File tree Expand file tree Collapse file tree 5 files changed +77
-0
lines changed
Expand file tree Collapse file tree 5 files changed +77
-0
lines changed Original file line number Diff line number Diff line change @@ -8,6 +8,7 @@ MODULES=(
88 ./modules/networking
99 ./modules/docker-mirror
1010 ./modules/executors
11+ ./modules/credentials
1112 .
1213 ./examples/single-executor
1314 ./examples/multiple-executors
Original file line number Diff line number Diff line change 1+ locals {
2+ prefix = . resource_prefix != " " ? " ${ var . resource_prefix } -sg-" : " sg-"
3+ }
4+
5+ resource "aws_iam_user" "metric_writer" {
6+ name = " ${ substr (local. prefix , 0 , 14 )} -metric-writer"
7+ }
8+
9+ resource "aws_iam_user_policy" "metric_writer" {
10+ name = " ${ substr (var. resource_prefix , 0 , 16 )} MetricWriter"
11+ user = . metric_writer . id
12+
13+ policy = << EOF
14+ {
15+ "Version": "2012-10-17",
16+ "Statement": [
17+ {
18+ "Effect": "Allow",
19+ "Action": [
20+ "cloudwatch:PutMetricData"
21+ ],
22+ "Resource": "*"
23+ }
24+ ]
25+ }
26+ EOF
27+ }
28+
29+ resource "aws_iam_access_key" "metric_writer" {
30+ user = . metric_writer . name
31+ }
32+
33+ resource "aws_iam_user" "instance_scraper" {
34+ name = " ${ substr (local. prefix , 0 , 11 )} -instance-scraper"
35+ }
36+
37+ resource "aws_iam_policy_attachment" "instance_scraper" {
38+ name = " ${ substr (var. resource_prefix , 0 , 11 )} InstanceScraper"
39+ users = aws_iam_user . instance_scraper . name ]
40+ groups = " readonly"
41+ policy_arn = " arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
42+ }
43+
44+ resource "aws_iam_access_key" "instance_scraper" {
45+ user = . instance_scraper . name
46+ }
Original file line number Diff line number Diff line change 1+ output "metric_writer_access_key_id" {
2+ value = . metric_writer . id
3+ }
4+
5+ output "metric_writer_secret_key" {
6+ value = . metric_writer . secret
7+ }
8+
9+ output "instance_scraper_access_key_id" {
10+ value = . instance_scraper . id
11+ }
12+
13+ output "instance_scraper_access_secret_key" {
14+ value = . instance_scraper . secret
15+ }
Original file line number Diff line number Diff line change 1+ terraform {
2+ required_version = " 0.13.7"
3+ required_providers {
4+ aws = " ~> 3.0"
5+ }
6+ }
Original file line number Diff line number Diff line change 1+ variable "availability_zone" {
2+ type = string
3+ description = " The availability zone to create the instance in."
4+ }
5+
6+ variable "resource_prefix" {
7+ type = string
8+ description = " An optional prefix to add to all resources created."
9+ }
You can’t perform that action at this time.
0 commit comments