Cleaning up infra to move to project-athens management repo
This commit is contained in:
parent
5c025dad33
commit
21f7b09b28
29
infra/acm.tf
29
infra/acm.tf
@ -1,29 +0,0 @@
|
|||||||
# Here we are creating the cert that alpha LB will use
|
|
||||||
# Keeping the resource in this project repo because
|
|
||||||
# alpha does not depend on this resource and thus is our problem
|
|
||||||
|
|
||||||
resource "aws_acm_certificate" "website" {
|
|
||||||
domain_name = "*.temper.tv"
|
|
||||||
subject_alternative_names = [ "temper.tv" ]
|
|
||||||
validation_method = "DNS"
|
|
||||||
|
|
||||||
lifecycle {
|
|
||||||
create_before_destroy = true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "website_cert_record" {
|
|
||||||
for_each = {
|
|
||||||
for dvo in aws_acm_certificate.website.domain_validation_options : dvo.domain_name => {
|
|
||||||
name = dvo.resource_record_name
|
|
||||||
record = dvo.resource_record_value
|
|
||||||
type = dvo.resource_record_type
|
|
||||||
}
|
|
||||||
}
|
|
||||||
name = each.value.name
|
|
||||||
type = each.value.type
|
|
||||||
records = [ each.value.record ]
|
|
||||||
zone_id = aws_route53_zone.main.id
|
|
||||||
ttl = 60
|
|
||||||
}
|
|
||||||
|
|
||||||
4
infra/data.tf
Normal file
4
infra/data.tf
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
data "aws_lb" "alpha" {
|
||||||
|
arn = "arn:aws:elasticloadbalancing:us-west-1:805875567437:loadbalancer/app/alpha-lb/33dad7632a052b70"
|
||||||
|
name = "alpha-lb"
|
||||||
|
}
|
||||||
@ -1,6 +0,0 @@
|
|||||||
# Fetch the Alpha LB from Project Athens
|
|
||||||
|
|
||||||
data "aws_lb" "alpha" {
|
|
||||||
arn = var.alpha.arn
|
|
||||||
name = var.alpha.name
|
|
||||||
}
|
|
||||||
56
infra/s3.tf
56
infra/s3.tf
@ -1,56 +0,0 @@
|
|||||||
resource "aws_s3_bucket" "website" {
|
|
||||||
bucket = "temper.tv"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
Name = "temper.tv"
|
|
||||||
Description = "Static content for temper.tv"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
###############################################################
|
|
||||||
# Below are the acl components for the bucket to make it public
|
|
||||||
###############################################################
|
|
||||||
|
|
||||||
# Enables website configuration
|
|
||||||
resource "aws_s3_bucket_website_configuration" "site" {
|
|
||||||
bucket = aws_s3_bucket.website.bucket
|
|
||||||
index_document {
|
|
||||||
suffix = "index.html"
|
|
||||||
}
|
|
||||||
|
|
||||||
error_document {
|
|
||||||
key = "404.html"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Set block public access to false
|
|
||||||
resource "aws_s3_bucket_public_access_block" "site" {
|
|
||||||
bucket = aws_s3_bucket.website.bucket
|
|
||||||
|
|
||||||
block_public_acls = false
|
|
||||||
block_public_policy = false
|
|
||||||
ignore_public_acls = false
|
|
||||||
restrict_public_buckets = false
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Set a policy on the bucket to allow reads from anywhere
|
|
||||||
resource "aws_s3_bucket_policy" "site" {
|
|
||||||
bucket = aws_s3_bucket.website.bucket
|
|
||||||
policy = jsonencode({
|
|
||||||
Version = "2012-10-17"
|
|
||||||
Statement = [
|
|
||||||
{
|
|
||||||
Sid = "PublicReadGetObject"
|
|
||||||
Effect = "Allow"
|
|
||||||
Principal = "*"
|
|
||||||
Action = "s3:GetObject"
|
|
||||||
Resource = [
|
|
||||||
"arn:aws:s3:::${aws_s3_bucket.website.bucket}",
|
|
||||||
"arn:aws:s3:::${aws_s3_bucket.website.bucket}/*",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
@ -1,7 +1 @@
|
|||||||
variable "alpha" {
|
|
||||||
description = "Project Athens Alpha LB"
|
|
||||||
type = object({
|
|
||||||
name = string
|
|
||||||
arn = string
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user