Merge pull request #19 from arunlalp/master

techiescamp · web-flow · commit bf88190399c1 · 2023-07-28T14:37:22.000+05:30
[TEC-69] Add Variables for Tag Policy: tag-key, tag-value, enforce-for-values
diff --git a/environments/dev/tag-policy/main.tf b/environments/dev/tag-policy/main.tf
@@ -8,4 +8,21 @@ module "tag-policy" {
   policy_name = var.policy_name
   policy_type = var.policy_type
   target_id   = var.target_id
+
+  name_tag_key            = var.name_tag_key
+  name_enforce_for_values = var.name_enforce_for_values
+
+  environment_tag_key            = var.environment_tag_key
+  environment_enforce_for_values = var.environment_enforce_for_values
+
+  owner_tag_key            = var.owner_tag_key
+  owner_tag_value          = var.owner_tag_value
+  owner_enforce_for_values = var.owner_enforce_for_values
+
+  costcenter_tag_key            = var.costcenter_tag_key
+  costcenter_tag_value          = var.costcenter_tag_value
+  costcenter_enforce_for_values = var.costcenter_enforce_for_values
+
+  application_tag_key            = var.application_tag_key
+  application_enforce_for_values = var.application_enforce_for_values
 }
diff --git a/environments/dev/tag-policy/variables.tf b/environments/dev/tag-policy/variables.tf
@@ -1,19 +1,79 @@
 variable "region" {
   type        = string
-  description = "Region for the provider"
+  description = "The AWS region for provider configuration."
 }
 
 variable "policy_name" {
   type        = string
-  description = "Name for the tag policy"
+  description = "A descriptive name for the AWS Organizations Tag Policy."
 }
 
 variable "policy_type" {
   type        = string
-  description = "Type of the policy"
+  description = "The type of the AWS Organizations Tag Policy."
 }
 
 variable "target_id" {
   type        = number
-  description = "ID of the target"
-}
+  description = "The ID of the target organizational unit to attach the Tag Policy."
+}
+
+variable "name_tag_key" {
+  type        = string
+  description = "The tag key for the 'Name' tag."
+}
+
+variable "name_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Name' tag."
+}
+
+variable "environment_tag_key" {
+  type        = string
+  description = "The tag key for the 'Environment' tag."
+}
+
+variable "environment_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Environment' tag."
+}
+
+variable "owner_tag_key" {
+  type        = string
+  description = "The tag key for the 'Owner' tag."
+}
+
+variable "owner_tag_value" {
+  type        = list(string)
+  description = "A list of valid tag values for the 'Owner' tag."
+}
+
+variable "owner_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Owner' tag."
+}
+
+variable "costcenter_tag_key" {
+  type        = string
+  description = "The tag key for the 'CostCenter' tag."
+}
+
+variable "costcenter_tag_value" {
+  type        = list(string)
+  description = "A list of valid tag values for the 'CostCenter' tag."
+}
+
+variable "costcenter_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'CostCenter' tag."
+}
+
+variable "application_tag_key" {
+  type        = string
+  description = "The tag key for the 'Application' tag."
+}
+
+variable "application_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Application' tag."
+}
diff --git a/modules/tag-policy/main.tf b/modules/tag-policy/main.tf
@@ -1,4 +1,4 @@
-# Provider Configuration 
+# Provider Configuration
 provider "aws" {
   region = var.region
 }
@@ -11,81 +11,26 @@ resource "aws_organizations_policy" "tag_policy" {
   content = jsonencode({
     "tags" = {
       "Name" = {
-        "tag_key" = {
-          "@@assign" = "Name"
-        },
-        "enforced_for" = {
-          "@@assign" = [
-            "ec2:instance",
-            "ec2:security-group"
-          ]
-        }
+        "tag_key"      = { "@@assign" = var.name_tag_key },
+        "enforced_for" = { "@@assign" = var.name_enforce_for_values }
       },
       "Environment" = {
-        "tag_key" = {
-          "@@assign" = "Environment"
-        },
-        "tag_value" = {
-          "@@assign" = [
-            "dev",
-            "stage",
-            "prod"
-          ]
-        },
-        "enforced_for" = {
-          "@@assign" = [
-            "ec2:instance",
-            "ec2:security-group"
-          ]
-        }
+        "tag_key"      = { "@@assign" = var.environment_tag_key },
+        "enforced_for" = { "@@assign" = var.environment_enforce_for_values }
       },
       "Owner" = {
-        "tag_key" = {
-          "@@assign" = "Owner"
-        },
-        "tag_value" = {
-          "@@assign" = [
-            "Techiescamp"
-          ]
-        },
-        "enforced_for" = {
-          "@@assign" = [
-            "ec2:instance",
-            "ec2:security-group"
-          ]
-        }
+        "tag_key"      = { "@@assign" = var.owner_tag_key },
+        "tag_value"    = { "@@assign" = var.owner_tag_value },
+        "enforced_for" = { "@@assign" = var.owner_enforce_for_values }
       },
       "CostCenter" = {
-        "tag_key" = {
-          "@@assign" = "CostCenter"
-        },
-        "tag_value" = {
-          "@@assign" = [
-            "project-pet-clinic"
-          ]
-        },
-        "enforced_for" = {
-          "@@assign" = [
-            "ec2:instance",
-            "ec2:security-group"
-          ]
-        }
+        "tag_key"      = { "@@assign" = var.costcenter_tag_key },
+        "tag_value"    = { "@@assign" = var.costcenter_tag_value },
+        "enforced_for" = { "@@assign" = var.costcenter_enforce_for_values }
       },
       "Application" = {
-        "tag_key" = {
-          "@@assign" = "Application"
-        },
-        "tag_value" = {
-          "@@assign" = [
-            "web-app"
-          ]
-        },
-        "enforced_for" = {
-          "@@assign" = [
-            "ec2:instance",
-            "ec2:security-group"
-          ]
-        }
+        "tag_key"      = { "@@assign" = var.application_tag_key },
+        "enforced_for" = { "@@assign" = var.application_enforce_for_values }
       }
     }
   })
@@ -97,7 +42,3 @@ resource "aws_organizations_policy_attachment" "account_attachment" {
   policy_id = aws_organizations_policy.tag_policy.id
   target_id = var.target_id
 }
-
-
-
-
diff --git a/modules/tag-policy/variables.tf b/modules/tag-policy/variables.tf
@@ -1,19 +1,79 @@
 variable "region" {
   type        = string
-  description = "Region for the provider."
+  description = "The AWS region for provider configuration."
 }
 
 variable "policy_name" {
   type        = string
-  description = "Name for the tag policy."
+  description = "A descriptive name for the AWS Organizations Tag Policy."
 }
 
 variable "policy_type" {
   type        = string
-  description = "Type of the policy."
+  description = "The type of the AWS Organizations Tag Policy."
 }
 
 variable "target_id" {
   type        = number
-  description = "ID of the target."
-}
+  description = "The ID of the target organizational unit to attach the Tag Policy."
+}
+
+variable "name_tag_key" {
+  type        = string
+  description = "The tag key for the 'Name' tag."
+}
+
+variable "name_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Name' tag."
+}
+
+variable "environment_tag_key" {
+  type        = string
+  description = "The tag key for the 'Environment' tag."
+}
+
+variable "environment_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Environment' tag."
+}
+
+variable "owner_tag_key" {
+  type        = string
+  description = "The tag key for the 'Owner' tag."
+}
+
+variable "owner_tag_value" {
+  type        = list(string)
+  description = "A list of valid tag values for the 'Owner' tag."
+}
+
+variable "owner_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Owner' tag."
+}
+
+variable "costcenter_tag_key" {
+  type        = string
+  description = "The tag key for the 'CostCenter' tag."
+}
+
+variable "costcenter_tag_value" {
+  type        = list(string)
+  description = "A list of valid tag values for the 'CostCenter' tag."
+}
+
+variable "costcenter_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'CostCenter' tag."
+}
+
+variable "application_tag_key" {
+  type        = string
+  description = "The tag key for the 'Application' tag."
+}
+
+variable "application_enforce_for_values" {
+  type        = list(string)
+  description = "A list of tag values to enforce for the 'Application' tag."
+}
diff --git a/vars/dev/tag-policy.tfvars b/vars/dev/tag-policy.tfvars
@@ -2,4 +2,23 @@
 region      = "eu-north-1"
 policy_name = "Techiescamp"
 policy_type = "TAG_POLICY"
-target_id   = "814200988517"
+target_id   = "814200988517"
+
+name_tag_key            = "Name"
+name_enforce_for_values = ["ec2:instance", "ec2:security-group"]
+
+environment_tag_key            = "Environment"
+environment_enforce_for_values = ["ec2:instance", "ec2:security-group"]
+
+owner_tag_key            = "Owner"
+owner_tag_value          = ["techiescamp"]
+owner_enforce_for_values = ["ec2:instance", "ec2:security-group"]
+
+costcenter_tag_key            = "CostCenter"
+costcenter_tag_value          = ["techiescamp-commerce"]
+costcenter_enforce_for_values = ["ec2:instance", "ec2:security-group"]
+
+application_tag_key            = "Application"
+application_enforce_for_values = ["ec2:instance", "ec2:security-group"]
+
+
