@aws/nx-plugin 0.41.0 → 0.41.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/sdk/terraform.d.ts +6 -0
- package/sdk/terraform.js +11 -0
- package/sdk/terraform.js.map +1 -0
- package/src/terraform/project/files/application/bootstrap/main.tf.template +91 -0
- package/src/terraform/project/files/application/bootstrap/providers.tf.template +6 -0
- package/src/terraform/project/files/application/bootstrap/variables.tf.template +4 -0
- package/src/terraform/project/generator.js +2 -2
- package/src/terraform/project/generator.js.map +1 -1
package/package.json
CHANGED
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
4
|
+
*/
|
|
5
|
+
export { terraformProjectGenerator } from '../src/terraform/project/generator';
|
|
6
|
+
export type { TerraformProjectGeneratorSchema } from '../src/terraform/project/schema';
|
package/sdk/terraform.js
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.terraformProjectGenerator = void 0;
|
|
8
|
+
// Terraform Project Generator
|
|
9
|
+
var generator_1 = require("../src/terraform/project/generator");
|
|
10
|
+
Object.defineProperty(exports, "terraformProjectGenerator", { enumerable: true, get: function () { return generator_1.terraformProjectGenerator; } });
|
|
11
|
+
//# sourceMappingURL=terraform.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"terraform.js","sourceRoot":"","sources":["../../../../packages/nx-plugin/sdk/terraform.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,8BAA8B;AAC9B,gEAA+E;AAAtE,sHAAA,yBAAyB,OAAA"}
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
# Local values for resource naming and tagging
|
|
2
|
+
locals {
|
|
3
|
+
account_id = data.aws_caller_identity.current.account_id
|
|
4
|
+
region = var.aws_region
|
|
5
|
+
bucket_name = "${local.account_id}-tf-state-${local.region}"
|
|
6
|
+
}
|
|
7
|
+
|
|
8
|
+
# S3 bucket for Terraform state
|
|
9
|
+
resource "aws_s3_bucket" "terraform_state" {
|
|
10
|
+
bucket = local.bucket_name
|
|
11
|
+
force_destroy = false
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
# S3 bucket versioning (hardcoded to enabled)
|
|
15
|
+
resource "aws_s3_bucket_versioning" "terraform_state" {
|
|
16
|
+
bucket = aws_s3_bucket.terraform_state.id
|
|
17
|
+
versioning_configuration {
|
|
18
|
+
status = "Enabled"
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
# S3 bucket server-side encryption (hardcoded to AES256)
|
|
23
|
+
resource "aws_s3_bucket_server_side_encryption_configuration" "terraform_state" {
|
|
24
|
+
bucket = aws_s3_bucket.terraform_state.id
|
|
25
|
+
|
|
26
|
+
rule {
|
|
27
|
+
apply_server_side_encryption_by_default {
|
|
28
|
+
sse_algorithm = "AES256"
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
# S3 bucket public access block
|
|
34
|
+
resource "aws_s3_bucket_public_access_block" "terraform_state" {
|
|
35
|
+
bucket = aws_s3_bucket.terraform_state.id
|
|
36
|
+
|
|
37
|
+
block_public_acls = true
|
|
38
|
+
block_public_policy = true
|
|
39
|
+
ignore_public_acls = true
|
|
40
|
+
restrict_public_buckets = true
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
# S3 bucket lifecycle configuration (simplified)
|
|
44
|
+
resource "aws_s3_bucket_lifecycle_configuration" "terraform_state" {
|
|
45
|
+
depends_on = [aws_s3_bucket_versioning.terraform_state]
|
|
46
|
+
bucket = aws_s3_bucket.terraform_state.id
|
|
47
|
+
|
|
48
|
+
rule {
|
|
49
|
+
id = "terraform_state_lifecycle"
|
|
50
|
+
status = "Enabled"
|
|
51
|
+
|
|
52
|
+
# Apply to all objects in the bucket
|
|
53
|
+
filter {}
|
|
54
|
+
|
|
55
|
+
# Delete old versions after 30 days
|
|
56
|
+
noncurrent_version_expiration {
|
|
57
|
+
noncurrent_days = 30
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
# Delete incomplete multipart uploads after 7 days
|
|
61
|
+
abort_incomplete_multipart_upload {
|
|
62
|
+
days_after_initiation = 7
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
# S3 bucket policy to deny insecure connections
|
|
68
|
+
resource "aws_s3_bucket_policy" "terraform_state" {
|
|
69
|
+
bucket = aws_s3_bucket.terraform_state.id
|
|
70
|
+
|
|
71
|
+
policy = jsonencode({
|
|
72
|
+
Version = "2012-10-17"
|
|
73
|
+
Statement = [
|
|
74
|
+
{
|
|
75
|
+
Sid = "DenyInsecureConnections"
|
|
76
|
+
Effect = "Deny"
|
|
77
|
+
Principal = "*"
|
|
78
|
+
Action = "s3:*"
|
|
79
|
+
Resource = [
|
|
80
|
+
aws_s3_bucket.terraform_state.arn,
|
|
81
|
+
"${aws_s3_bucket.terraform_state.arn}/*"
|
|
82
|
+
]
|
|
83
|
+
Condition = {
|
|
84
|
+
Bool = {
|
|
85
|
+
"aws:SecureTransport" = "false"
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
]
|
|
90
|
+
})
|
|
91
|
+
}
|
|
@@ -52,7 +52,7 @@ function terraformProjectGenerator(tree, schema) {
|
|
|
52
52
|
`aws s3 cp ${tfDistDir}/bootstrap.tfstate s3://$(aws sts get-caller-identity --query Account --output text)-tf-state-$(aws configure get region)/bootstrap.tfstate`,
|
|
53
53
|
],
|
|
54
54
|
parallel: false,
|
|
55
|
-
cwd: '{projectRoot}
|
|
55
|
+
cwd: '{projectRoot}/bootstrap',
|
|
56
56
|
},
|
|
57
57
|
},
|
|
58
58
|
'bootstrap-destroy': {
|
|
@@ -60,7 +60,7 @@ function terraformProjectGenerator(tree, schema) {
|
|
|
60
60
|
options: {
|
|
61
61
|
forwardAllArgs: true,
|
|
62
62
|
command: `terraform destroy -state=${tfDistDir}/bootstrap.tfstate`,
|
|
63
|
-
cwd: '{projectRoot}
|
|
63
|
+
cwd: '{projectRoot}/bootstrap',
|
|
64
64
|
},
|
|
65
65
|
},
|
|
66
66
|
destroy: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../../../../../packages/nx-plugin/src/terraform/project/generator.ts"],"names":[],"mappings":";;;AAiCA,8DAmNC;;AApPD;;;GAGG;AACH,uCAYoB;AAEpB,sDAAyD;AACzD,+BAAsC;AACtC,+CAAoD;AACpD,uCAIwB;AACxB,yCAAkD;AAClD,mDAAoD;AAEpD,MAAM,gBAAgB,GAAG,sBAAsB,CAAC;AACnC,QAAA,gCAAgC,GAC3C,IAAA,qBAAgB,EAAC,UAAU,CAAC,CAAC;AAE/B,SAAsB,yBAAyB,CAC7C,IAAU,EACV,MAAuC;;;QAEvC,sDAAsD;QACtD,MAAM,GAAG,GAAG,IAAA,2BAAe,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAE1C,MAAM,wBAAwB,GAAG,IAAA,eAAQ,EACvC,IAAA,WAAI,EAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,EAC/B,IAAI,CAAC,IAAI,CACV,CAAC;QACF,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,wBAAwB,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,SAAS,GAAG,IAAA,WAAI,EAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,cAAc,GAAG,IAAA,WAAI,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAEhD,IAAA,qBAAe,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;QAEtE,MAAM,kBAAkB,GAEpB;YACF,KAAK,EAAE;gBACL,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EAAE,mBAAmB,SAAS,aAAa;qBACnD;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;gBACD,SAAS,EAAE,CAAC,MAAM,CAAC;aACpB;YACD,SAAS,EAAE;gBACT,QAAQ,EAAE,iBAAiB;gBAC3B,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,QAAQ,EAAE;wBACR,sIAAsI,SAAS,4BAA4B;wBAC3K,gBAAgB;wBAChB,wCAAwC,SAAS,kEAAkE;wBACnH,aAAa,SAAS,6IAA6I;qBACpK;oBACD,QAAQ,EAAE,KAAK;oBACf,GAAG,EAAE,
|
|
1
|
+
{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../../../../../packages/nx-plugin/src/terraform/project/generator.ts"],"names":[],"mappings":";;;AAiCA,8DAmNC;;AApPD;;;GAGG;AACH,uCAYoB;AAEpB,sDAAyD;AACzD,+BAAsC;AACtC,+CAAoD;AACpD,uCAIwB;AACxB,yCAAkD;AAClD,mDAAoD;AAEpD,MAAM,gBAAgB,GAAG,sBAAsB,CAAC;AACnC,QAAA,gCAAgC,GAC3C,IAAA,qBAAgB,EAAC,UAAU,CAAC,CAAC;AAE/B,SAAsB,yBAAyB,CAC7C,IAAU,EACV,MAAuC;;;QAEvC,sDAAsD;QACtD,MAAM,GAAG,GAAG,IAAA,2BAAe,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAE1C,MAAM,wBAAwB,GAAG,IAAA,eAAQ,EACvC,IAAA,WAAI,EAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,EAC/B,IAAI,CAAC,IAAI,CACV,CAAC;QACF,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,wBAAwB,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,SAAS,GAAG,IAAA,WAAI,EAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,cAAc,GAAG,IAAA,WAAI,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAEhD,IAAA,qBAAe,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;QAEtE,MAAM,kBAAkB,GAEpB;YACF,KAAK,EAAE;gBACL,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EAAE,mBAAmB,SAAS,aAAa;qBACnD;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;gBACD,SAAS,EAAE,CAAC,MAAM,CAAC;aACpB;YACD,SAAS,EAAE;gBACT,QAAQ,EAAE,iBAAiB;gBAC3B,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,QAAQ,EAAE;wBACR,sIAAsI,SAAS,4BAA4B;wBAC3K,gBAAgB;wBAChB,wCAAwC,SAAS,kEAAkE;wBACnH,aAAa,SAAS,6IAA6I;qBACpK;oBACD,QAAQ,EAAE,KAAK;oBACf,GAAG,EAAE,yBAAyB;iBAC/B;aACF;YACD,mBAAmB,EAAE;gBACnB,QAAQ,EAAE,iBAAiB;gBAC3B,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,OAAO,EAAE,4BAA4B,SAAS,oBAAoB;oBAClE,GAAG,EAAE,yBAAyB;iBAC/B;aACF;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EAAE,4CAA4C;qBACtD;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;gBACD,SAAS,EAAE,CAAC,MAAM,CAAC;aACpB;YACD,IAAI,EAAE;gBACJ,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EACL,yPAAyP;qBAC5P;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;aACF;YACD,MAAM,EAAE;gBACN,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAE;oBACP,OAAO,EAAE,wBAAwB;oBACjC,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;aACF;YACD,IAAI,EAAE;gBACJ,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EAAE,gDAAgD,SAAS,aAAa;qBAChF;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;gBACD,SAAS,EAAE,CAAC,MAAM,CAAC;aACpB;SACF,CAAC;QAEF,MAAM,UAAU,GAEZ;YACF,GAAG,EAAE;gBACH,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAE;oBACP,OAAO,EAAE,eAAe;oBACxB,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;aACF;YACD,IAAI,EAAE;gBACJ,QAAQ,EAAE,iBAAiB;gBAC3B,oBAAoB,EAAE,KAAK;gBAC3B,cAAc,EAAE;oBACd,GAAG,EAAE;wBACH,OAAO,EAAE,gBAAgB;qBAC1B;iBACF;gBACD,OAAO,EAAE;oBACP,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;aACF;YACD,IAAI,EAAE;gBACJ,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,CAAC,wBAAwB,GAAG,CAAC,GAAG,UAAU,CAAC;gBACpD,OAAO,EAAE;oBACP,OAAO,EAAE,wDAAwD,cAAc,EAAE;oBACjF,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;gBACD,SAAS,EAAE,CAAC,UAAU,CAAC;aACxB;YACD,QAAQ,EAAE;gBACR,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAE;oBACP,OAAO,EAAE,oBAAoB;oBAC7B,cAAc,EAAE,IAAI;oBACpB,GAAG,EAAE,mBAAmB;iBACzB;aACF;SACF,CAAC;QAEF,IAAA,gCAAuB,EAAC,IAAI,EAAE,GAAG,CAAC,kBAAkB,EAAE;YACpD,IAAI,EAAE,GAAG,CAAC,GAAG;YACb,WAAW,EAAE,MAAM,CAAC,IAAI;YACxB,UAAU,EAAE,IAAA,0BAAiB,EAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC;YAC7C,OAAO,EAAE,IAAA,uBAAc,kCAClB,UAAU,GACV,CAAC,MAAM,CAAC,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,EAC5D;SACH,CAAC,CAAC;QACH,IAAA,yBAAoB,EAClB,IAAI,EACJ,GAAG,CAAC,kBAAkB,EACtB,wCAAgC,CACjC,CAAC;QAEF,IAAA,sBAAa,EACX,IAAI,EAAE,0BAA0B;QAChC,IAAA,0BAAiB,EAAC,SAAS,EAAE,WAAW,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,6BAA6B;QACrF,GAAG,CAAC,GAAG,EAAE,gCAAgC;QACzC,EAAE,EACF;YACE,iBAAiB,EAAE,0BAAiB,CAAC,SAAS;SAC/C,CACF,CAAC;QAEF,MAAM,MAAM,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC;QAEhC,IACE,CAAC,CAAA,MAAA,MAAM,CAAC,OAAO,0CAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC1B,OAAO,CAAC,KAAK,QAAQ;YACnB,CAAC,CAAC,CAAC,KAAK,gBAAgB;YACxB,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,gBAAgB,CAClC,CAAA,EACD,CAAC;YACD,MAAM,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,MAAA,MAAM,CAAC,OAAO,mCAAI,EAAE,CAAC,EAAE,gBAAgB,CAAC,CAAC;YAC/D,IAAA,qBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC7B,CAAC;QAED,mBAAmB;QACnB,gDAAgD;QAChD,sCAAsC;QACtC,MAAM;QAEN,IAAA,qCAA4B,EAC1B,IAAI,EACJ,EAAE,EACF,IAAA,uBAAY,EAAC,CAAC,sBAAsB,CAAC,CAAC,CACvC,CAAC;QAEF,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA;AACD,kBAAe,yBAAyB,CAAC"}
|