From 311edf93ef37487dcbf65e684ee20615aa5ffd25 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Tue, 22 Mar 2022 12:58:52 -0400 Subject: [PATCH 01/12] rewrite --- .gitignore | 10 +- .header.md | 69 ++ .pre-commit-config.yaml | 10 + .regula-waivers.rego | 8 - .regula.yaml | 4 - .terraform-docs.yaml | 20 + .tflint.hcl | 52 +- CODEOWNERS | 2 +- Makefile | 108 --- NOTICE.txt | 2 +- README.md | 194 +++-- data.tf | 60 ++ defaults.tf | 23 + deploy/main.tf | 50 -- deploy/variables.tf | 86 --- examples/fully_private/main.tf | 73 -- examples/ipam/main.tf | 28 + examples/ipam/outputs.tf | 4 + examples/ipam/variables.tf | 4 + examples/minimal/main.tf | 28 - examples/no_create/main.tf | 17 - examples/private_only/main.tf | 11 + examples/private_only/outputs.tf | 4 + examples/private_only/variables.tf | 0 examples/public_only/main.tf | 17 + examples/public_only/outputs.tf | 4 + examples/public_only/variables.tf | 0 examples/public_private_flow_logs/main.tf | 28 + examples/public_private_flow_logs/outputs.tf | 4 + .../public_private_flow_logs/variables.tf | 0 main.tf | 405 +++------- modules/calculate_subnets/main.tf | 29 + modules/calculate_subnets/outputs.tf | 4 + modules/calculate_subnets/provider.tf | 13 + modules/calculate_subnets/variables.tf | 14 + modules/flow_logs/main.tf | 51 ++ modules/flow_logs/outputs.tf | 4 + modules/flow_logs/provider.tf | 13 + modules/flow_logs/variables.tf | 20 + outputs.tf | 245 +----- provider.tf | 22 + setup_workspace/variables.tf | 30 - setup_workspace/workspace.tf | 62 -- test/fully_private_test.go | 107 --- test/go.mod | 11 - test/go.sum | 702 ------------------ test/minimal_test.go | 110 --- test/no_create_test.go | 49 -- test/test_framework.go | 62 -- variables.tf | 301 ++++---- 50 files changed, 839 insertions(+), 2335 deletions(-) create mode 100644 .header.md create mode 100644 .pre-commit-config.yaml delete mode 100644 .regula-waivers.rego delete mode 100644 .regula.yaml create mode 100644 .terraform-docs.yaml delete mode 100644 Makefile create mode 100644 data.tf create mode 100644 defaults.tf delete mode 100644 deploy/main.tf delete mode 100644 deploy/variables.tf delete mode 100644 examples/fully_private/main.tf create mode 100644 examples/ipam/main.tf create mode 100644 examples/ipam/outputs.tf create mode 100644 examples/ipam/variables.tf delete mode 100644 examples/minimal/main.tf delete mode 100644 examples/no_create/main.tf create mode 100644 examples/private_only/main.tf create mode 100644 examples/private_only/outputs.tf create mode 100644 examples/private_only/variables.tf create mode 100644 examples/public_only/main.tf create mode 100644 examples/public_only/outputs.tf create mode 100644 examples/public_only/variables.tf create mode 100644 examples/public_private_flow_logs/main.tf create mode 100644 examples/public_private_flow_logs/outputs.tf create mode 100644 examples/public_private_flow_logs/variables.tf create mode 100644 modules/calculate_subnets/main.tf create mode 100644 modules/calculate_subnets/outputs.tf create mode 100644 modules/calculate_subnets/provider.tf create mode 100644 modules/calculate_subnets/variables.tf create mode 100644 modules/flow_logs/main.tf create mode 100644 modules/flow_logs/outputs.tf create mode 100644 modules/flow_logs/provider.tf create mode 100644 modules/flow_logs/variables.tf create mode 100644 provider.tf delete mode 100644 setup_workspace/variables.tf delete mode 100644 setup_workspace/workspace.tf delete mode 100644 test/fully_private_test.go delete mode 100644 test/go.mod delete mode 100644 test/go.sum delete mode 100644 test/minimal_test.go delete mode 100644 test/no_create_test.go delete mode 100644 test/test_framework.go diff --git a/.gitignore b/.gitignore index d646361..eb263d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,9 @@ build/ plan.out plan.out.json -test/test_report.html + # Local .terraform directories -**/.terraform/* +.terraform/ # .tfstate files *.tfstate @@ -13,8 +13,8 @@ test/test_report.html crash.log # Exclude all .tfvars files, which are likely to contain sentitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject # to change depending on the environment. # *.tfvars @@ -38,5 +38,3 @@ override.tf.json terraform.rc .terraform.lock.hcl -# lsp logs -lsp/ diff --git a/.header.md b/.header.md new file mode 100644 index 0000000..6799e3b --- /dev/null +++ b/.header.md @@ -0,0 +1,69 @@ +# VPC Module Pre-release docs + +This set of documentation is for evaluation purposes only. Docs will be fully rewritten before GA + +## Usage + +```hcl +module "vpc" { + source = "git@github.com:aws-ia/terraform-awscc-vpc" + + name = "multi-az-vpc" + vpc_cidr_block = "10.0.0.0/20" + az_count = 3 + + subnets = { + public = { + name_prefix = "my-public" # omit to prefix with "public" + netmask = 24 + nat_gateway_configuration = "all_azs" # options: "single_az", "none" + } + + private = { + # omitting name_prefix defaults value to "private" + # name_prefix = "private" + netmask = 24 + route_to_nat = true + } + } + + vpc_flow_logs = { + log_destination_type = "cloud-watch-logs" + retention_in_days = 180 + } +} +``` + +## Updating a VPC with new or removed subnets + +If using `netmask` to calculate subnets and you wish to either add or remove subnets (ex: adding / removing an AZ), you may have to change from using `netmask` for some subnets and set to explicit instead. Private subnets are always calculated before public. + +When changing to explicit cidrs, subnets are always ordered by AZ. `0` -> a, `1` -> b, etc. + +Example: Changing from 2 azs to 3 + +Before: +```hcl +vpc_cidr_block = "10.0.0.0/16" +az_count = 2 +private = { + netmask = 24 +} +public = { + netmask = 24 +} +``` + +After: +```hcl +vpc_cidr_block = "10.0.0.0/16" +az_count = 3 +private = { + cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] +} +public = { + cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] +} +``` + +The above example will cause only creating 2 new subnets in az `c` of the region being used. diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..83b8bcc --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,10 @@ +--- + +fail_fast: false +minimum_pre_commit_version: "2.6.0" + +repos: + - repo: https://github.com/aws-ia/pre-commit-configs + rev: ce5b80d2643c3510bd17bb309cb767b6b21dc5ea # frozen: 1.4 + hooks: + - id: aws-ia-meta-hook diff --git a/.regula-waivers.rego b/.regula-waivers.rego deleted file mode 100644 index 38430cc..0000000 --- a/.regula-waivers.rego +++ /dev/null @@ -1,8 +0,0 @@ -package fugue.regula.config - -waivers[waiver] { - waiver := { - "rule_id": "FG_R00089", - "resource_id": "example_resource_id" - } -} diff --git a/.regula.yaml b/.regula.yaml deleted file mode 100644 index 2397076..0000000 --- a/.regula.yaml +++ /dev/null @@ -1,4 +0,0 @@ -include: -- ./.regula-waivers.rego -# comment out below when activating regula -severity: critical diff --git a/.terraform-docs.yaml b/.terraform-docs.yaml new file mode 100644 index 0000000..1e310cc --- /dev/null +++ b/.terraform-docs.yaml @@ -0,0 +1,20 @@ +formatter: markdown +header-from: .header.md +settings: + anchor: true + color: true + default: true + escape: true + html: true + indent: 2 + required: true + sensitive: true + type: true + +sort: + enabled: true + by: required + +output: + file: README.md + mode: replace diff --git a/.tflint.hcl b/.tflint.hcl index aba27df..8592008 100644 --- a/.tflint.hcl +++ b/.tflint.hcl @@ -1,76 +1,66 @@ -config { - module = true - force = false - disabled_by_default = false - variables = ["region=us-east-1", "profile=default"] -} +# https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/module-inspection.md +# borrowed & modified indefinitely from https://github.com/ksatirli/building-infrastructure-you-can-mostly-trust/blob/main/.tflint.hcl plugin "aws" { - enabled = true - version = "0.7.1" - source = "github.com/terraform-linters/tflint-ruleset-aws" + enabled = true + version = "0.12.0" + source = "github.com/terraform-linters/tflint-ruleset-aws" } -rule "terraform_deprecated_interpolation" { - enabled = true -} - -rule "terraform_deprecated_index" { - enabled = true -} - -rule "terraform_unused_declarations" { - enabled = true +config { + module = false + force = false } -rule "terraform_comment_syntax" { +rule "terraform_required_providers" { enabled = true } -rule "terraform_documented_outputs" { +rule "terraform_required_version" { enabled = true } -rule "terraform_documented_variables" { +rule "terraform_naming_convention" { enabled = true + format = "snake_case" } rule "terraform_typed_variables" { enabled = true } -rule "terraform_module_pinned_source" { +rule "terraform_unused_declarations" { enabled = true } -rule "terraform_naming_convention" { +rule "terraform_comment_syntax" { enabled = true } -rule "terraform_required_version" { +rule "terraform_deprecated_index" { enabled = true } -rule "terraform_unused_required_providers" { +rule "terraform_deprecated_interpolation" { enabled = true } -rule "terraform_standard_module_structure" { +rule "terraform_documented_outputs" { enabled = true } -rule "terraform_workspace_remote" { +rule "terraform_documented_variables" { enabled = true } -rule "aws_iam_policy_document_gov_friendly_arns" { +rule "terraform_module_pinned_source" { enabled = true } -rule "aws_iam_policy_gov_friendly_arns" { +rule "terraform_standard_module_structure" { enabled = true } -rule "aws_iam_role_policy_gov_friendly_arns" { +rule "terraform_workspace_remote" { enabled = true } diff --git a/CODEOWNERS b/CODEOWNERS index 6620114..f51c211 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1 @@ -* @tonynv @andrew-glenn @tbulding @aws-ia/aws-ia +* @tonynv @andrew-glenn @drewmullen @aws-ia/aws-ia-terraform-core diff --git a/Makefile b/Makefile deleted file mode 100644 index dd8abc3..0000000 --- a/Makefile +++ /dev/null @@ -1,108 +0,0 @@ -.PHONY: static-tests unit-tests integration-tests e2e-tests init - -# OS can be "Linux" or "macOS" -OS ?= Linux -# ARCH can be "x86_64" or "arm64" -ARCH ?= x86_64 - -TERRAFORM_VERSION := 1.0.6 -REGULA_VERSION := 1.3.0 -TFLINT_VERSION := 0.31.0 -CONFTEST_VERSION := 0.27.0 -TF_COMPLIANCE_VERSION := 1.3.26 -GO_TEST_REPORT_VERSION := 0.9.3 -TFSEC_VERSION := 0.58.9 -TERRASCAN_VERSION := 1.10.0 - -SHELL := /usr/bin/env bash - -static-tests: setup-env - rm .terraform.lock.hcl plan.out plan.out.json 2> /dev/null || true - # should not require any aws credentials to test against, should be safe to run as github checks on pull requests - terraform init || ( echo 'FAILED: terraform init failed'; exit 1 ) - terraform validate || ( echo 'FAILED: terraform validate failed'; exit 1 ) - terraform fmt -check -recursive ./ || ( echo 'FAILED: all tf files should be formatted using "terraform fmt -recursive ./"'; exit 1 ) - tflint --init && tflint --var='region=us-west-1' --var='profile=default' ./ || ( echo 'FAILED: tflint found issues'; exit 1 ) - regula run || ( echo 'FAILED: regula found issues'; exit 1 ) - tfsec || ( echo 'FAILED: tfsec found issues'; exit 1 ) - terrascan init # need to work out how to lock to a version of the terrascan policies - terrascan scan || ( echo 'FAILED: terrascan found issues'; exit 1 ) - # terraform-compliance and conftest need a plan file to work off - terraform plan -out=plan.out -var region=us-east-1 -var profile=default || ( echo 'FAILED: terraform plan failed'; exit 1 ) - # conftest ## custom rules must be written https://github.com/open-policy-agent/conftest/tree/master/examples/hcl2 - # TODO: looks like we need to provide custom features(read tests) to make terraform-compliance useful - terraform-compliance -S -f git:https://github.com/terraform-compliance/user-friendly-features.git -p plan.out || ( echo 'FAILED: terraform-compliance found issues'; exit 1 ) - -unit-tests: setup-env - # Should test code paths in an individual module. terratest, or `terraform test`, this is where you want to test different regions, use retries to smooth transient errors - # Should not run automatically on PR's from un-trusted contributors - export PATH=$(shell pwd)/build/bin:$${PATH} &&\ - cd test && \ - go test -timeout 30m -json | tee >(go-test-report) | jq -jr .Output 2> /dev/null | sed 's/null//g';\ - retval_bash="$${PIPESTATUS[0]}" retval_zsh="$${pipestatus[1]}" ;\ - exit $$retval_bash $$retval_zsh - -integration-tests: - # Should test code paths in a module of modules and run when on eof the sub-modules is updated. terratest, or `terraform test` use retries to smooth transient errors - # Should not run automatically on PR's from un-trusted contributors, and should only be run on modules where one sub-module is changed - echo "todo" - exit 1 - -e2e-tests: - # Should test code paths in `deploy/` module. Unsure whether it should use tf cloud. terratest, or `terraform test`. - # For deploys that take long you could skip destroy between runs, so e2e is just updating what changed from last iteration, use retries to smooth transient errors. - # Should not run automatically on PR's from any contributors. Update(no destroy) tests run on `/do-e2e-tests` PR comment from maintainers. Full e2e run on release. - echo "todo" - exit 1 - -setup-env: - # using a bin path specific to this project so that different projects can use different versions of the tooling - mkdir -p build/bin/ &&\ - export PATH=$(shell pwd)/build/bin:$${PATH} &&\ - export TF_ARCH=$(shell echo $(ARCH) | sed 's/x86_64/amd64/') &&\ - export TF_OS=$(shell echo $(OS) | tr '[:upper:]' '[:lower:]' | sed 's/macos/darwin/') &&\ - export CT_OS=$(shell echo $(OS) | sed 's/macOS/Darwin/') &&\ - if [ "$$(terraform -v | head -n 1 | sed 's/Terraform v//')" != "$(TERRAFORM_VERSION)" ]; then \ - wget -O tf.zip https://releases.hashicorp.com/terraform/$(TERRAFORM_VERSION)/terraform_$(TERRAFORM_VERSION)_$${TF_OS}_$${TF_ARCH}.zip &&\ - unzip -o tf.zip terraform &&\ - rm tf.zip &&\ - mv -fv terraform build/bin/ ;\ - fi ;\ - if [ "$$(tflint --version | head -n 1 | sed 's/TFLint version //')" != "$(TFLINT_VERSION)" ]; then \ - wget -O tflint.zip https://github.com/terraform-linters/tflint/releases/download/v$(TFLINT_VERSION)/tflint_$${TF_OS}_$${TF_ARCH}.zip &&\ - unzip -o tflint.zip tflint &&\ - rm tflint.zip &&\ - mv -fv tflint build/bin/ ;\ - fi &&\ - if [ "$$(regula version | awk -F',' '{print $$1}' | sed 's/v//')" != "$(REGULA_VERSION)" ]; then \ - wget -O regula.tgz https://github.com/fugue/regula/releases/download/v$(REGULA_VERSION)/regula_$(REGULA_VERSION)_$(OS)_$(ARCH).tar.gz &&\ - tar -xvf regula.tgz regula &&\ - rm regula.tgz &&\ - mv -fv regula build/bin/ ;\ - fi &&\ - if [ "$$(conftest --version | sed 's/Version: //')" != "$(CONFTEST_VERSION)" ]; then \ - wget -O conftest.tgz https://github.com/open-policy-agent/conftest/releases/download/v$(CONFTEST_VERSION)/conftest_$(CONFTEST_VERSION)_$${CT_OS}_$(ARCH).tar.gz &&\ - tar -xvf conftest.tgz conftest &&\ - rm conftest.tgz &&\ - mv -fv conftest build/bin/ ;\ - fi &&\ - if [ "$$(go-test-report version | awk -Fv '{print $$2}')" != "$(GO_TEST_REPORT_VERSION)" ]; then \ - wget -O go-test-report.tgz https://github.com/vakenbolt/go-test-report/releases/download/v$(GO_TEST_REPORT_VERSION)/go-test-report-$${TF_OS}-v$(GO_TEST_REPORT_VERSION).tgz &&\ - tar -xvf go-test-report.tgz go-test-report &&\ - rm go-test-report.tgz &&\ - mv -fv go-test-report build/bin/ ;\ - fi &&\ - if [ "$$(tfsec -version)" != "$(TFSEC_VERSION)" ]; then \ - wget -O tfsec https://github.com/aquasecurity/tfsec/releases/download/v$(TFSEC_VERSION)/tfsec-$${TF_OS}-$${TF_ARCH} &&\ - chmod +x tfsec &&\ - mv -fv tfsec build/bin/ ;\ - fi &&\ - if [ "$$(terrascan version | awk -Fv '{print $$3}')" != "$(TERRASCAN_VERSION)" ]; then \ - wget -O terrascan.tgz https://github.com/accurics/terrascan/releases/download/v$(TERRASCAN_VERSION)/terrascan_$(TERRASCAN_VERSION)_$${CT_OS}_$(ARCH).tar.gz &&\ - tar -xvf terrascan.tgz terrascan &&\ - rm terrascan.tgz &&\ - mv -fv terrascan build/bin/ ;\ - fi &&\ - if [ "$$(terraform-compliance -v | tail -n 1)" != "$(TF_COMPLIANCE_VERSION)" ]; then \ - pip install --upgrade "terraform-compliance==$(TF_COMPLIANCE_VERSION)" ;\ - fi diff --git a/NOTICE.txt b/NOTICE.txt index 5c440d1..919c27c 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -1,4 +1,4 @@ -Copyright 2016-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. +Copyright 2016-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at diff --git a/README.md b/README.md index ff9075b..9f1208c 100644 --- a/README.md +++ b/README.md @@ -1,72 +1,138 @@ -> Note: This module is in alpha state and is likely to contain bugs and updates may introduce breaking changes. It is not recommended for production use at this time. - -# Terraform AWS VPC -This module is designed to deploy into Terraform Cloud -Authors: David Wright (dwright@hashicorp.com) and Tony Vattahil (tonynv@amazon.com) - - -# Install Terraform -To deploy this module, do the following: -Install Terraform. (See [Install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli) for a tutorial.) - -# Sign up for Terraform Cloud -Sign up and log into [Terraform Cloud](https://app.terraform.io/signup/account). (There is a free tier available.) - -## Configure Terraform Cloud API Access - -Generate terraform cloud token - -`terraform login` - -Export the TERRAFORM_CONFIG variable - -`export TERRAFORM_CONFIG="$HOME/.terraform.d/credentials.tfrc.json"` - -# Configure your tfvars file - -_Example filepath_ = `$HOME/.aws/terraform.tfvars` - -_Example tfvars file contents_ - -``` -AWS_SECRET_ACCESS_KEY = "*****************" -AWS_ACCESS_KEY_ID = "*****************" -AWS_SESSION_TOKEN = "*****************" + +# VPC Module Pre-release docs + +This set of documentation is for evaluation purposes only. Docs will be fully rewritten before GA + +## Usage + +```hcl +module "vpc" { + source = "git@github.com:aws-ia/terraform-awscc-vpc" + + name = "multi-az-vpc" + vpc_cidr_block = "10.0.0.0/20" + az_count = 3 + + subnets = { + public = { + name_prefix = "my-public" # omit to prefix with "public" + netmask = 24 + nat_gateway_configuration = "all_azs" # options: "single_az", "none" + } + + private = { + # omitting name_prefix defaults value to "private" + # name_prefix = "private" + netmask = 24 + route_to_nat = true + } + } + + vpc_flow_logs = { + log_destination_type = "cloud-watch-logs" + retention_in_days = 180 + } +} ``` -> (replace *** with AKEY and SKEY) - -Note: STS-based credentials _are optional_ but *highly recommended*. -> !!!!CAUTION!!!!: Make sure your credential are secured ourside version control (and follow secrets mangement bestpractices) +## Updating a VPC with new or removed subnets -# Deploy this module (instruction for linux or mac) +If using `netmask` to calculate subnets and you wish to either add or remove subnets (ex: adding / removing an AZ), you may have to change from using `netmask` for some subnets and set to explicit instead. Private subnets are always calculated before public. -Clone the aws-ia/terraform-aws-vpc repository. +When changing to explicit cidrs, subnets are always ordered by AZ. `0` -> a, `1` -> b, etc. -`git clone https://github.com/aws-ia/terraform-aws-vpc` - -Change directory to the root directory. - -cd terraform-aws-vpc/ - -Change to deploy directory - -`cd setup_workspace`. - - -Run to following commands in order: - -`terraform init` - -`terraform apply` or `terraform apply -var-file="$HOME/.aws/terraform.tfvars"`. - -Change directory to deploy dir (previous command auto generates backend.hcl) - -`cd ../deploy` - -`terraform apply` or `terraform apply -var-file="$HOME/.aws/terraform.tfvars"`. - -Terraform apply is run remotely in Terraform Cloud +Example: Changing from 2 azs to 3 +Before: +```hcl +vpc_cidr_block = "10.0.0.0/16" +az_count = 2 +private = { + netmask = 24 +} +public = { + netmask = 24 +} +``` +After: +```hcl +vpc_cidr_block = "10.0.0.0/16" +az_count = 3 +private = { + cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] +} +public = { + cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] +} +``` +The above example will cause only creating 2 new subnets in az `c` of the region being used. + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 0.15.0 | +| [aws](#requirement\_aws) | >= 3.72.0 | +| [awscc](#requirement\_awscc) | >= 0.13.0 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | 4.6.0 | +| [awscc](#provider\_awscc) | 0.15.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [calculate\_subnets](#module\_calculate\_subnets) | ./modules/calculate_subnets | n/a | +| [flow\_logs](#module\_flow\_logs) | ./modules/flow_logs | n/a | +| [tags](#module\_tags) | aws-ia/label/aws | 0.0.4 | + +## Resources + +| Name | Type | +|------|------| +| [aws_eip.nat](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource | +| [aws_internet_gateway.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource | +| [aws_nat_gateway.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/nat_gateway) | resource | +| [aws_route.private_to_nat](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource | +| [aws_route.public_to_igw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource | +| [aws_subnet.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource | +| [aws_subnet.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource | +| [aws_vpc.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc) | resource | +| [awscc_ec2_route_table.private](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/ec2_route_table) | resource | +| [awscc_ec2_route_table.public](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/ec2_route_table) | resource | +| [awscc_ec2_subnet_route_table_association.private](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/ec2_subnet_route_table_association) | resource | +| [awscc_ec2_subnet_route_table_association.public](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/ec2_subnet_route_table_association) | resource | +| [aws_availability_zones.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | +| [aws_vpc_ipam_preview_next_cidr.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc_ipam_preview_next_cidr) | data source | +| [awscc_ec2_vpc.main](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/data-sources/ec2_vpc) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [az\_count](#input\_az\_count) | Searches region for # of AZs to use and takes a slice based on count. Assume slice is sorted a-z. | `number` | n/a | yes | +| [name](#input\_name) | Name to give VPC. Note: does not effect subnet names, which get assigned name based on name\_prefix. | `string` | n/a | yes | +| [subnets](#input\_subnets) | Configuration of subnets to build in VPC. Valid key restriction information found in variables.tf. | `any` | n/a | yes | +| [tags](#input\_tags) | Tags to apply to all resources. | `map(string)` | `{}` | no | +| [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | CIDR range to assign to VPC if creating VPC. Overridden by var.vpc\_id output from data.aws\_vpc. | `string` | `null` | no | +| [vpc\_enable\_dns\_hostnames](#input\_vpc\_enable\_dns\_hostnames) | Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. | `bool` | `true` | no | +| [vpc\_enable\_dns\_support](#input\_vpc\_enable\_dns\_support) | Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. | `bool` | `true` | no | +| [vpc\_flow\_logs](#input\_vpc\_flow\_logs) | Whether or not to create VPC flow logs and which type. Options: "cloudwatch", "s3", "none". By default creates flow logs to `cloudwatch`. Variable overrides null value types for some keys, defined in defaults.tf. | 
object({
    log_destination = optional(string)
    iam_role_arn    = optional(string)
    kms_key_id      = optional(string)

    log_destination_type = string
    retention_in_days    = optional(number)
    tags                 = optional(map(string))
    traffic_type         = optional(string)
    destination_options = optional(object({
      file_format                = optional(string)
      hive_compatible_partitions = optional(bool)
      per_hour_partition         = optional(bool)
    }))
  })
| 
{
  "log_destination_type": "none"
}
| no | +| [vpc\_id](#input\_vpc\_id) | VPC ID to use if not creating VPC. | `string` | `null` | no | +| [vpc\_instance\_tenancy](#input\_vpc\_instance\_tenancy) | The allowed tenancy of instances launched into the VPC. | `string` | `"default"` | no | +| [vpc\_ipv4\_ipam\_pool\_id](#input\_vpc\_ipv4\_ipam\_pool\_id) | Set to use IPAM to get CIDR block. | `string` | `null` | no | +| [vpc\_ipv4\_netmask\_length](#input\_vpc\_ipv4\_netmask\_length) | Set to use IPAM to get CIDR block using a specified netmask. Must be set with var.vpc\_ipv4\_ipam\_pool\_id. | `string` | `null` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [subnets](#output\_subnets) | Subnets grouped by type. | +| [vpc\_id](#output\_vpc\_id) | VPC Information | + \ No newline at end of file diff --git a/data.tf b/data.tf new file mode 100644 index 0000000..17279b9 --- /dev/null +++ b/data.tf @@ -0,0 +1,60 @@ +locals { + azs = slice(data.aws_availability_zones.current.names, 0, var.az_count) + + # references to module.calculate_subnets output + subnets = module.calculate_subnets.subnets_by_type + + # default names if no name_prefix is passed + subnet_names = { for type, v in var.subnets : type => try(v.name_prefix, type) } + + # NAT configurations options, selected based on nat_gateway_configuration + # null = none + # all = local.azs + # single = local.azs[0] + nat_options = { + "all_azs" = local.azs + "single_az" = [local.azs[0]] + "none" = [] # explicit "none" or omitted + } + # if public subnets being built, check how many nats to create + # options defined by `local.nat_options` + nat_configuration = contains(keys(local.subnets), "public") ? local.nat_options[try(var.subnets.public.nat_gateway_configuration, "none")] : local.nat_options["none"] + + # # if var.vpc_id is passed, assume create = `false` and cidr comes from data.aws_vpc + create_vpc = var.vpc_id == null ? true : false + vpc = local.create_vpc ? aws_vpc.main[0] : data.awscc_ec2_vpc.main[0] + vpc_cidr_block = var.vpc_ipv4_ipam_pool_id == null ? var.vpc_cidr_block : data.aws_vpc_ipam_preview_next_cidr.main[0].cidr + + create_flow_logs = (var.vpc_flow_logs == null || var.vpc_flow_logs.log_destination_type == "none") ? false : true +} + +data "aws_availability_zones" "current" { + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +# search for existing vpc with var.vpc_id if not creating +data "awscc_ec2_vpc" "main" { + count = local.create_vpc ? 0 : 1 + id = var.vpc_id +} + +# preview next available cidr from ipam pool +data "aws_vpc_ipam_preview_next_cidr" "main" { + count = var.vpc_ipv4_ipam_pool_id == null ? 0 : 1 + + ipam_pool_id = var.vpc_ipv4_ipam_pool_id + netmask_length = var.vpc_ipv4_netmask_length +} + +# santizes tags for both aws / awscc providers +# aws tags = module.tags.tags_aws +# awscc tags = module.tags.tags +module "tags" { + source = "aws-ia/label/aws" + version = "0.0.4" + + tags = var.tags +} diff --git a/defaults.tf b/defaults.tf new file mode 100644 index 0000000..23292c6 --- /dev/null +++ b/defaults.tf @@ -0,0 +1,23 @@ +# defaults.tf sets defaults for complex object types +# https://github.com/aws-ia/standards-terraform/issues/13 + +locals { + # defaults for var.vpc_flow_logs + flow_logs_definition = { + # defaults are null + log_destination = try(var.vpc_flow_logs.log_destination, null) + iam_role_arn = try(var.vpc_flow_logs.iam_role_arn, null) + # should this be removed? + kms_key_id = try(var.vpc_flow_logs.kms_key_id, null) + + # sensiblie defaults that can all be overridden + log_destination_type = var.vpc_flow_logs.log_destination_type == null ? "cloud-watch-logs" : var.vpc_flow_logs.log_destination_type + retention_in_days = var.vpc_flow_logs.retention_in_days == null ? 180 : var.vpc_flow_logs.retention_in_days + traffic_type = var.vpc_flow_logs.traffic_type == null ? "ALL" : var.vpc_flow_logs.traffic_type + destination_options = var.vpc_flow_logs.destination_options == null ? { + file_format = "plain-text" + hive_compatible_partitions = false + per_hour_partition = false + } : var.vpc_flow_logs.destination_options + } +} diff --git a/deploy/main.tf b/deploy/main.tf deleted file mode 100644 index 64eaf5c..0000000 --- a/deploy/main.tf +++ /dev/null @@ -1,50 +0,0 @@ -# ---------------------------------------------------------------------------------------------------------------------- -# REQUIRE A SPECIFIC TERRAFORM VERSION OR HIGHER -# This module has been updated with 1.0.1 syntax, which means it is no longer compatible with any versions below 1.0.1. -# ---------------------------------------------------------------------------------------------------------------------- -###################################### -# Defaults -###################################### -terraform { - required_version = ">= 1.0.1" - backend "remote" {} -} - -provider "aws" { - region = var.region -} - -resource "random_string" "rand4" { - length = 4 - special = false - upper = false -} - -module "vpc_label" { - source = "aws-ia/label/aws" - version = "0.0.3" - region = var.region - namespace = var.namespace - env = var.env - name = "${var.name}-${random_string.rand4.result}" - delimiter = var.delimiter - tags = tomap({ propogate_at_launch = "true", "terraform" = "true" }) -} - -###################################### -# Create VPC -###################################### -module "aws-ia_vpc" { - source = "../" - create_vpc = var.create_vpc - name = module.vpc_label.id - cidr = var.cidr - public_subnet_cidrs = var.public_subnet_cidrs - private_subnet_a_cidrs = var.private_subnet_a_cidrs - tags = {} - enable_dns_hostnames = var.enable_dns_hostnames - enable_dns_support = var.enable_dns_support - instance_tenancy = var.instance_tenancy - public_subnet_tags = tomap(var.public_subnet_tags) - private_subnet_tags = tomap(var.private_subnet_tags) -} diff --git a/deploy/variables.tf b/deploy/variables.tf deleted file mode 100644 index 06051b5..0000000 --- a/deploy/variables.tf +++ /dev/null @@ -1,86 +0,0 @@ -variable "namespace" { - description = "Namespace, which could be your organiation name, e.g. amazon" - default = "myorg" -} - -variable "env" { - description = "Environment, e.g. 'sit', 'uat', 'prod' etc" - default = "dev" -} - -variable "account" { - description = "Account, which could be AWS Account Name or Number" - default = "test" -} - -variable "name" { - description = "vpc name" - default = "vpc1" -} - -variable "delimiter" { - description = "Delimiter, which could be used between name, namespace and env" - default = "-" -} - -variable "tags" { - default = {} - description = "Tags, which could be used for additional tags" -} - -variable "enable_dns_hostnames" { - description = "Should be true to enable DNS hostnames in the VPC" - type = bool - default = true -} - -variable "enable_dns_support" { - description = "Should be true to enable DNS support in the VPC" - type = bool - default = true -} - -variable "instance_tenancy" { - description = "A tenancy option for instances launched into the VPC" - type = string - default = "default" -} - -variable "cidr" { - description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" - type = string - default = "10.0.0.0/16" -} - -variable "public_subnet_cidrs" { - description = "A list of private subnets inside the VPC" - type = list(string) - default = ["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"] -} - -variable "private_subnet_a_cidrs" { - description = "A list of private subnets inside the VPC" - type = list(string) - default = ["10.0.96.0/19", "10.0.232.0/22", "10.0.236.0/22"] -} - -variable "public_subnet_tags" { - type = map(string) - default = { "Name" = "Public Subnet" } - description = "Public Subnet Tags" -} - -variable "private_subnet_tags" { - type = map(string) - default = { "Name" = "Private Subnet" } - description = "Private Subnet Tags" -} - -variable "create_vpc" { - description = "Controls if VPC should be created (it affects almost all resources)" - type = bool - default = true -} -variable "region" { - default = "us-east-2" -} diff --git a/examples/fully_private/main.tf b/examples/fully_private/main.tf deleted file mode 100644 index bd04c18..0000000 --- a/examples/fully_private/main.tf +++ /dev/null @@ -1,73 +0,0 @@ -variable "region" { - type = string -} - -variable "profile" { - type = string -} - -variable "create_igw" { - type = bool - default = false -} - -variable "create_nat_gateways_private_b" { - type = bool - default = false -} - -variable "create_nat_gateways_private_a" { - type = bool - default = false -} - -variable "enabled_interface_endpoints" { - type = list(string) - default = ["s3", "sqs"] -} - -provider "aws" { - region = var.region - profile = var.profile -} - -module "aws-ia_vpc" { - source = "../../" - create_igw = var.create_igw - create_nat_gateways_private_a = var.create_nat_gateways_private_a - create_nat_gateways_private_b = var.create_nat_gateways_private_b - enabled_interface_endpoints = var.enabled_interface_endpoints -} - -output "igw_id" { - value = module.aws-ia_vpc.igw_id -} - -output "nat_gw_ids" { - value = module.aws-ia_vpc.nat_gw_ids -} - -output "private_a_nat_routes" { - value = module.aws-ia_vpc.private_a_nat_routes -} - -output "private_b_nat_routes" { - value = module.aws-ia_vpc.private_b_nat_routes -} - -output "endpoints" { - value = { - s3 = { - arn = module.aws-ia_vpc.interface_endpoints["s3"]["arn"] - private_dns_enabled = module.aws-ia_vpc.interface_endpoints["s3"]["private_dns_enabled"] - }, - sts = { - arn = module.aws-ia_vpc.interface_endpoints["sqs"]["arn"] - private_dns_enabled = module.aws-ia_vpc.interface_endpoints["sqs"]["private_dns_enabled"] - } - } -} - -output "endpoint_sg_id" { - value = module.aws-ia_vpc.vpc_endpoint_security_group_id -} diff --git a/examples/ipam/main.tf b/examples/ipam/main.tf new file mode 100644 index 0000000..e1aa9dc --- /dev/null +++ b/examples/ipam/main.tf @@ -0,0 +1,28 @@ +module "vpc" { + source = "aws-ia/vpc/awscc" + + name = "ipam-vpc" + az_count = 3 + + vpc_ipv4_ipam_pool_id = var.ipam_pool_id + vpc_ipv4_netmask_length = 20 + + subnets = { + public = { + netmask = 24 + nat_gateway_configuration = "all_azs" + } + private = { + netmask = 24 + route_to_nat = true + } + } +} + +##################################### +# Example of a simple IPAM deployment +##################################### + +# module "ipam_base_for_example_only" { +# source = "../../test/hcl_fixtures/ipam_base" +# } diff --git a/examples/ipam/outputs.tf b/examples/ipam/outputs.tf new file mode 100644 index 0000000..e7dab00 --- /dev/null +++ b/examples/ipam/outputs.tf @@ -0,0 +1,4 @@ +output "subnets" { + description = "Map of subnet types with key/value az = cidr." + value = module.vpc.subnets +} diff --git a/examples/ipam/variables.tf b/examples/ipam/variables.tf new file mode 100644 index 0000000..59c49d6 --- /dev/null +++ b/examples/ipam/variables.tf @@ -0,0 +1,4 @@ +variable "ipam_pool_id" { + description = "pool id to request CIDR from." + type = string +} diff --git a/examples/minimal/main.tf b/examples/minimal/main.tf deleted file mode 100644 index 984b599..0000000 --- a/examples/minimal/main.tf +++ /dev/null @@ -1,28 +0,0 @@ -variable "region" { - type = string -} - -variable "profile" { - type = string -} - -provider "aws" { - region = var.region - profile = var.profile -} - -module "aws-ia_vpc" { - source = "../../" -} - -output "public_subnet_ids" { - value = module.aws-ia_vpc.public_subnet_ids -} - -output "private_subnet_a_ids" { - value = module.aws-ia_vpc.private_subnet_a_ids -} - -output "private_subnet_b_ids" { - value = module.aws-ia_vpc.private_subnet_b_ids -} diff --git a/examples/no_create/main.tf b/examples/no_create/main.tf deleted file mode 100644 index 4f1f23e..0000000 --- a/examples/no_create/main.tf +++ /dev/null @@ -1,17 +0,0 @@ -variable "region" { - type = string -} - -variable "profile" { - type = string -} - -provider "aws" { - region = var.region - profile = var.profile -} - -module "aws-ia_vpc" { - source = "../../" - create_vpc = false -} diff --git a/examples/private_only/main.tf b/examples/private_only/main.tf new file mode 100644 index 0000000..71c54f3 --- /dev/null +++ b/examples/private_only/main.tf @@ -0,0 +1,11 @@ +module "vpc" { + source = "../.." + + name = "multi-az-vpc" + vpc_cidr_block = "10.0.0.0/20" + az_count = 3 + + subnets = { + private = { netmask = 24 } + } +} diff --git a/examples/private_only/outputs.tf b/examples/private_only/outputs.tf new file mode 100644 index 0000000..e7dab00 --- /dev/null +++ b/examples/private_only/outputs.tf @@ -0,0 +1,4 @@ +output "subnets" { + description = "Map of subnet types with key/value az = cidr." + value = module.vpc.subnets +} diff --git a/examples/private_only/variables.tf b/examples/private_only/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/examples/public_only/main.tf b/examples/public_only/main.tf new file mode 100644 index 0000000..7e9fb6c --- /dev/null +++ b/examples/public_only/main.tf @@ -0,0 +1,17 @@ +module "vpc" { + source = "../.." + + name = "multi-az-vpc" + vpc_cidr_block = "10.0.0.0/20" + az_count = 3 + + subnets = { + public = { + name_prefix = "my-public" # omit to prefix with "public" + netmask = 24 + nat_gateway_configuration = "all_azs" # options: "single_az", "none" + } + } + + +} diff --git a/examples/public_only/outputs.tf b/examples/public_only/outputs.tf new file mode 100644 index 0000000..e7dab00 --- /dev/null +++ b/examples/public_only/outputs.tf @@ -0,0 +1,4 @@ +output "subnets" { + description = "Map of subnet types with key/value az = cidr." + value = module.vpc.subnets +} diff --git a/examples/public_only/variables.tf b/examples/public_only/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/examples/public_private_flow_logs/main.tf b/examples/public_private_flow_logs/main.tf new file mode 100644 index 0000000..487ea6b --- /dev/null +++ b/examples/public_private_flow_logs/main.tf @@ -0,0 +1,28 @@ +module "vpc" { + source = "../.." + + name = "multi-az-vpc" + vpc_cidr_block = "10.0.0.0/20" + az_count = 3 + + subnets = { + public = { + name_prefix = "my-public" # omit to prefix with "public" + netmask = 24 + nat_gateway_configuration = "all_azs" # options: "single_az", "none" + } + + private = { + # omitting name_prefix defaults value to "private" + # name_prefix = "private" + netmask = 24 + route_to_nat = true + } + } + + vpc_flow_logs = { + log_destination_type = "cloud-watch-logs" + retention_in_days = 180 + kms_key_id = null + } +} diff --git a/examples/public_private_flow_logs/outputs.tf b/examples/public_private_flow_logs/outputs.tf new file mode 100644 index 0000000..e7dab00 --- /dev/null +++ b/examples/public_private_flow_logs/outputs.tf @@ -0,0 +1,4 @@ +output "subnets" { + description = "Map of subnet types with key/value az = cidr." + value = module.vpc.subnets +} diff --git a/examples/public_private_flow_logs/variables.tf b/examples/public_private_flow_logs/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/main.tf b/main.tf index af2f2f5..f0acdf7 100644 --- a/main.tf +++ b/main.tf @@ -1,362 +1,147 @@ -terraform { - required_version = ">= 1.0.0" - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 3.49.0" - } - } -} - -data "aws_availability_zones" "available" { - state = "available" -} - -locals { - max_subnet_length = max( - length(local.public_subnet_cidrs), - length(local.private_subnet_a_cidrs), - length(local.private_subnet_b_cidrs), - ) +module "calculate_subnets" { + source = "./modules/calculate_subnets" - name = var.name == null ? length(random_string.vpc_name_suffix) > 0 ? "tf-vpc-${random_string.vpc_name_suffix[0].id}" : "" : var.name - public_subnet_cidrs = var.public_subnet_cidrs == null ? cidrsubnets(cidrsubnets(var.cidr, 2)[0], 2, 2, 2) : var.public_subnet_cidrs - private_subnet_a_cidrs = var.private_subnet_a_cidrs == null ? cidrsubnets(cidrsubnets(var.cidr, 2, 2)[1], 2, 2, 2) : var.private_subnet_a_cidrs - private_subnet_b_cidrs = var.private_subnet_b_cidrs == null ? [] : var.private_subnet_b_cidrs - availability_zones = var.availability_zones == null ? data.aws_availability_zones.available.names : var.availability_zones - - # count variables - vpc_count = var.create_vpc ? 1 : 0 - public_subnet_count = var.create_vpc ? length(local.public_subnet_cidrs) : 0 - private_subnet_a_count = var.create_vpc ? length(local.private_subnet_a_cidrs) : 0 - private_subnet_b_count = var.create_vpc ? length(local.private_subnet_b_cidrs) : 0 - igw_count = var.create_igw && length(local.public_subnet_cidrs) > 0 ? local.vpc_count : 0 - public_route_table_count = length(local.public_subnet_cidrs) > 0 ? local.vpc_count : 0 - private_a_nacl_count = length(local.private_subnet_a_cidrs) > 0 ? local.vpc_count : 0 - private_b_nacl_count = length(local.private_subnet_b_cidrs) > 0 ? local.vpc_count : 0 - nat_gateway_private_a_count = var.create_vpc && var.create_igw && var.create_nat_gateways_private_a ? length(local.private_subnet_a_cidrs) : 0 - nat_gateway_private_b_count = var.create_vpc && var.create_igw && var.create_nat_gateways_private_b ? length(local.private_subnet_b_cidrs) : 0 -} + cidr = local.vpc.cidr_block + azs = local.azs -module "vpc_endpoints" { - source = "aws-ia/vpc_endpoints/aws" - version = "0.1.1" - count = var.create_vpc ? length(var.enabled_interface_endpoints) > 0 || length(var.enabled_gateway_endpoints) > 0 ? 1 : 0 : 0 - vpc_id = aws_vpc.main[0].id - subnet_ids = aws_subnet.private_b[*].id - route_table_ids = concat(aws_route_table.private_a[*].id, aws_route_table.private_b[*].id) - enabled_interface_endpoints = var.enabled_interface_endpoints - enabled_gateway_endpoints = var.enabled_gateway_endpoints - private_dns_enabled = true + subnets = var.subnets } -########### -# Defaults -########## - -resource "random_string" "vpc_name_suffix" { - count = local.vpc_count - length = 6 - special = false -} - -###### -# VPC -###### resource "aws_vpc" "main" { - count = local.vpc_count + count = local.create_vpc ? 1 : 0 - cidr_block = var.cidr - instance_tenancy = var.instance_tenancy - enable_dns_hostnames = var.enable_dns_hostnames - enable_dns_support = var.enable_dns_support + cidr_block = local.vpc_cidr_block + enable_dns_hostnames = var.vpc_enable_dns_hostnames + enable_dns_support = var.vpc_enable_dns_support + instance_tenancy = var.vpc_instance_tenancy + ipv4_ipam_pool_id = var.vpc_ipv4_ipam_pool_id - tags = merge(var.tags, { Name = local.name }) + tags = merge({ + "Name" = var.name + }, + module.tags.tags_aws) } -################### -# Internet Gateway -################### -resource "aws_internet_gateway" "gw" { - count = local.igw_count - vpc_id = aws_vpc.main[count.index].id - - tags = { - Name = "${local.name}_iGW" - } - -} - -################ -# Publiс routes -################ -resource "aws_route_table" "public" { - count = local.public_route_table_count - vpc_id = aws_vpc.main[count.index].id - - tags = { - Name = "${local.name}-public_routes" - } - -} - -resource "aws_route" "public_internet_gateway" { - count = local.igw_count - route_table_id = aws_route_table.public[count.index].id - destination_cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.gw[count.index].id - - timeouts { - create = "5m" - } -} +resource "aws_subnet" "private" { + for_each = try(local.subnets.private, {}) -################# -# Private routes A -# We always create one route table per subnet, regardless of how many nat gateways are deployed -################# -resource "aws_route_table" "private_a" { - count = local.private_subnet_a_count - vpc_id = aws_vpc.main[0].id - tags = { - Name = "${local.name}_private_route_a${count.index}" - } -} + availability_zone = each.key + vpc_id = local.vpc.id + cidr_block = each.value + map_public_ip_on_launch = false -################# -# Private routes B -# We always create one route table per subnet, regardless of how many nat gateways are deployed -################# -resource "aws_route_table" "private_b" { - count = local.private_subnet_b_count - vpc_id = aws_vpc.main[0].id - tags = { - Name = "${local.name}_private_routes_b${count.index}" - } + tags = merge({ + Name = "${local.subnet_names["private"]}-${each.key}" }, + module.tags.tags_aws) } -################ -# Public subnet -################ resource "aws_subnet" "public" { - count = local.public_subnet_count - vpc_id = aws_vpc.main[0].id - cidr_block = local.public_subnet_cidrs[count.index] - availability_zone = local.availability_zones[count.index] - map_public_ip_on_launch = true + for_each = try(local.subnets.public, {}) - tags = merge(var.public_subnet_tags, { Name = "${local.name}_public_${count.index}" }) + availability_zone = each.key + vpc_id = local.vpc.id + cidr_block = each.value + tags = merge({ + Name = "${local.subnet_names["public"]}}-${each.key}" }, + module.tags.tags_aws) } -################# -# Private subnet A -################# -resource "aws_subnet" "private_a" { - count = local.private_subnet_a_count - vpc_id = aws_vpc.main[0].id - cidr_block = local.private_subnet_a_cidrs[count.index] - availability_zone = local.availability_zones[count.index] - tags = merge(var.private_subnet_tags, { Name = "${local.name}_private_a_${count.index}" }) -} +resource "awscc_ec2_route_table" "private" { + for_each = try(local.subnets.private, {}) -################# -# Private subnet B -################# -resource "aws_subnet" "private_b" { - count = local.private_subnet_b_count - vpc_id = aws_vpc.main[0].id - cidr_block = local.private_subnet_b_cidrs[count.index] - availability_zone = local.availability_zones[count.index] - tags = merge(var.private_subnet_tags, { Name = "${local.name}_private_b_${count.index}" }) + vpc_id = local.vpc.id + + tags = concat( + [{ "key" = "Name", "value" = "${local.subnet_names["private"]}-${each.key}" }], + module.tags.tags + ) } +resource "awscc_ec2_route_table" "public" { + for_each = try(local.subnets.public, {}) -######################## -# Network ACLs -######################## -resource "aws_network_acl" "public" { - count = local.public_route_table_count - vpc_id = aws_vpc.main[0].id - subnet_ids = aws_subnet.public.*.id + vpc_id = local.vpc.id - tags = { - Name = "${local.name}_public_nework_acl" - } + tags = concat( + [{ "key" = "Name", "value" = "${local.subnet_names["public"]}}-${each.key}" }], + module.tags.tags + ) } -resource "aws_network_acl_rule" "public_inbound" { - count = local.public_route_table_count - network_acl_id = aws_network_acl.public[0].id - - egress = false - rule_number = var.public_inbound_acl_rules[0]["rule_number"] - rule_action = var.public_inbound_acl_rules[0]["rule_action"] - from_port = lookup(var.public_inbound_acl_rules[0], "from_port", null) - to_port = lookup(var.public_inbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.public_inbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.public_inbound_acl_rules[0], "icmp_type", null) - protocol = var.public_inbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.public_inbound_acl_rules[0], "cidr_block", null) -} +resource "awscc_ec2_subnet_route_table_association" "private" { + for_each = try(local.subnets.private, {}) -resource "aws_network_acl_rule" "public_outbound" { - count = local.public_route_table_count - network_acl_id = aws_network_acl.public[0].id - - egress = true - rule_number = var.public_outbound_acl_rules[0]["rule_number"] - rule_action = var.public_outbound_acl_rules[0]["rule_action"] - from_port = lookup(var.public_outbound_acl_rules[0], "from_port", null) - to_port = lookup(var.public_outbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.public_outbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.public_outbound_acl_rules[0], "icmp_type", null) - protocol = var.public_outbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.public_outbound_acl_rules[0], "cidr_block", null) + subnet_id = aws_subnet.private[each.key].id + route_table_id = awscc_ec2_route_table.private[each.key].id } -resource "aws_network_acl" "private_a" { - count = local.private_a_nacl_count - vpc_id = aws_vpc.main[0].id - subnet_ids = aws_subnet.private_a.*.id +resource "awscc_ec2_subnet_route_table_association" "public" { + for_each = try(local.subnets.public, {}) - tags = { - Name = "${local.name}_private_a_nework_acl" - } + subnet_id = aws_subnet.public[each.key].id + route_table_id = awscc_ec2_route_table.public[each.key].id } -resource "aws_network_acl_rule" "private_a_inbound" { - count = local.private_a_nacl_count - network_acl_id = aws_network_acl.private_a[count.index].id - - egress = false - rule_number = var.private_a_inbound_acl_rules[0]["rule_number"] - rule_action = var.private_a_inbound_acl_rules[0]["rule_action"] - from_port = lookup(var.private_a_inbound_acl_rules[0], "from_port", null) - to_port = lookup(var.private_a_inbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.private_a_inbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.private_a_inbound_acl_rules[0], "icmp_type", null) - protocol = var.private_a_inbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.private_a_inbound_acl_rules[0], "cidr_block", null) -} +resource "aws_eip" "nat" { + for_each = toset(local.nat_configuration) + vpc = true -resource "aws_network_acl_rule" "private_a_outbound" { - count = local.private_a_nacl_count - network_acl_id = aws_network_acl.private_a[count.index].id - - egress = true - rule_number = var.private_a_outbound_acl_rules[0]["rule_number"] - rule_action = var.private_a_outbound_acl_rules[0]["rule_action"] - from_port = lookup(var.private_a_outbound_acl_rules[0], "from_port", null) - to_port = lookup(var.private_a_outbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.private_a_outbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.private_a_outbound_acl_rules[0], "icmp_type", null) - protocol = var.private_a_outbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.private_a_outbound_acl_rules[0], "cidr_block", null) + tags = merge({ + Name = "nat-${local.subnet_names["public"]}-${each.key}" + }, module.tags.tags_aws) } -resource "aws_network_acl" "private_b" { - count = local.private_b_nacl_count - vpc_id = aws_vpc.main[0].id - subnet_ids = aws_subnet.private_b.*.id +resource "aws_nat_gateway" "main" { + for_each = toset(local.nat_configuration) - tags = { - Name = "${local.name}_private_b_nework_acl" - } -} + allocation_id = aws_eip.nat[each.key].id + subnet_id = aws_subnet.public[each.key].id -resource "aws_network_acl_rule" "private_b_inbound" { - count = local.private_b_nacl_count - network_acl_id = aws_network_acl.private_b[count.index].id - - egress = false - rule_number = var.private_b_inbound_acl_rules[0]["rule_number"] - rule_action = var.private_b_inbound_acl_rules[0]["rule_action"] - from_port = lookup(var.private_b_inbound_acl_rules[0], "from_port", null) - to_port = lookup(var.private_b_inbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.private_b_inbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.private_b_inbound_acl_rules[0], "icmp_type", null) - protocol = var.private_b_inbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.private_b_inbound_acl_rules[0], "cidr_block", null) -} + tags = merge({ + Name = "nat-${local.subnet_names["public"]}-${each.key}" }, + module.tags.tags_aws) -resource "aws_network_acl_rule" "private_b_outbound" { - count = local.private_b_nacl_count - network_acl_id = aws_network_acl.private_b[count.index].id - - egress = true - rule_number = var.private_b_outbound_acl_rules[0]["rule_number"] - rule_action = var.private_b_outbound_acl_rules[0]["rule_action"] - from_port = lookup(var.private_b_outbound_acl_rules[0], "from_port", null) - to_port = lookup(var.private_b_outbound_acl_rules[0], "to_port", null) - icmp_code = lookup(var.private_b_outbound_acl_rules[0], "icmp_code", null) - icmp_type = lookup(var.private_b_outbound_acl_rules[0], "icmp_type", null) - protocol = var.private_b_outbound_acl_rules[0]["protocol"] - cidr_block = lookup(var.private_b_outbound_acl_rules[0], "cidr_block", null) + depends_on = [ + aws_internet_gateway.main + ] } -############## -# NAT Gateway -############## - -resource "aws_eip" "nat" { - count = local.nat_gateway_private_a_count - vpc = true +resource "aws_internet_gateway" "main" { + count = contains(keys(local.subnets), "public") ? 1 : 0 + vpc_id = local.vpc.id - tags = { - Name = "${local.name}_EIP_a_nat_${count.index}" - } + tags = merge({ + Name = var.name }, + module.tags.tags_aws) } -resource "aws_nat_gateway" "nat_gw" { - count = local.nat_gateway_private_a_count - allocation_id = aws_eip.nat[count.index].id - subnet_id = aws_subnet.public[count.index].id - tags = { - Name = "${local.name}_EIP_a_nat_gateway_${count.index}" - } - depends_on = [aws_internet_gateway.gw] -} +resource "aws_route" "private_to_nat" { + # if `route_to_nat` exists & `true` apply to private subnets per az, else do not apply + for_each = try(var.subnets.private.route_to_nat, false) ? try(local.subnets.public, {}) : {} -resource "aws_route" "private_a_nat_gateway" { - count = local.nat_gateway_private_a_count - route_table_id = aws_route_table.private_a[count.index].id + route_table_id = awscc_ec2_route_table.private[each.key].id destination_cidr_block = "0.0.0.0/0" - nat_gateway_id = aws_nat_gateway.nat_gw[count.index].id - - timeouts { - create = "5m" - } + # try to get nat for AZ, else use singular nat + nat_gateway_id = try(aws_nat_gateway.main[each.key].id, aws_nat_gateway.main[local.nat_configuration[0]].id) } -resource "aws_route" "private_b_nat_gateway" { - count = local.nat_gateway_private_b_count - route_table_id = aws_route_table.private_b[count.index].id - destination_cidr_block = "0.0.0.0/0" - nat_gateway_id = aws_nat_gateway.nat_gw[count.index].id +resource "aws_route" "public_to_igw" { + for_each = try(local.subnets.public, {}) - timeouts { - create = "5m" - } + route_table_id = awscc_ec2_route_table.public[each.key].id + destination_cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main[0].id } -########################## -# Route table association -########################## -resource "aws_route_table_association" "private_a" { - count = local.private_subnet_a_count - subnet_id = aws_subnet.private_a[count.index].id - route_table_id = aws_route_table.private_a[count.index].id -} +module "flow_logs" { + count = local.create_flow_logs ? 1 : 0 -resource "aws_route_table_association" "private_b" { - count = local.private_subnet_b_count - subnet_id = aws_subnet.private_b[count.index].id - route_table_id = aws_route_table.private_b[count.index].id -} + source = "./modules/flow_logs" -resource "aws_route_table_association" "public" { - count = local.public_subnet_count - subnet_id = aws_subnet.public[count.index].id - route_table_id = aws_route_table.public[0].id + name = var.name + # see defaults.tf for local definition + flow_log_defintion = local.flow_logs_definition + vpc_id = local.vpc.id + tags = module.tags.tags_aws } diff --git a/modules/calculate_subnets/main.tf b/modules/calculate_subnets/main.tf new file mode 100644 index 0000000..a8de274 --- /dev/null +++ b/modules/calculate_subnets/main.tf @@ -0,0 +1,29 @@ +locals { + # group subnets by type and create names for each type + type_grouped_named_subnets_to_build = { for name, subnet_definition in var.subnets : name => [for _, az in var.azs : "${name}/${az}"] } + # which network groups require calculating subnet + types_to_calculate = [for type, subnet_definition in var.subnets : type if can(subnet_definition.netmask)] + # network groups that are set explicitly + types_with_explicit = setsubtract(keys(var.subnets), local.types_to_calculate) + + # network object to pass to calculating module + calculated_subnet_objects = flatten([for _, type in local.types_to_calculate : [for _, v in local.type_grouped_named_subnets_to_build[type] : { + "name" = v + "netmask" = var.subnets[type].netmask + } + ]]) + + # map of explicit cidrs to az + explict_cidrs_grouped = { for _, type in local.types_with_explicit : type => zipmap(var.azs, var.subnets[type].cidrs[*]) } +} + +module "subnet_calculator" { + count = local.types_to_calculate == [] ? 0 : 1 + #TODO: switch to registry link once published + source = "drewmullen/subnets/cidr" + version = "1.0.0" + + base_cidr_block = var.cidr + networks = local.calculated_subnet_objects +} + diff --git a/modules/calculate_subnets/outputs.tf b/modules/calculate_subnets/outputs.tf new file mode 100644 index 0000000..aec4332 --- /dev/null +++ b/modules/calculate_subnets/outputs.tf @@ -0,0 +1,4 @@ +output "subnets_by_type" { + description = "Outputs subnets prefixes by type (private, public). Derived from split(var.separator, )." + value = merge(try(local.explict_cidrs_grouped, {}), try(module.subnet_calculator[0].grouped_by_separator, {})) +} diff --git a/modules/calculate_subnets/provider.tf b/modules/calculate_subnets/provider.tf new file mode 100644 index 0000000..4ee0ddb --- /dev/null +++ b/modules/calculate_subnets/provider.tf @@ -0,0 +1,13 @@ +terraform { + required_version = ">= 0.15.0" + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 3.72.0" + } + awscc = { + source = "hashicorp/awscc" + version = ">= 0.15.0" + } + } +} diff --git a/modules/calculate_subnets/variables.tf b/modules/calculate_subnets/variables.tf new file mode 100644 index 0000000..9bba577 --- /dev/null +++ b/modules/calculate_subnets/variables.tf @@ -0,0 +1,14 @@ +variable "subnets" { + description = "Defition of subnets to be built. If `netmask` is passed will calculate CIDR. Else `cidrs` list is ziped to var.azs and merged into final output to be built into aws_subnet(s)." + type = any + # validation happening on root module +} +variable "azs" { + description = "List of AZs to build. AZ is appened to each IP address prefix name." + type = list(string) +} + +variable "cidr" { + description = "CIDR value to use as base for calculating IP address prefixes." + type = string +} diff --git a/modules/flow_logs/main.tf b/modules/flow_logs/main.tf new file mode 100644 index 0000000..56d21f1 --- /dev/null +++ b/modules/flow_logs/main.tf @@ -0,0 +1,51 @@ +locals { + # does log destination need to be created? + create_flow_log_destination = (var.flow_log_defintion.log_destination == null && var.flow_log_defintion.log_destination_type != "none") ? true : false + + # which log destination to use + log_destination = local.create_flow_log_destination ? ( + var.flow_log_defintion.log_destination_type == "cloud-watch-logs" ? module.cloudwatch_log_group[0].log_group.arn : null # change to s3 when implemented + ) : var.flow_log_defintion.log_destination + + # Use IAM from submodule if if not passed + iam_role_arn = local.create_flow_log_destination ? ( + var.flow_log_defintion.log_destination_type == "cloud-watch-logs" ? module.cloudwatch_log_group[0].iam_role.arn : null # change to s3 when implemented + ) : var.flow_log_defintion.iam_role_arn +} + +module "cloudwatch_log_group" { + # if create destination and type = cloud-watch-logs + count = (local.create_flow_log_destination && var.flow_log_defintion.log_destination_type == "cloud-watch-logs") ? 1 : 0 + source = "aws-ia/cloudwatch-log-group/aws" + version = "1.0.0" + + name = var.name + retention_in_days = var.flow_log_defintion.retention_in_days + kms_key_id = var.flow_log_defintion.kms_key_id + aws_service_principal = "vpc-flow-logs.amazonaws.com" + tags = var.tags +} + +resource "aws_flow_log" "main" { + log_destination = local.log_destination + iam_role_arn = local.iam_role_arn + log_destination_type = var.flow_log_defintion.log_destination_type + traffic_type = var.flow_log_defintion.traffic_type + vpc_id = var.vpc_id + + dynamic "destination_options" { + for_each = var.flow_log_defintion.log_destination_type == "s3" ? var.flow_log_defintion.destination_options : {} + + content { + file_format = each.value.file_format + per_hour_partition = each.value.per_hour_partition + hive_compatible_partitions = each.value.hive_compatible_partitions + } + } + + tags = merge( + { Name = var.name }, + var.tags + ) +} + diff --git a/modules/flow_logs/outputs.tf b/modules/flow_logs/outputs.tf new file mode 100644 index 0000000..528ab8a --- /dev/null +++ b/modules/flow_logs/outputs.tf @@ -0,0 +1,4 @@ +output "flow_log" { + description = "Flow Log information." + value = aws_flow_log.main +} diff --git a/modules/flow_logs/provider.tf b/modules/flow_logs/provider.tf new file mode 100644 index 0000000..4ee0ddb --- /dev/null +++ b/modules/flow_logs/provider.tf @@ -0,0 +1,13 @@ +terraform { + required_version = ">= 0.15.0" + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 3.72.0" + } + awscc = { + source = "hashicorp/awscc" + version = ">= 0.15.0" + } + } +} diff --git a/modules/flow_logs/variables.tf b/modules/flow_logs/variables.tf new file mode 100644 index 0000000..d83345c --- /dev/null +++ b/modules/flow_logs/variables.tf @@ -0,0 +1,20 @@ +variable "name" { + description = "Name to give the VPC Flow Logs and optional resources." + type = string +} + +variable "flow_log_defintion" { + description = "Definition of the Flow Logs (FL) to create. Can define pre-existing log_destination / iam_role_arn or theyll be created, default is Cloud Watch." + type = any +} + +variable "vpc_id" { + description = "VPC ID to create flow logs for." + type = string +} + +variable "tags" { + description = "Tags." + type = map(string) + default = null +} diff --git a/outputs.tf b/outputs.tf index 5217a73..59b08fc 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,244 +1,9 @@ -# VPC -output "vpc_cidr" { - description = "VPC_CIDR " - #value = aws_vpc.main[count.index].cidr_block - value = concat(aws_vpc.main.*.cidr_block, [""])[0] -} output "vpc_id" { - description = "The ID of the VPC" - #value = aws_vpc.main[count.index].id - value = concat(aws_vpc.main.*.id, [""])[0] -} -output "private_subnet_a_ids" { - description = "List of IDs of privateA subnets" - value = aws_subnet.private_a.*.id -} -output "private_subnet_b_ids" { - description = "List of IDs of privateB subnets" - value = aws_subnet.private_b.*.id -} -output "private_subnets" { - description = "List of IDs of private subnets" - value = flatten([compact(aws_subnet.private_a.*.id), compact(aws_subnet.private_b.*.id)]) -} -output "private_subnet_route_tables" { - description = "List of IDs of private subnets" - value = flatten([aws_route_table.private_a.*.id, aws_route_table.private_b.*.id]) -} -output "availability_zones" { - description = "List of availability zones names for subnets in this vpc" - value = compact(distinct(flatten([ - aws_subnet.private_a.*.availability_zone, - aws_subnet.private_b.*.availability_zone, - aws_subnet.public.*.availability_zone - ]))) -} -output "public_subnet_ids" { - description = "List of IDs of privateB subnets" - value = aws_subnet.public.*.id -} - -output "nat_eips" { - description = "NAT IP addresses" - value = try(aws_eip.nat[*].public_ip, "") -} - -output "private_subnet_1a_cidr" { - description = " Private subnet 1A CIDR in Availability Zone 1" - value = try(aws_subnet.private_a[0].cidr_block, "") -} - -output "private_subnet_1a_id" { - description = " Private subnet 1A ID in Availability Zone 1" - value = try(aws_subnet.private_a[0].id, "") -} - -output "private_subnet_1b_cidr" { - description = " Private subnet 1B CIDR in Availability Zone 1" - value = try(aws_subnet.private_b[0].cidr_block, "") -} - -output "private_subnet_1b_id" { - description = " Private subnet 1B ID in Availability Zone 1" - value = try(aws_subnet.private_b[0].id, "") -} - -output "private_subnet_2a_cidr" { - description = " Private subnet 2A CIDR in Availability Zone 2" - value = try(aws_subnet.private_a[1].cidr_block, "") -} - -output "private_subnet_2a_id" { - description = " Private subnet 2A ID in Availability Zone 2" - value = try(aws_subnet.private_a[1].id, "") -} - -output "private_subnet_2b_cidr" { - description = " Private subnet 2B CIDR in Availability Zone 2" - value = try(aws_subnet.private_b[1].cidr_block, "") -} - -output "private_subnet_2b_id" { - description = " Private subnet 2B ID in Availability Zone 2" - value = try(aws_subnet.private_b[1].id, "") -} - -output "private_subnet_3a_cidr" { - description = " Private subnet 3A CIDR in Availability Zone 3" - value = length(aws_subnet.private_a.*.cidr_block) > 2 ? aws_subnet.private_a[2].cidr_block : null -} - -output "private_subnet_3a_id" { - description = " Private subnet 3A ID in Availability Zone 3" - value = length(aws_subnet.private_a.*.id) > 2 ? aws_subnet.private_a[2].id : null -} - -output "private_subnet_3b_cidr" { - description = " Private subnet 3B CIDR in Availability Zone 3" - value = length(aws_subnet.private_b.*.cidr_block) > 2 ? aws_subnet.private_b[2].cidr_block : null -} - -output "private_subnet_3b_id" { - description = " Private subnet 3B ID in Availability Zone 3" - value = length(aws_subnet.private_b.*.id) > 2 ? aws_subnet.private_b[2].id : null -} - -output "private_subnet_4a_cidr" { - description = " Private subnet 4A CIDR in Availability Zone 4" - value = length(aws_subnet.private_a.*.cidr_block) > 3 ? aws_subnet.private_a[3].cidr_block : null -} - -output "private_subnet_4a_id" { - description = " Private subnet 4A ID in Availability Zone 4" - value = length(aws_subnet.private_a.*.id) > 3 ? aws_subnet.private_a[3].id : null -} - -output "private_subnet_4b_cidr" { - description = " Private subnet 4B CIDR in Availability Zone 4" - value = length(aws_subnet.private_b.*.cidr_block) > 3 ? aws_subnet.private_b[3].cidr_block : null -} - -output "private_subnet_4b_id" { - description = " Private subnet 4B ID in Availability Zone 4" - value = length(aws_subnet.private_b.*.id) > 3 ? aws_subnet.private_b[3].id : null -} - -output "public_subnet_1_cidr" { - description = " Public subnet 1 CIDR in Availability Zone 1" - value = try(aws_subnet.public[0].cidr_block, "") -} - -output "public_subnet_1_id" { - description = " Public subnet 1 ID in Availability Zone 1" - value = try(aws_subnet.public[0].id, "") -} - -output "public_subnet_2_cidr" { - description = " Public subnet 2 CIDR in Availability Zone 2" - value = try(aws_subnet.public[1].cidr_block, "") -} - -output "public_subnet_2_id" { - description = " Public subnet 2 ID in Availability Zone 2" - value = try(aws_subnet.public[1].id, "") -} - -output "public_subnet_3_cidr" { - description = " Public subnet 3 CIDR in Availability Zone 3" - value = length(aws_subnet.public.*.cidr_block) > 2 ? aws_subnet.public[2].cidr_block : null -} - -output "public_subnet_3_id" { - description = " Public subnet 3 ID in Availability Zone 3" - value = length(aws_subnet.public.*.id) > 2 ? aws_subnet.public[2].id : null -} - -output "public_subnet_4_cidr" { - description = " Public subnet 4 CIDR in Availability Zone 4" - value = length(aws_subnet.public.*.cidr_block) > 3 ? aws_subnet.public[3].cidr_block : null -} - -output "public_subnet_4_id" { - description = " Public subnet 4 ID in Availability Zone 4" - value = length(aws_subnet.public.*.id) > 3 ? aws_subnet.public[3].id : null -} - -output "private_subnet_1a_route_table" { - description = " Private subnet 1A route table" - value = try(aws_route_table.private_a[0].id, "") -} - -output "private_subnet_1b_route_table" { - description = " Private subnet 1B route table" - value = try(aws_route_table.private_b[0].id, "") -} - -output "private_subnet_2a_route_table" { - description = " Private subnet 2A route table" - value = try(aws_route_table.private_a[1].id, "") -} - -output "private_subnet_2b_route_table" { - description = " Private subnet 2B route table" - value = try(aws_route_table.private_b[1].id, "") -} - -output "private_subnet_3a_route_table" { - description = " Private subnet 3A route table" - value = length(aws_route_table.private_a.*.id) > 2 ? aws_route_table.private_a[2].id : null -} - -output "private_subnet_3b_route_table" { - description = " Private subnet 3B route table" - value = length(aws_route_table.private_b.*.id) > 2 ? aws_route_table.private_b[2].id : null -} - -output "private_subnet_4a_route_table" { - description = " Private subnet 4A route table" - value = length(aws_route_table.private_a.*.id) > 3 ? aws_route_table.private_a[3].id : null -} - -output "private_subnet_4b_route_table" { - description = " Private subnet 4B route table" - value = length(aws_route_table.private_b.*.id) > 3 ? aws_route_table.private_b[3].id : null -} - -output "public_subnet_route_table" { - description = " Public subnet route table" - value = aws_route_table.public.*.id -} - -output "igw_id" { - description = "ID for IGW attached to public subnets" - value = length(aws_internet_gateway.gw) == 1 ? aws_internet_gateway.gw[0].id : "" -} - -output "nat_gw_ids" { - description = "ID's for NAT gateways attached to private subnets" - value = length(aws_nat_gateway.nat_gw) > 0 ? aws_nat_gateway.nat_gw[*].id : [] -} - -output "private_a_nat_routes" { - description = "Routes for NAT gateways attached to private_a subnets" - value = length(aws_route.private_a_nat_gateway[*]) > 0 ? aws_route.private_a_nat_gateway[*].id : [] -} - -output "private_b_nat_routes" { - description = "Routes for NAT gateways attached to private_b subnets" - value = length(aws_route.private_b_nat_gateway[*]) > 0 ? aws_route.private_b_nat_gateway[*].id : [] -} - -output "interface_endpoints" { - description = "map of properties for all enabled interface endpoints" - value = length(module.vpc_endpoints) == 1 ? module.vpc_endpoints[0].interface_endpoints : null -} - -output "gateway_endpoints" { - description = "map of properties for all enabled gateway endpoints" - value = length(module.vpc_endpoints) == 1 ? module.vpc_endpoints[0].gateway_endpoints : null + description = "VPC Information" + value = local.vpc } -output "vpc_endpoint_security_group_id" { - description = "Security group ID that interface endpoints are attached to" - value = length(module.vpc_endpoints) == 1 ? module.vpc_endpoints[0].security_group_ids[0] : null +output "subnets" { + description = "Subnets grouped by type." + value = module.calculate_subnets.subnets_by_type } diff --git a/provider.tf b/provider.tf new file mode 100644 index 0000000..526f110 --- /dev/null +++ b/provider.tf @@ -0,0 +1,22 @@ +terraform { + required_version = ">= 0.15.0" + experiments = [module_variable_optional_attrs] + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 3.72.0" + } + awscc = { + source = "hashicorp/awscc" + version = ">= 0.13.0" + } + } +} + +provider "awscc" { + user_agent = [{ + product_name = "terraform-awscc-vpc" + product_version = "0.0.1" + comment = "V1/AWS-D69B4015/376222146" + }] +} diff --git a/setup_workspace/variables.tf b/setup_workspace/variables.tf deleted file mode 100644 index b69e1e1..0000000 --- a/setup_workspace/variables.tf +++ /dev/null @@ -1,30 +0,0 @@ -variable "AWS_ACCESS_KEY_ID" { - type = string -} -variable "AWS_SECRET_ACCESS_KEY" { - type = string -} -variable "AWS_SESSION_TOKEN" { - type = string - default = "" -} -variable "tfe_organization" { - type = string -} -variable "tfe_workspace" { - type = string - default = "" -} -variable "tfe_email" { - type = string - default = "someone@somewhere.resource" -} -variable "working_directory" { - type = string - default = "/deploy" -} -variable "region" { - type = string - default = "us-east-2" -} - diff --git a/setup_workspace/workspace.tf b/setup_workspace/workspace.tf deleted file mode 100644 index ed7accb..0000000 --- a/setup_workspace/workspace.tf +++ /dev/null @@ -1,62 +0,0 @@ - -terraform { - required_version = ">= 1.0.0" -} -locals { - dir_down = ".." -} - -# Generate new terraform org and workspace - -module "tfcloud" { - source = "aws-ia/cloud_workspace/hashicorp" - version = "0.0.2" - tfe_email = var.tfe_email - tfe_organization = var.tfe_organization - tfe_workspace = var.tfe_workspace - AWS_ACCESS_KEY_ID = var.AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY = var.AWS_SECRET_ACCESS_KEY - AWS_SESSION_TOKEN = var.AWS_SESSION_TOKEN - working_directory = var.working_directory - region = var.region -} - - -resource "null_resource" "setup_backend_file" { - depends_on = [module.tfcloud] - provisioner "local-exec" { - command = "mv backend.hcl ${local.dir_down}${var.working_directory}" - } -} - - -resource "null_resource" "remoteinit" { - depends_on = [null_resource.setup_backend_file] - provisioner "local-exec" { - working_dir = "${local.dir_down}${var.working_directory}" - command = "terraform init -backend-config=backend.hcl" - } -} - -output "user_instructions" { - value = <= 16) && can(split("/", var.cidr)[1] <= 28) - error_message = "Value must be a valid cidr block and must have a subnet mask from 28 to 16. eg.: \"10.0.0.0/16\"." - } + default = null } -variable "public_subnet_cidrs" { - description = "A list of CIDR blocks to use for public subnets. Default is 3 /20 cidrs from the CIDR range specified in the cidr variable. The number of public subnets is inferred from the number of CIDR's provided. If availability_zones are specified, it must have the same number of elements. If not specified, the number of elements must not be greater than the number of availability zones in the region." - type = list(string) +variable "vpc_ipv4_netmask_length" { + description = "Set to use IPAM to get CIDR block using a specified netmask. Must be set with var.vpc_ipv4_ipam_pool_id." + type = string default = null - validation { - condition = can([for s in var.public_subnet_cidrs : regex("^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", s)]) || var.public_subnet_cidrs == null - error_message = "Each element of the list must be a valid CIDR block." - } } -variable "private_subnet_a_cidrs" { - description = "A list of CIDR blocks to use for private subnets. Default is 3 /19 cidrs from the CIDR range specified in the cidr variable. The number of private subnets is inferred from the number of CIDR's provided. If availability_zones are specified, must have the same number of elements. If not specified, the number of elements must not be greater than the number of availability zones in the region." - type = list(string) - default = null +variable "subnets" { + description = "Configuration of subnets to build in VPC. Valid key restriction information found in variables.tf." + type = any + + ######### EXAMPLE ######### + # subnets = { + # public = { + # name_prefix = "my-public" # omit to prefix with "public" + # netmask = 24 + # nat_gateway_configuration = "all_azs" # options: "single_az", "none" + # tags = { env = "dev" } + # } + + # private = { + # name_prefix = "private" + # netmask = 24 + # route_to_nat = true + # } + # } + ########################### + + # Only valid keys for var.subnets validation { - condition = can([for s in var.private_subnet_a_cidrs : regex("^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", s)]) || var.private_subnet_a_cidrs == null - error_message = "Each element of the list must be a valid CIDR block." + error_message = "Only valid key values \"public\", \"private\"." + condition = length(setsubtract(keys(var.subnets), [ + "public", + "private" + ])) == 0 } -} -variable "private_subnet_b_cidrs" { - description = "A list of CIDR blocks to use for private subnets. Default is 3 /19 cidrs from the CIDR range specified in the cidr variable. The number of private subnets is inferred from the number of CIDR's provided." - type = list(string) - default = null + # All var.subnets.public valid keys validation { - condition = can([for s in var.private_subnet_b_cidrs : regex("^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", s)]) || var.private_subnet_b_cidrs == null - error_message = "Each element of the list must be a valid CIDR block." + error_message = "Invalid key in public subnets. Valid options include: \"cidrs\", \"netmask\", \"name_prefix\", \"nat_gateway_configuration\", \"tags\"." + condition = length(setsubtract(keys(try(var.subnets.public, {})), [ + "cidrs", + "netmask", + "name_prefix", + "nat_gateway_configuration", + "tags" + ])) == 0 } -} - -variable "public_inbound_acl_rules" { - description = "Public subnets inbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} -variable "public_outbound_acl_rules" { - description = "Public subnets outbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} - -variable "private_a_inbound_acl_rules" { - description = "Private subnet A's inbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} - -variable "private_a_outbound_acl_rules" { - description = "Private subnet A's outbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} - -variable "private_b_inbound_acl_rules" { - description = "Private subnet B's inbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} + # All var.subnets.private valid keys + validation { + error_message = "Invalid key in private subnets. Valid options include: \"cidrs\", \"netmask\", \"name_prefix\", \"route_to_nat\", \"tags\"." + condition = length(setsubtract(keys(try(var.subnets.private, {})), [ + "cidrs", + "netmask", + "name_prefix", + "route_to_nat", + "tags" + ])) == 0 + } -variable "private_b_outbound_acl_rules" { - description = "Private subnet B's outbound network ACLs. Default allows all traffic" - type = list(map(string)) - default = [ - { - rule_number = 100 - rule_action = "allow" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_block = "0.0.0.0/0" - }, - ] -} + validation { + error_message = "Each subnet type must contain only 1 key: `cidrs` or `netmask`." + condition = alltrue([for subnet_type, v in var.subnets : length(setintersection(keys(v), ["cidrs", "netmask"])) == 1]) + } -variable "availability_zones" { - description = "A list of availability zones to use for subnets. If this is not provided availability zones for subnets will be automatically selected" - type = list(string) - default = null -} + validation { + error_message = "Public subnet `nat_gateway_configuration` can only be `all_azs`, `single_az`, `none`, or `null`." + condition = can(regex("^(all_azs|single_az|none)$", var.subnets.public.nat_gateway_configuration)) || try(var.subnets.public.nat_gateway_configuration, null) == null + } -variable "create_igw" { - description = "If set to false no IGW will be created for the public subnets. Setting this to false will also disable NAT gateways on private subnets, as NAT gateways require IGW in public subnets" - type = bool - default = true -} + validation { + error_message = "If private.route_to_nat == true, then public.nat_gateway_configuration must be either `all_azs` or `single_az`." + condition = try(var.subnets.private.route_to_nat, false) ? can(regex("^(all_azs|single_az)$", var.subnets.public.nat_gateway_configuration)) : true + } -variable "create_nat_gateways_private_a" { - description = "If set to false no NAT gateways will be created for the private_a subnets" - type = bool - default = true + validation { + error_message = "Any subnet type `name_prefix` must not contain \"/\"." + condition = alltrue([for _, v in var.subnets : !can(regex("/", try(v.name_prefix, "")))]) + } } -variable "create_nat_gateways_private_b" { - description = "If set to false no NAT gateways will be created for the private_b subnets" - type = bool - default = false +variable "tags" { + description = "Tags to apply to all resources." + type = map(string) + default = {} } -variable "enabled_gateway_endpoints" { - description = "List of shortened gateway endpoint names that are to be enabled. Endpoints will be attached to the private_a and private_b route tables. Shortened names are the endpoint name excluding the dns style prefix, so \"com.amazonaws.us-east-1.s3\" would be entered as \"s3\". For a full list of available endpoint names, see the aws-ia/vpc_endpoints module on the terraform registry." - type = list(string) - default = [] -} +variable "vpc_flow_logs" { + description = "Whether or not to create VPC flow logs and which type. Options: \"cloudwatch\", \"s3\", \"none\". By default creates flow logs to `cloudwatch`. Variable overrides null value types for some keys, defined in defaults.tf." + nullable = false + type = object({ + log_destination = optional(string) + iam_role_arn = optional(string) + kms_key_id = optional(string) + + log_destination_type = string + retention_in_days = optional(number) + tags = optional(map(string)) + traffic_type = optional(string) + destination_options = optional(object({ + file_format = optional(string) + hive_compatible_partitions = optional(bool) + per_hour_partition = optional(bool) + })) + }) + + default = { + log_destination_type = "none" + } -variable "enabled_interface_endpoints" { - description = "List of shortened interface endpoint names that are to be enabled. Endpoints will be attached to the private_b subnets. A dedicated security group will be created (allowing tcp443 ingress from vpc cidr) and outputted as \"vpc_endpoint_security_group_id\". Shortened names are the endpoint name excluding the dns style prefix, so \"com.amazonaws.us-east-1.s3\" would be entered as \"s3\". For a full list of available endpoint names, see the aws-ia/vpc_endpoints module on the terraform registry. For advanced configuration options, use the aws-ia/vpc_endpoints module directly." - type = list(string) - default = [] + validation { + condition = can(regex("^(cloud-watch-logs|s3|none)$", var.vpc_flow_logs.log_destination_type)) + error_message = "Invalid input, options: \"cloud-watch-logs\", \"s3\", or \"none\"." + } } From 57528b30e568f247d118ea08773842f46e397efa Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 23 Mar 2022 10:35:49 -0400 Subject: [PATCH 02/12] update docs --- .header.md | 6 ++++-- examples/public_private_flow_logs/main.tf | 2 +- examples/public_private_flow_logs/variables.tf | 5 +++++ 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.header.md b/.header.md index 6799e3b..9e09283 100644 --- a/.header.md +++ b/.header.md @@ -1,12 +1,14 @@ # VPC Module Pre-release docs -This set of documentation is for evaluation purposes only. Docs will be fully rewritten before GA +This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. ## Usage +The example below builds a VPC with public and private subnets in 3 AZs. Each subnet calulates a CIDR based on the `netmask` argument passed. The public subnets build nat gateways in each AZ but optionally can be switched to `single_az`. + ```hcl module "vpc" { - source = "git@github.com:aws-ia/terraform-awscc-vpc" + source = "aws-ia/vpc/aws" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" diff --git a/examples/public_private_flow_logs/main.tf b/examples/public_private_flow_logs/main.tf index 487ea6b..1c93924 100644 --- a/examples/public_private_flow_logs/main.tf +++ b/examples/public_private_flow_logs/main.tf @@ -23,6 +23,6 @@ module "vpc" { vpc_flow_logs = { log_destination_type = "cloud-watch-logs" retention_in_days = 180 - kms_key_id = null + kms_key_id = var.kms_key_id } } diff --git a/examples/public_private_flow_logs/variables.tf b/examples/public_private_flow_logs/variables.tf index e69de29..e8a1109 100644 --- a/examples/public_private_flow_logs/variables.tf +++ b/examples/public_private_flow_logs/variables.tf @@ -0,0 +1,5 @@ +variable "kms_key_id" { + description = "KMS Key ID" + type = string + default = null +} From caa431a0195e86cb597c4258f9e232386e9bd6a1 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 23 Mar 2022 10:39:52 -0400 Subject: [PATCH 03/12] tf-docs --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9f1208c..a6f6c5b 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,15 @@ # VPC Module Pre-release docs -This set of documentation is for evaluation purposes only. Docs will be fully rewritten before GA +This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. ## Usage +The example below builds a VPC with public and private subnets in 3 AZs. Each subnet calulates a CIDR based on the `netmask` argument passed. The public subnets build nat gateways in each AZ but optionally can be switched to `single_az`. + ```hcl module "vpc" { - source = "git@github.com:aws-ia/terraform-awscc-vpc" + source = "aws-ia/vpc/aws" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" From a6948403063247df30c231d0abdd7caae5ad700c Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 23 Mar 2022 10:55:12 -0400 Subject: [PATCH 04/12] fix example --- .header.md | 28 ++++++++++++++++++---------- README.md | 28 ++++++++++++++++++---------- 2 files changed, 36 insertions(+), 20 deletions(-) diff --git a/.header.md b/.header.md index 9e09283..e9b2a53 100644 --- a/.header.md +++ b/.header.md @@ -48,11 +48,15 @@ Before: ```hcl vpc_cidr_block = "10.0.0.0/16" az_count = 2 -private = { - netmask = 24 -} -public = { - netmask = 24 + +subnets = { + public = { + netmask = 24 + } + + private = { + netmask = 24 + } } ``` @@ -60,11 +64,15 @@ After: ```hcl vpc_cidr_block = "10.0.0.0/16" az_count = 3 -private = { - cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] -} -public = { - cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] + +subnets = { + public = { + cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] + } + + private = { + cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] + } } ``` diff --git a/README.md b/README.md index a6f6c5b..c0c0595 100644 --- a/README.md +++ b/README.md @@ -49,11 +49,15 @@ Before: ```hcl vpc_cidr_block = "10.0.0.0/16" az_count = 2 -private = { - netmask = 24 -} -public = { - netmask = 24 + +subnets = { + public = { + netmask = 24 + } + + private = { + netmask = 24 + } } ``` @@ -61,11 +65,15 @@ After: ```hcl vpc_cidr_block = "10.0.0.0/16" az_count = 3 -private = { - cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] -} -public = { - cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] + +subnets = { + public = { + cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"] + } + + private = { + cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"] + } } ``` From 0f163d7ad82af3ce3057aa69bf9707f1af361d05 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 23 Mar 2022 11:00:59 -0400 Subject: [PATCH 05/12] update version of cidr subnet calculator --- modules/calculate_subnets/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/calculate_subnets/main.tf b/modules/calculate_subnets/main.tf index a8de274..028b6fe 100644 --- a/modules/calculate_subnets/main.tf +++ b/modules/calculate_subnets/main.tf @@ -21,7 +21,7 @@ module "subnet_calculator" { count = local.types_to_calculate == [] ? 0 : 1 #TODO: switch to registry link once published source = "drewmullen/subnets/cidr" - version = "1.0.0" + version = "1.0.2" base_cidr_block = var.cidr networks = local.calculated_subnet_objects From a1263621557c3d3a1ed347bcb8618a0bcd9c06a1 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 23 Mar 2022 11:02:41 -0400 Subject: [PATCH 06/12] remove unnecessary comments --- modules/calculate_subnets/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/calculate_subnets/main.tf b/modules/calculate_subnets/main.tf index 028b6fe..87c7d57 100644 --- a/modules/calculate_subnets/main.tf +++ b/modules/calculate_subnets/main.tf @@ -19,7 +19,7 @@ locals { module "subnet_calculator" { count = local.types_to_calculate == [] ? 0 : 1 - #TODO: switch to registry link once published + source = "drewmullen/subnets/cidr" version = "1.0.2" From 3efe7fffe3d7f665bbcf90642dd5e22441666ffa Mon Sep 17 00:00:00 2001 From: drewmullen Date: Thu, 24 Mar 2022 09:17:29 -0400 Subject: [PATCH 07/12] include tests --- test/examples_ipam_test.go | 28 ++ test/examples_private_only_test.go | 17 + test/examples_public_only_test.go | 17 + test/examples_public_private_test.go | 17 + test/go.mod | 55 +++ test/go.sum | 594 +++++++++++++++++++++++ test/hcl_fixtures/ipam_base/main.tf | 16 + test/hcl_fixtures/ipam_base/outputs.tf | 4 + test/hcl_fixtures/ipam_base/providers.tf | 11 + test/hcl_fixtures/ipam_base/variables.tf | 0 10 files changed, 759 insertions(+) create mode 100644 test/examples_ipam_test.go create mode 100644 test/examples_private_only_test.go create mode 100644 test/examples_public_only_test.go create mode 100644 test/examples_public_private_test.go create mode 100644 test/go.mod create mode 100644 test/go.sum create mode 100644 test/hcl_fixtures/ipam_base/main.tf create mode 100644 test/hcl_fixtures/ipam_base/outputs.tf create mode 100644 test/hcl_fixtures/ipam_base/providers.tf create mode 100644 test/hcl_fixtures/ipam_base/variables.tf diff --git a/test/examples_ipam_test.go b/test/examples_ipam_test.go new file mode 100644 index 0000000..f941abb --- /dev/null +++ b/test/examples_ipam_test.go @@ -0,0 +1,28 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestExamplesIPAM(t *testing.T) { + + ipamBase := &terraform.Options{ + TerraformDir: "./hcl_fixtures/ipam_base", + } + defer terraform.Destroy(t, ipamBase) + terraform.InitAndApply(t, ipamBase) + + pool_id := terraform.Output(t, ipamBase, "pool_id") + + terraformOptions := &terraform.Options{ + TerraformDir: "../examples/ipam", + Vars: map[string]interface{}{ + "ipam_pool_id": pool_id, + }, + } + + defer terraform.Destroy(t, terraformOptions) + terraform.InitAndApply(t, terraformOptions) +} diff --git a/test/examples_private_only_test.go b/test/examples_private_only_test.go new file mode 100644 index 0000000..2d097dd --- /dev/null +++ b/test/examples_private_only_test.go @@ -0,0 +1,17 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestExamplesPrivateOnly(t *testing.T) { + + terraformOptions := &terraform.Options{ + TerraformDir: "../examples/private_only", + } + + defer terraform.Destroy(t, terraformOptions) + terraform.InitAndApply(t, terraformOptions) +} diff --git a/test/examples_public_only_test.go b/test/examples_public_only_test.go new file mode 100644 index 0000000..579b9ea --- /dev/null +++ b/test/examples_public_only_test.go @@ -0,0 +1,17 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestExamplesPublicOnly(t *testing.T) { + + terraformOptions := &terraform.Options{ + TerraformDir: "../examples/public_only", + } + + defer terraform.Destroy(t, terraformOptions) + terraform.InitAndApply(t, terraformOptions) +} diff --git a/test/examples_public_private_test.go b/test/examples_public_private_test.go new file mode 100644 index 0000000..102e9eb --- /dev/null +++ b/test/examples_public_private_test.go @@ -0,0 +1,17 @@ +package test + +import ( + "testing" + + "github.com/gruntwork-io/terratest/modules/terraform" +) + +func TestExamplesPublicPrivate(t *testing.T) { + + terraformOptions := &terraform.Options{ + TerraformDir: "../examples/public_private_flow_logs", + } + + defer terraform.Destroy(t, terraformOptions) + terraform.InitAndApply(t, terraformOptions) +} diff --git a/test/go.mod b/test/go.mod new file mode 100644 index 0000000..a0f13e8 --- /dev/null +++ b/test/go.mod @@ -0,0 +1,55 @@ +module github.com/aws-ia/terraform-awscc-vpc + +go 1.17 + +require ( + cloud.google.com/go v0.83.0 // indirect + cloud.google.com/go/storage v1.10.0 // indirect + github.com/agext/levenshtein v1.2.3 // indirect + github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/aws/aws-sdk-go v1.40.56 // indirect + github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/snappy v0.0.3 // indirect + github.com/googleapis/gax-go/v2 v2.0.5 // indirect + github.com/gruntwork-io/terratest v0.40.5 // indirect + github.com/hashicorp/errwrap v1.0.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-getter v1.5.9 // indirect + github.com/hashicorp/go-multierror v1.1.0 // indirect + github.com/hashicorp/go-safetemp v1.0.0 // indirect + github.com/hashicorp/go-version v1.3.0 // indirect + github.com/hashicorp/hcl/v2 v2.9.1 // indirect + github.com/hashicorp/terraform-json v0.13.0 // indirect + github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jstemmer/go-junit-report v0.9.1 // indirect + github.com/klauspost/compress v1.13.0 // indirect + github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/go-testing-interface v1.0.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/stretchr/testify v1.7.0 // indirect + github.com/tmccombs/hcl2json v0.3.3 // indirect + github.com/ulikunitz/xz v0.5.8 // indirect + github.com/zclconf/go-cty v1.9.1 // indirect + go.opencensus.io v0.23.0 // indirect + golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a // indirect + golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect + golang.org/x/mod v0.4.2 // indirect + golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect + golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c // indirect + golang.org/x/sys v0.0.0-20210603125802-9665404d3644 // indirect + golang.org/x/text v0.3.6 // indirect + golang.org/x/tools v0.1.2 // indirect + golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + google.golang.org/api v0.47.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect + google.golang.org/grpc v1.38.0 // indirect + google.golang.org/protobuf v1.26.0 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect +) diff --git a/test/go.sum b/test/go.sum new file mode 100644 index 0000000..dbaeade --- /dev/null +++ b/test/go.sum @@ -0,0 +1,594 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= +cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= +cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go v0.83.0 h1:bAMqZidYkmIsUqe6PtkEPT7Q+vfizScn+jfNA6jwK9c= +cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0 h1:STgFzyU5/8miMl0//zKh2aQeTyeaUH3WN9bSUiJ09bA= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= +github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= +github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= +github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= +github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= +github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= +github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/gruntwork-io/terratest v0.40.5 h1:pyVVPGlXpeX1Bs8wiQIsl6VxIMYvXfoOh6xcCnj2WLY= +github.com/gruntwork-io/terratest v0.40.5/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= +github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= +github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-getter v1.5.9 h1:b7ahZW50iQiUek/at3CvZhPK1/jiV6CtKcsJiR6E4R0= +github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= +github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI= +github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= +github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= +github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw= +github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl/v2 v2.9.1 h1:eOy4gREY0/ZQHNItlfuEZqtcQbXIxzojlP301hDpnac= +github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= +github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= +github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= +github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= +github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.13.0 h1:2T7tUoQrQT+fQWdaY5rjWztFGAFwbGD04iPJg90ZiOs= +github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2Zv40+8XitdzCgXY6e9qvXwN9W0YXg= +github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= +github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= +github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= +github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= +github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= +github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= +github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= +github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= +go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= +golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210603125802-9665404d3644 h1:CA1DEQ4NdKphKeL70tvsWNdT5oFh1lOjihRcEDROi0I= +golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2 h1:kRBLX7v7Af8W7Gdbbc908OJcdgtK8bOz9Uaj8/F1ACA= +golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.47.0 h1:sQLWZQvP6jPGIP4JGPkJu4zHswrv81iobiyszr3b/0I= +google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c h1:wtujag7C+4D6KMoulW9YauvK2lgdvCMS260jsqqBXr0= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= +google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/test/hcl_fixtures/ipam_base/main.tf b/test/hcl_fixtures/ipam_base/main.tf new file mode 100644 index 0000000..27e128a --- /dev/null +++ b/test/hcl_fixtures/ipam_base/main.tf @@ -0,0 +1,16 @@ +data "aws_region" "current" {} + +module "ipam" { + source = "aws-ia/ipam/aws" + version = ">= 1.0.0" + + top_cidr = ["10.0.0.0/8"] + + pool_configurations = { + "${data.aws_region.current.name}" = { + description = "${data.aws_region.current.name} top level pool" + cidr = ["10.0.0.0/16"] + locale = data.aws_region.current.name + } + } +} diff --git a/test/hcl_fixtures/ipam_base/outputs.tf b/test/hcl_fixtures/ipam_base/outputs.tf new file mode 100644 index 0000000..94f5a3f --- /dev/null +++ b/test/hcl_fixtures/ipam_base/outputs.tf @@ -0,0 +1,4 @@ +output "pool_id" { + description = "Pool ID." + value = module.ipam.pools_level_1["${data.aws_region.current.name}"].id +} diff --git a/test/hcl_fixtures/ipam_base/providers.tf b/test/hcl_fixtures/ipam_base/providers.tf new file mode 100644 index 0000000..af07474 --- /dev/null +++ b/test/hcl_fixtures/ipam_base/providers.tf @@ -0,0 +1,11 @@ +terraform { + required_version = ">= 0.15.0" + experiments = [module_variable_optional_attrs] + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 3.72.0" + } + } +} + diff --git a/test/hcl_fixtures/ipam_base/variables.tf b/test/hcl_fixtures/ipam_base/variables.tf new file mode 100644 index 0000000..e69de29 From 2edb4294c0f26ae994e27129e15d0194c941ed34 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Thu, 24 Mar 2022 09:18:42 -0400 Subject: [PATCH 08/12] feedback updates --- .header.md | 5 +++-- README.md | 7 ++++--- examples/ipam/main.tf | 2 +- modules/calculate_subnets/{provider.tf => providers.tf} | 0 modules/flow_logs/{provider.tf => providers.tf} | 0 provider.tf => providers.tf | 2 +- variables.tf | 3 ++- 7 files changed, 11 insertions(+), 8 deletions(-) rename modules/calculate_subnets/{provider.tf => providers.tf} (100%) rename modules/flow_logs/{provider.tf => providers.tf} (100%) rename provider.tf => providers.tf (93%) diff --git a/.header.md b/.header.md index e9b2a53..e65ad7c 100644 --- a/.header.md +++ b/.header.md @@ -1,4 +1,4 @@ -# VPC Module Pre-release docs +# AWS VPC Module This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. @@ -8,7 +8,8 @@ The example below builds a VPC with public and private subnets in 3 AZs. Each su ```hcl module "vpc" { - source = "aws-ia/vpc/aws" + source = "aws-ia/vpc/aws" + versions = ">= 1.0.0" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" diff --git a/README.md b/README.md index c0c0595..c72cfad 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -# VPC Module Pre-release docs +# AWS VPC Module This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. @@ -9,7 +9,8 @@ The example below builds a VPC with public and private subnets in 3 AZs. Each su ```hcl module "vpc" { - source = "aws-ia/vpc/aws" + source = "aws-ia/vpc/aws" + versions = ">= 1.0.0" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" @@ -85,7 +86,7 @@ The above example will cause only creating 2 new subnets in az `c` of the region |------|---------| | [terraform](#requirement\_terraform) | >= 0.15.0 | | [aws](#requirement\_aws) | >= 3.72.0 | -| [awscc](#requirement\_awscc) | >= 0.13.0 | +| [awscc](#requirement\_awscc) | >= 0.15.0 | ## Providers diff --git a/examples/ipam/main.tf b/examples/ipam/main.tf index e1aa9dc..fcc0a89 100644 --- a/examples/ipam/main.tf +++ b/examples/ipam/main.tf @@ -1,5 +1,5 @@ module "vpc" { - source = "aws-ia/vpc/awscc" + source = "../.." name = "ipam-vpc" az_count = 3 diff --git a/modules/calculate_subnets/provider.tf b/modules/calculate_subnets/providers.tf similarity index 100% rename from modules/calculate_subnets/provider.tf rename to modules/calculate_subnets/providers.tf diff --git a/modules/flow_logs/provider.tf b/modules/flow_logs/providers.tf similarity index 100% rename from modules/flow_logs/provider.tf rename to modules/flow_logs/providers.tf diff --git a/provider.tf b/providers.tf similarity index 93% rename from provider.tf rename to providers.tf index 526f110..38e87ad 100644 --- a/provider.tf +++ b/providers.tf @@ -8,7 +8,7 @@ terraform { } awscc = { source = "hashicorp/awscc" - version = ">= 0.13.0" + version = ">= 0.15.0" } } } diff --git a/variables.tf b/variables.tf index 6bc4c2a..c2d1d2e 100644 --- a/variables.tf +++ b/variables.tf @@ -145,6 +145,7 @@ variable "tags" { variable "vpc_flow_logs" { description = "Whether or not to create VPC flow logs and which type. Options: \"cloudwatch\", \"s3\", \"none\". By default creates flow logs to `cloudwatch`. Variable overrides null value types for some keys, defined in defaults.tf." nullable = false + type = object({ log_destination = optional(string) iam_role_arn = optional(string) @@ -166,7 +167,7 @@ variable "vpc_flow_logs" { } validation { - condition = can(regex("^(cloud-watch-logs|s3|none)$", var.vpc_flow_logs.log_destination_type)) + condition = contains(["cloud-watch-logs", "s3", "none"], var.vpc_flow_logs.log_destination_type) error_message = "Invalid input, options: \"cloud-watch-logs\", \"s3\", or \"none\"." } } From 3041c9a3c01a5ae680c288c7e9a79e5c64d87289 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Thu, 31 Mar 2022 21:10:47 -0400 Subject: [PATCH 09/12] include headers for examples --- examples/ipam/.header.md | 0 examples/ipam/main.tf | 4 +++- examples/private_only/.header.md | 0 examples/private_only/main.tf | 3 ++- examples/public_only/.header.md | 0 examples/public_only/main.tf | 3 ++- examples/public_private_flow_logs/.header.md | 0 examples/public_private_flow_logs/main.tf | 3 ++- 8 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 examples/ipam/.header.md create mode 100644 examples/private_only/.header.md create mode 100644 examples/public_only/.header.md create mode 100644 examples/public_private_flow_logs/.header.md diff --git a/examples/ipam/.header.md b/examples/ipam/.header.md new file mode 100644 index 0000000..e69de29 diff --git a/examples/ipam/main.tf b/examples/ipam/main.tf index fcc0a89..7eed79e 100644 --- a/examples/ipam/main.tf +++ b/examples/ipam/main.tf @@ -1,5 +1,7 @@ module "vpc" { - source = "../.." + # source = "../.." + source = "aws-ia/vpc/aws" + version = ">= 1.0.0" name = "ipam-vpc" az_count = 3 diff --git a/examples/private_only/.header.md b/examples/private_only/.header.md new file mode 100644 index 0000000..e69de29 diff --git a/examples/private_only/main.tf b/examples/private_only/main.tf index 71c54f3..cd41478 100644 --- a/examples/private_only/main.tf +++ b/examples/private_only/main.tf @@ -1,5 +1,6 @@ module "vpc" { - source = "../.." + source = "aws-ia/vpc/aws" + version = ">= 1.0.0" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" diff --git a/examples/public_only/.header.md b/examples/public_only/.header.md new file mode 100644 index 0000000..e69de29 diff --git a/examples/public_only/main.tf b/examples/public_only/main.tf index 7e9fb6c..b16fb80 100644 --- a/examples/public_only/main.tf +++ b/examples/public_only/main.tf @@ -1,5 +1,6 @@ module "vpc" { - source = "../.." + source = "aws-ia/vpc/aws" + version = ">= 1.0.0" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" diff --git a/examples/public_private_flow_logs/.header.md b/examples/public_private_flow_logs/.header.md new file mode 100644 index 0000000..e69de29 diff --git a/examples/public_private_flow_logs/main.tf b/examples/public_private_flow_logs/main.tf index 1c93924..d5e1d5b 100644 --- a/examples/public_private_flow_logs/main.tf +++ b/examples/public_private_flow_logs/main.tf @@ -1,5 +1,6 @@ module "vpc" { - source = "../.." + source = "aws-ia/vpc/aws" + version = ">= 1.0.0" name = "multi-az-vpc" vpc_cidr_block = "10.0.0.0/20" From 1a0d22d50b791c38bd8fb98d2e9c01dc42cd73c4 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Thu, 31 Mar 2022 21:16:26 -0400 Subject: [PATCH 10/12] include readmes for examples --- examples/ipam/README.md | 31 +++++++++++++++++++++ examples/private_only/README.md | 29 +++++++++++++++++++ examples/public_only/README.md | 29 +++++++++++++++++++ examples/public_private_flow_logs/README.md | 31 +++++++++++++++++++++ 4 files changed, 120 insertions(+) create mode 100644 examples/ipam/README.md create mode 100644 examples/private_only/README.md create mode 100644 examples/public_only/README.md create mode 100644 examples/public_private_flow_logs/README.md diff --git a/examples/ipam/README.md b/examples/ipam/README.md new file mode 100644 index 0000000..1b539f9 --- /dev/null +++ b/examples/ipam/README.md @@ -0,0 +1,31 @@ + +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [vpc](#module\_vpc) | aws-ia/vpc/aws | >= 1.0.0 | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [ipam\_pool\_id](#input\_ipam\_pool\_id) | pool id to request CIDR from. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [subnets](#output\_subnets) | Map of subnet types with key/value az = cidr. | + \ No newline at end of file diff --git a/examples/private_only/README.md b/examples/private_only/README.md new file mode 100644 index 0000000..7546c36 --- /dev/null +++ b/examples/private_only/README.md @@ -0,0 +1,29 @@ + +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [vpc](#module\_vpc) | aws-ia/vpc/aws | >= 1.0.0 | + +## Resources + +No resources. + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [subnets](#output\_subnets) | Map of subnet types with key/value az = cidr. | + \ No newline at end of file diff --git a/examples/public_only/README.md b/examples/public_only/README.md new file mode 100644 index 0000000..7546c36 --- /dev/null +++ b/examples/public_only/README.md @@ -0,0 +1,29 @@ + +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [vpc](#module\_vpc) | aws-ia/vpc/aws | >= 1.0.0 | + +## Resources + +No resources. + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [subnets](#output\_subnets) | Map of subnet types with key/value az = cidr. | + \ No newline at end of file diff --git a/examples/public_private_flow_logs/README.md b/examples/public_private_flow_logs/README.md new file mode 100644 index 0000000..bdbcb16 --- /dev/null +++ b/examples/public_private_flow_logs/README.md @@ -0,0 +1,31 @@ + +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [vpc](#module\_vpc) | aws-ia/vpc/aws | >= 1.0.0 | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [kms\_key\_id](#input\_kms\_key\_id) | KMS Key ID | `string` | `null` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [subnets](#output\_subnets) | Map of subnet types with key/value az = cidr. | + \ No newline at end of file From 7351db99f80e38077b9919c9b0aa40bc7239d269 Mon Sep 17 00:00:00 2001 From: drewmullen Date: Fri, 1 Apr 2022 09:52:49 -0400 Subject: [PATCH 11/12] tf-docs --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c72cfad..bfdf093 100644 --- a/README.md +++ b/README.md @@ -92,8 +92,8 @@ The above example will cause only creating 2 new subnets in az `c` of the region | Name | Version | |------|---------| -| [aws](#provider\_aws) | 4.6.0 | -| [awscc](#provider\_awscc) | 0.15.0 | +| [aws](#provider\_aws) | 4.8.0 | +| [awscc](#provider\_awscc) | 0.0.1 | ## Modules From f0c0bdf21f6295186c95a2ac2b440909f44b9eef Mon Sep 17 00:00:00 2001 From: drewmullen Date: Wed, 6 Apr 2022 12:04:21 -0400 Subject: [PATCH 12/12] update link from local to github --- .header.md | 2 +- README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.header.md b/.header.md index e65ad7c..4b18f5a 100644 --- a/.header.md +++ b/.header.md @@ -1,6 +1,6 @@ # AWS VPC Module -This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. +This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](https://github.com/aws-ia/terraform-aws-vpc/tree/main/examples). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. ## Usage diff --git a/README.md b/README.md index bfdf093..b990fee 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # AWS VPC Module -This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](./examples/). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. +This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](https://github.com/aws-ia/terraform-aws-vpc/tree/main/examples). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument. ## Usage @@ -93,7 +93,7 @@ The above example will cause only creating 2 new subnets in az `c` of the region | Name | Version | |------|---------| | [aws](#provider\_aws) | 4.8.0 | -| [awscc](#provider\_awscc) | 0.0.1 | +| [awscc](#provider\_awscc) | 0.16.0 | ## Modules