adding the new cloudformation api and refactoring the cmd to use it

.gitignore

@@ -12,4 +12,7 @@ cover.out
 
 aft-deployment
 
-pre-flight.sh
+pre-flight.sh
+
+aft-deployment-pipeline.yaml
+aft-deployment.zip

cmd/deploy/prereqs/cmd.go

@@ -13,8 +13,24 @@ import (
 )
 
 var args struct {
-	terraformStateBucketName   string
-	aftManagementAccountID     string
+	// terraform args
+	terraformStateBucketName string
+	tfVersion                string
+	terraformDistribution    string
+
+	// control tower args
+	aftManagementAccountID             string
+	ctManagementAccountID              string
+	logArchiveAccountID                string
+	auditAccountID                     string
+	ctHomeRegion                       string
+	tfBackendSecondaryRegion           string
+	aftMetricsReporting                bool
+	aftFeatureCloudtrailDataEvents     bool
+	aftFeatureEnterpriseSupport        bool
+	aftFeatureDeleteDefaultVPCsEnabled bool
+
+	// deployment resources args
 	branchName                 string
 	gitSourceRepo              string
 	codeBuildDockerImage       string
@@ -26,7 +42,6 @@ var args struct {
 	codeBuildRoleName          string
 	projectName                string
 	pipelineName               string
-	tfVersion                  string
 }
 
 // Cmd is the exported command for the AFT prerequisites.
@@ -156,6 +171,81 @@ func init() {
 		"Terraform version to be used in the deployment and for AFT",
 	)
 
+	flags.StringVarP(
+		&args.terraformDistribution,
+		"terraform-distribution",
+		"",
+		"oss",
+		"Terraform distribution: oss/tfc",
+	)
+
+	flags.StringVar(
+		&args.ctManagementAccountID,
+		"ct-management-account-id",
+		"",
+		"CT Management account id (aka payer/root/master account)",
+	)
+
+	flags.StringVar(
+		&args.logArchiveAccountID,
+		"ct-log-archive-account-id",
+		"",
+		"CT Log Archive account id",
+	)
+
+	flags.StringVar(
+		&args.auditAccountID,
+		"ct-audit-account-id",
+		"",
+		"CT Audit account id",
+	)
+
+	flags.StringVar(
+		&args.ctHomeRegion,
+		"ct-home-region",
+		"",
+		"CT main region",
+	)
+
+	flags.StringVar(
+		&args.tfBackendSecondaryRegion,
+		"ct-seccondary-region",
+		"",
+		"CT seccondary region",
+	)
+
+	flags.BoolVarP(
+		&args.aftMetricsReporting,
+		"aft-enable-metrics-reporting",
+		"",
+		true,
+		"Wheter to enable reporting metrics or not",
+	)
+
+	flags.BoolVarP(
+		&args.aftFeatureCloudtrailDataEvents,
+		"aft-enable-cloudtrail-data-events",
+		"",
+		true,
+		"Wheter to enable cloudtrail data events",
+	)
+
+	flags.BoolVarP(
+		&args.aftFeatureEnterpriseSupport,
+		"aft-enable-enterprise-support",
+		"",
+		true,
+		"Wheter to enable enterprise support in created accounts",
+	)
+
+	flags.BoolVarP(
+		&args.aftFeatureDeleteDefaultVPCsEnabled,
+		"aft-delete-default-vpc",
+		"",
+		true,
+		"Wheter to enable enterprise support in created accounts",
+	)
+
 }
 
 func run(cmd *cobra.Command, _ []string) {
@@ -167,6 +257,10 @@ func run(cmd *cobra.Command, _ []string) {
 
 	interpolatedCodeSuiteBucketName := args.aftManagementAccountID + "-" + args.codePipelineBucketName
 
+	interpolatedZIPFileName := args.gitSourceRepo + ".zip"
+
+	interpolatedCloudformationStackName := args.gitSourceRepo + "-cloudformation-stack"
+
 	codebuildTrustRelationshipService := "codebuild.amazonaws.com"
 	codePipelineTrustRelationshipService := "codepipeline.amazonaws.com"
 
@@ -214,11 +308,47 @@ func run(cmd *cobra.Command, _ []string) {
 		args.codeBuildRoleName,
 	)
 
+	// Ensure the CodeCommit repo is created with initial code
+	initialcommit.GenerateCommitFiles(
+		args.gitSourceRepo,
+		terraformStateBucketName,
+		"us-east-1",
+		args.tfVersion,
+		args.ctManagementAccountID,
+		args.logArchiveAccountID,
+		args.auditAccountID,
+		args.aftManagementAccountID,
+		args.ctHomeRegion,
+		args.tfBackendSecondaryRegion,
+		args.aftMetricsReporting,
+		args.aftFeatureCloudtrailDataEvents,
+		args.aftFeatureEnterpriseSupport,
+		args.aftFeatureDeleteDefaultVPCsEnabled,
+		args.terraformDistribution,
+	)
+
+	aws.UploadToS3(
+		awsClient.GetS3Client(),
+		interpolatedCodeSuiteBucketName,
+		interpolatedZIPFileName,
+		interpolatedZIPFileName,
+	)
+
+	// Ensure the repository is created
+	// aws.EnsureCodeCommitRepoExists(
+	// 	awsClient.GetCodeCommitClient(),
+	// 	args.gitSourceRepo,
+	// 	args.gitSourceDescription,
+	// )
+
 	// Ensure the repository is created
-	aws.EnsureCodeCommitRepoExists(
-		awsClient.GetCodeCommitClient(),
+	aws.EnsureCloudformationExists(
+		awsClient.CloudformationClient(),
+		interpolatedCloudformationStackName,
 		args.gitSourceRepo,
 		args.gitSourceDescription,
+		interpolatedCodeSuiteBucketName,
+		interpolatedZIPFileName,
 	)
 
 	// Ensure the Code Build Project is created
@@ -244,16 +374,4 @@ func run(cmd *cobra.Command, _ []string) {
 		args.projectName,
 	)
 
-	initialcommit.GenerateCommitFiles(
-		args.gitSourceRepo,
-		terraformStateBucketName,
-		"us-east-1",
-		args.tfVersion,
-	)
-
-	initialcommit.PushCode(
-		args.gitSourceRepo,
-		"us-east-1",
-		args.gitSourceRepo,
-	)
 }

pkg/aws/client.go

@@ -12,6 +12,8 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/cloudformation"
+	"github.com/aws/aws-sdk-go/service/cloudformation/cloudformationiface"
 	"github.com/aws/aws-sdk-go/service/codebuild"
 	"github.com/aws/aws-sdk-go/service/codebuild/codebuildiface"
 	"github.com/aws/aws-sdk-go/service/codecommit"
@@ -32,6 +34,7 @@ type S3Client interface {
 	PutPublicAccessBlock(*s3.PutPublicAccessBlockInput) (*s3.PutPublicAccessBlockOutput, error)
 	PutBucketPolicy(*s3.PutBucketPolicyInput) (*s3.PutBucketPolicyOutput, error)
 	PutBucketTagging(*s3.PutBucketTaggingInput) (*s3.PutBucketTaggingOutput, error)
+	PutObject(*s3.PutObjectInput) (*s3.PutObjectOutput, error)
 }
 
 // CodeCommitClient represents a client for Amazon Code Commit.
@@ -60,13 +63,20 @@ type CodePipelineClient interface {
 	ListPipelines(input *codepipeline.ListPipelinesInput) (*codepipeline.ListPipelinesOutput, error)
 }
 
+// CloudformationClient represents a client for Cloudformation.
+type CloudformationClient interface {
+	CreateStack(*cloudformation.CreateStackInput) (*cloudformation.CreateStackOutput, error)
+	DescribeStacks(*cloudformation.DescribeStacksInput) (*cloudformation.DescribeStacksOutput, error)
+}
+
 // Client struct implementing all the client interfaces
 type Client struct {
-	s3Client           s3iface.S3API
-	iamClient          iamiface.IAMAPI
-	codepipelineClient codepipelineiface.CodePipelineAPI
-	codecommitClient   codecommitiface.CodeCommitAPI
-	codebuildClient    codebuildiface.CodeBuildAPI
+	s3Client             s3iface.S3API
+	iamClient            iamiface.IAMAPI
+	codepipelineClient   codepipelineiface.CodePipelineAPI
+	codecommitClient     codecommitiface.CodeCommitAPI
+	codebuildClient      codebuildiface.CodeBuildAPI
+	cloudformationClient cloudformationiface.CloudFormationAPI
 }
 
 // NewClient loads credentials following the chain credentials
@@ -95,11 +105,12 @@ func NewClient() *Client {
 	}
 
 	return &Client{
-		s3Client:           s3.New(sess),
-		iamClient:          iam.New(sess),
-		codepipelineClient: codepipeline.New(sess),
-		codecommitClient:   codecommit.New(sess),
-		codebuildClient:    codebuild.New(sess),
+		s3Client:             s3.New(sess),
+		iamClient:            iam.New(sess),
+		codepipelineClient:   codepipeline.New(sess),
+		codecommitClient:     codecommit.New(sess),
+		codebuildClient:      codebuild.New(sess),
+		cloudformationClient: cloudformation.New(sess),
 	}
 }
 
@@ -132,3 +143,8 @@ func (ac *Client) CodebuildClient() codebuildiface.CodeBuildAPI {
 func (ac *Client) CodePipelineClient() codepipelineiface.CodePipelineAPI {
 	return ac.codepipelineClient
 }
+
+// CloudformationClient fetches the CodePipeline Client and enables the cmd to use
+func (ac *Client) CloudformationClient() cloudformationiface.CloudFormationAPI {
+	return ac.cloudformationClient
+}