-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
92 lines (80 loc) · 2.85 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
locals {
public_ip = var.attach_persistent_public_ip ? aws_eip.dsf_instance_eip[0].public_ip : null
public_dns = var.attach_persistent_public_ip ? aws_eip.dsf_instance_eip[0].public_dns : null
private_ip = length(aws_network_interface.eni.private_ips) > 0 ? tolist(aws_network_interface.eni.private_ips)[0] : null
security_group_ids = concat(
[for sg in aws_security_group.dsf_base_sg : sg.id],
var.security_group_ids
)
install_script = templatefile("${path.module}/setup.tftpl", {
admin_registration_password_secret_arn = aws_secretsmanager_secret.admin_analytics_registration_password.arn
admin_ssh_password_secret_arn = aws_secretsmanager_secret.admin_ssh_password.arn
})
readiness_script = templatefile("${path.module}/readiness.tftpl", {
admin_server_public_ip = try(local.public_ip, local.private_ip)
})
}
resource "aws_eip" "dsf_instance_eip" {
count = var.attach_persistent_public_ip ? 1 : 0
domain = "vpc"
tags = merge(var.tags, { Name = var.name })
}
resource "aws_eip_association" "eip_assoc" {
count = var.attach_persistent_public_ip ? 1 : 0
instance_id = aws_instance.dsf_base_instance.id
allocation_id = aws_eip.dsf_instance_eip[0].id
}
resource "aws_instance" "dsf_base_instance" {
ami = data.aws_ami.selected-ami.image_id
instance_type = var.instance_type
key_name = var.key_pair
user_data = local.install_script
root_block_device {
volume_size = var.ebs.volume_size
volume_type = var.ebs.volume_type
delete_on_termination = true
}
iam_instance_profile = local.instance_profile
network_interface {
network_interface_id = aws_network_interface.eni.id
device_index = 0
}
disable_api_termination = true
user_data_replace_on_change = false
metadata_options {
http_endpoint = "enabled"
http_tokens = "required"
}
tags = merge(var.tags, { Name = var.name })
volume_tags = merge(var.tags, { Name = var.name })
}
resource "aws_network_interface" "eni" {
subnet_id = var.subnet_id
security_groups = local.security_group_ids
tags = var.tags
}
module "statistics" {
source = "./_modules/aws/statistics"
count = var.send_usage_statistics ? 1 : 0
deployment_name = var.name
product = "DRA"
resource_type = "dra-admin"
artifact = "ami://${sha256(data.aws_ami.selected-ami.image_id)}@${var.dra_version}"
}
resource "null_resource" "readiness" {
provisioner "local-exec" {
command = local.readiness_script
interpreter = ["/bin/bash", "-c"]
}
depends_on = [
aws_instance.dsf_base_instance,
module.statistics
]
}
module "statistics_success" {
source = "./_modules/aws/statistics"
count = var.send_usage_statistics ? 1 : 0
id = module.statistics[0].id
status = "success"
depends_on = [null_resource.readiness]
}