX2",
|
||||
"in_progress_validation_batches": 0,
|
||||
"is_ipv6_enabled": true,
|
||||
"last_modified_time": "2019-09-24 17:14:34.861 +0000 UTC",
|
||||
"logging_config": [
|
||||
{
|
||||
"bucket": "pm.jdb-labs.com.s3.amazonaws.com",
|
||||
"include_cookies": false,
|
||||
"prefix": "prod/logs/cloudfront"
|
||||
}
|
||||
],
|
||||
"ordered_cache_behavior": [],
|
||||
"origin": [
|
||||
{
|
||||
"custom_header": [],
|
||||
"custom_origin_config": [],
|
||||
"domain_name": "pm.jdb-labs.com.s3.us-west-2.amazonaws.com",
|
||||
"origin_id": "S3-PersonalMeasure-prod",
|
||||
"origin_path": "/prod/webroot",
|
||||
"s3_origin_config": [
|
||||
{
|
||||
"origin_access_identity": "origin-access-identity/cloudfront/EV7VQF8SH3HMM"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"origin_group": [],
|
||||
"price_class": "PriceClass_100",
|
||||
"restrictions": [
|
||||
{
|
||||
"geo_restriction": [
|
||||
{
|
||||
"locations": null,
|
||||
"restriction_type": "none"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"retain_on_delete": false,
|
||||
"status": "Deployed",
|
||||
"tags": {
|
||||
"Environment": "prod"
|
||||
},
|
||||
"viewer_certificate": [
|
||||
{
|
||||
"acm_certificate_arn": "arn:aws:acm:us-east-1:063932952339:certificate/48fe3ce0-4700-4eaa-b433-bb634f47934c",
|
||||
"cloudfront_default_certificate": false,
|
||||
"iam_certificate_id": "",
|
||||
"minimum_protocol_version": "TLSv1",
|
||||
"ssl_support_method": "sni-only"
|
||||
}
|
||||
],
|
||||
"wait_for_deployment": true,
|
||||
"web_acl_id": ""
|
||||
},
|
||||
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.dev_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_distribution",
|
||||
"name": "s3_distribution",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 1,
|
||||
"attributes": {
|
||||
"active_trusted_signers": {
|
||||
"enabled": "false",
|
||||
"items.#": "0"
|
||||
},
|
||||
"aliases": [
|
||||
"pm-dev.jdb-labs.com"
|
||||
],
|
||||
"arn": "arn:aws:cloudfront::063932952339:distribution/EYDKNEMGBYXK6",
|
||||
"cache_behavior": [],
|
||||
"caller_reference": "terraform-20190924171430991900000001",
|
||||
"comment": "Personal Measure dev distribution.",
|
||||
"custom_error_response": [
|
||||
{
|
||||
"error_caching_min_ttl": null,
|
||||
"error_code": 404,
|
||||
"response_code": 200,
|
||||
"response_page_path": "/index.html"
|
||||
}
|
||||
],
|
||||
"default_cache_behavior": [
|
||||
{
|
||||
"allowed_methods": [
|
||||
"GET",
|
||||
"HEAD",
|
||||
"OPTIONS"
|
||||
],
|
||||
"cached_methods": [
|
||||
"GET",
|
||||
"HEAD",
|
||||
"OPTIONS"
|
||||
],
|
||||
"compress": true,
|
||||
"default_ttl": 31536000,
|
||||
"field_level_encryption_id": "",
|
||||
"forwarded_values": [
|
||||
{
|
||||
"cookies": [
|
||||
{
|
||||
"forward": "none",
|
||||
"whitelisted_names": null
|
||||
}
|
||||
],
|
||||
"headers": null,
|
||||
"query_string": false,
|
||||
"query_string_cache_keys": null
|
||||
}
|
||||
],
|
||||
"lambda_function_association": [],
|
||||
"max_ttl": 31536000,
|
||||
"min_ttl": 0,
|
||||
"smooth_streaming": false,
|
||||
"target_origin_id": "S3-PersonalMeasure-dev",
|
||||
"trusted_signers": null,
|
||||
"viewer_protocol_policy": "redirect-to-https"
|
||||
}
|
||||
],
|
||||
"default_root_object": "/index.html",
|
||||
"domain_name": "d2gk6d79ot5fv3.cloudfront.net",
|
||||
"enabled": true,
|
||||
"etag": "E1DN3CB5IQVST8",
|
||||
"hosted_zone_id": "Z2FDTNDATAQYW2",
|
||||
"http_version": "http2",
|
||||
"id": "EYDKNEMGBYXK6",
|
||||
"in_progress_validation_batches": 0,
|
||||
"is_ipv6_enabled": true,
|
||||
"last_modified_time": "2019-09-24 17:14:32.614 +0000 UTC",
|
||||
"logging_config": [
|
||||
{
|
||||
"bucket": "pm.jdb-labs.com.s3.amazonaws.com",
|
||||
"include_cookies": false,
|
||||
"prefix": "dev/logs/cloudfront"
|
||||
}
|
||||
],
|
||||
"ordered_cache_behavior": [],
|
||||
"origin": [
|
||||
{
|
||||
"custom_header": [],
|
||||
"custom_origin_config": [],
|
||||
"domain_name": "pm.jdb-labs.com.s3.us-west-2.amazonaws.com",
|
||||
"origin_id": "S3-PersonalMeasure-dev",
|
||||
"origin_path": "/dev/webroot",
|
||||
"s3_origin_config": [
|
||||
{
|
||||
"origin_access_identity": "origin-access-identity/cloudfront/ENADNQSO0I1JY"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"origin_group": [],
|
||||
"price_class": "PriceClass_100",
|
||||
"restrictions": [
|
||||
{
|
||||
"geo_restriction": [
|
||||
{
|
||||
"locations": null,
|
||||
"restriction_type": "none"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"retain_on_delete": false,
|
||||
"status": "Deployed",
|
||||
"tags": {
|
||||
"Environment": "dev"
|
||||
},
|
||||
"viewer_certificate": [
|
||||
{
|
||||
"acm_certificate_arn": "arn:aws:acm:us-east-1:063932952339:certificate/48fe3ce0-4700-4eaa-b433-bb634f47934c",
|
||||
"cloudfront_default_certificate": false,
|
||||
"iam_certificate_id": "",
|
||||
"minimum_protocol_version": "TLSv1",
|
||||
"ssl_support_method": "sni-only"
|
||||
}
|
||||
],
|
||||
"wait_for_deployment": true,
|
||||
"web_acl_id": ""
|
||||
},
|
||||
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.prod_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_origin_access_identity",
|
||||
"name": "origin_access_identity",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"caller_reference": "terraform-20190924170615555500000002",
|
||||
"cloudfront_access_identity_path": "origin-access-identity/cloudfront/EV7VQF8SH3HMM",
|
||||
"comment": "OAI for Personal Measure {$var.environment} environment.",
|
||||
"etag": "E1XJOGSBHHRD9K",
|
||||
"iam_arn": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM",
|
||||
"id": "EV7VQF8SH3HMM",
|
||||
"s3_canonical_user_id": "3a882d18f05e2fa5a3cabc208bcb8c0e2143166b56c0b8442f5b8b405c203859a3f525afcabc2e52dd1c9799d883a166"
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.dev_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_origin_access_identity",
|
||||
"name": "origin_access_identity",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"caller_reference": "terraform-20190924170615555100000001",
|
||||
"cloudfront_access_identity_path": "origin-access-identity/cloudfront/ENADNQSO0I1JY",
|
||||
"comment": "OAI for Personal Measure {$var.environment} environment.",
|
||||
"etag": "E1K0T63S2F5CYR",
|
||||
"iam_arn": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY",
|
||||
"id": "ENADNQSO0I1JY",
|
||||
"s3_canonical_user_id": "6e965a9a0e9034badac65e1ac223e048b6d1b934d146abd32c49634489959a5ee1252e34fb643cd222dde425f2abfcd4"
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "managed",
|
||||
"type": "aws_s3_bucket",
|
||||
"name": "personal_measure",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"acceleration_status": "",
|
||||
"acl": "log-delivery-write",
|
||||
"arn": "arn:aws:s3:::pm.jdb-labs.com",
|
||||
"bucket": "pm.jdb-labs.com",
|
||||
"bucket_domain_name": "pm.jdb-labs.com.s3.amazonaws.com",
|
||||
"bucket_prefix": null,
|
||||
"bucket_regional_domain_name": "pm.jdb-labs.com.s3.us-west-2.amazonaws.com",
|
||||
"cors_rule": [],
|
||||
"force_destroy": false,
|
||||
"hosted_zone_id": "Z3BJ6K6RIION7M",
|
||||
"id": "pm.jdb-labs.com",
|
||||
"lifecycle_rule": [],
|
||||
"logging": [],
|
||||
"object_lock_configuration": [],
|
||||
"policy": null,
|
||||
"region": "us-west-2",
|
||||
"replication_configuration": [],
|
||||
"request_payer": "BucketOwner",
|
||||
"server_side_encryption_configuration": [],
|
||||
"tags": {},
|
||||
"versioning": [
|
||||
{
|
||||
"enabled": false,
|
||||
"mfa_delete": false
|
||||
}
|
||||
],
|
||||
"website": [],
|
||||
"website_domain": null,
|
||||
"website_endpoint": null
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "managed",
|
||||
"type": "aws_s3_bucket_policy",
|
||||
"name": "personal_measure",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"bucket": "pm.jdb-labs.com",
|
||||
"id": "pm.jdb-labs.com",
|
||||
"policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM\"\n }\n }\n ]\n}"
|
||||
},
|
||||
"private": "bnVsbA==",
|
||||
"depends_on": [
|
||||
"aws_s3_bucket.personal_measure",
|
||||
"data.aws_iam_policy_document.cloudfront_access_policy"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,279 +0,0 @@
|
||||
{
|
||||
"version": 4,
|
||||
"terraform_version": "0.12.9",
|
||||
"serial": 9,
|
||||
"lineage": "07ea4679-dcfc-ec03-69c0-9f3b3df53386",
|
||||
"outputs": {},
|
||||
"resources": [
|
||||
{
|
||||
"module": "module.prod_env",
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "bucket_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "1727217411",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"override_json": null,
|
||||
"policy_id": null,
|
||||
"source_json": null,
|
||||
"statement": [
|
||||
{
|
||||
"actions": [
|
||||
"s3:GetObject"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*"
|
||||
],
|
||||
"sid": ""
|
||||
},
|
||||
{
|
||||
"actions": [
|
||||
"s3:ListBucket"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com"
|
||||
],
|
||||
"sid": ""
|
||||
}
|
||||
],
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.dev_env",
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "bucket_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "3067586518",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n }\n ]\n}",
|
||||
"override_json": null,
|
||||
"policy_id": null,
|
||||
"source_json": null,
|
||||
"statement": [
|
||||
{
|
||||
"actions": [
|
||||
"s3:GetObject"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*"
|
||||
],
|
||||
"sid": ""
|
||||
},
|
||||
{
|
||||
"actions": [
|
||||
"s3:ListBucket"
|
||||
],
|
||||
"condition": [],
|
||||
"effect": "Allow",
|
||||
"not_actions": [],
|
||||
"not_principals": [],
|
||||
"not_resources": [],
|
||||
"principals": [
|
||||
{
|
||||
"identifiers": [
|
||||
"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY"
|
||||
],
|
||||
"type": "AWS"
|
||||
}
|
||||
],
|
||||
"resources": [
|
||||
"arn:aws:s3:::pm.jdb-labs.com"
|
||||
],
|
||||
"sid": ""
|
||||
}
|
||||
],
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"aws_cloudfront_origin_access_identity.origin_access_identity"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "data",
|
||||
"type": "aws_iam_policy_document",
|
||||
"name": "cloudfront_access_policy",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"id": "754132408",
|
||||
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"override_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n }\n ]\n}",
|
||||
"policy_id": null,
|
||||
"source_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n }\n ]\n}",
|
||||
"statement": null,
|
||||
"version": "2012-10-17"
|
||||
},
|
||||
"depends_on": [
|
||||
"module.dev_env",
|
||||
"module.prod_env"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.prod_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_origin_access_identity",
|
||||
"name": "origin_access_identity",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"caller_reference": "terraform-20190924170615555500000002",
|
||||
"cloudfront_access_identity_path": "origin-access-identity/cloudfront/EV7VQF8SH3HMM",
|
||||
"comment": "OAI for Personal Measure {$var.environment} environment.",
|
||||
"etag": "E1XJOGSBHHRD9K",
|
||||
"iam_arn": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EV7VQF8SH3HMM",
|
||||
"id": "EV7VQF8SH3HMM",
|
||||
"s3_canonical_user_id": "3a882d18f05e2fa5a3cabc208bcb8c0e2143166b56c0b8442f5b8b405c203859a3f525afcabc2e52dd1c9799d883a166"
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"module": "module.dev_env",
|
||||
"mode": "managed",
|
||||
"type": "aws_cloudfront_origin_access_identity",
|
||||
"name": "origin_access_identity",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"caller_reference": "terraform-20190924170615555100000001",
|
||||
"cloudfront_access_identity_path": "origin-access-identity/cloudfront/ENADNQSO0I1JY",
|
||||
"comment": "OAI for Personal Measure {$var.environment} environment.",
|
||||
"etag": "E1K0T63S2F5CYR",
|
||||
"iam_arn": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ENADNQSO0I1JY",
|
||||
"id": "ENADNQSO0I1JY",
|
||||
"s3_canonical_user_id": "6e965a9a0e9034badac65e1ac223e048b6d1b934d146abd32c49634489959a5ee1252e34fb643cd222dde425f2abfcd4"
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "managed",
|
||||
"type": "aws_s3_bucket",
|
||||
"name": "personal_measure",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"acceleration_status": "",
|
||||
"acl": "log-delivery-write",
|
||||
"arn": "arn:aws:s3:::pm.jdb-labs.com",
|
||||
"bucket": "pm.jdb-labs.com",
|
||||
"bucket_domain_name": "pm.jdb-labs.com.s3.amazonaws.com",
|
||||
"bucket_prefix": null,
|
||||
"bucket_regional_domain_name": "pm.jdb-labs.com.s3.us-west-2.amazonaws.com",
|
||||
"cors_rule": [],
|
||||
"force_destroy": false,
|
||||
"hosted_zone_id": "Z3BJ6K6RIION7M",
|
||||
"id": "pm.jdb-labs.com",
|
||||
"lifecycle_rule": [],
|
||||
"logging": [],
|
||||
"object_lock_configuration": [],
|
||||
"policy": null,
|
||||
"region": "us-west-2",
|
||||
"replication_configuration": [],
|
||||
"request_payer": "BucketOwner",
|
||||
"server_side_encryption_configuration": [],
|
||||
"tags": {},
|
||||
"versioning": [
|
||||
{
|
||||
"enabled": false,
|
||||
"mfa_delete": false
|
||||
}
|
||||
],
|
||||
"website": [],
|
||||
"website_domain": null,
|
||||
"website_endpoint": null
|
||||
},
|
||||
"private": "bnVsbA=="
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"mode": "managed",
|
||||
"type": "aws_s3_bucket_policy",
|
||||
"name": "personal_measure",
|
||||
"provider": "provider.aws",
|
||||
"instances": [
|
||||
{
|
||||
"schema_version": 0,
|
||||
"attributes": {
|
||||
"bucket": "pm.jdb-labs.com",
|
||||
"id": "pm.jdb-labs.com",
|
||||
"policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/dev/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_ENADNQSO0I1JY\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com/prod/webroot/*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n },\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:ListBucket\",\n \"Resource\": \"arn:aws:s3:::pm.jdb-labs.com\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EV7VQF8SH3HMM\"\n }\n }\n ]\n}"
|
||||
},
|
||||
"private": "bnVsbA==",
|
||||
"depends_on": [
|
||||
"aws_s3_bucket.personal_measure",
|
||||
"data.aws_iam_policy_document.cloudfront_access_policy"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user