fmt

aws-samples · Feb 2, 2023 · 5cdf023 · 5cdf023
1 parent 8ecbefe
commit 5cdf023
Show file tree

Hide file tree

Showing 80 changed files with 362 additions and 362 deletions.
diff --git a/c9net/cicd-peering.tf b/c9net/cicd-peering.tf
@@ -1,7 +1,7 @@
 resource "aws_vpc_peering_connection" "cicd-peer" {
-  peer_vpc_id   = data.terraform_remote_state.net.outputs.eks-vpc
-  vpc_id        = data.aws_vpc.vpc-cicd.id
-  auto_accept   = true
+  peer_vpc_id = data.terraform_remote_state.net.outputs.eks-vpc
+  vpc_id      = data.aws_vpc.vpc-cicd.id
+  auto_accept = true
 }
 
 output "cicdpeerid" {

diff --git a/c9net/data-cicdvpc.tf b/c9net/data-cicdvpc.tf
@@ -1,6 +1,6 @@
 data "aws_vpc" "vpc-cicd" {
   default = false
-  id=data.terraform_remote_state.net.outputs.cicd-vpc
+  id      = data.terraform_remote_state.net.outputs.cicd-vpc
   #filter {
   #  name   = "tag:workshop"
   #  values = ["eks-cicd"]

diff --git a/c9net/data-rtb-cicd.tf b/c9net/data-rtb-cicd.tf
@@ -1,5 +1,5 @@
 data "aws_route_table" "cicd-rtb" {
-  vpc_id=data.aws_vpc.vpc-cicd.id
+  vpc_id = data.aws_vpc.vpc-cicd.id
   filter {
     name   = "tag:Name"
     values = ["rtb-eks-cicd-priv1"]

diff --git a/c9net/data-sg-c9-instance.tf b/c9net/data-sg-c9-instance.tf
@@ -1,11 +1,11 @@
-variable "c9label" { 
-description="Cloud9 IDE Name Label"
-type=string
-default="-cloud9-eks-te"
+variable "c9label" {
+  description = "Cloud9 IDE Name Label"
+  type        = string
+  default     = "-cloud9-eks-te"
 }
 
-output c9lab {
-    value = "%{ if var.c9label != "" } true %{else} false %{endif}"
+output "c9lab" {
+  value = "%{if var.c9label != ""} true %{else} false %{endif}"
 }
 
 
@@ -26,8 +26,8 @@ data "aws_iam_instance_profile" "c9ip" {
   name = data.aws_instance.c9inst.iam_instance_profile
 }
 
-output c9role {
-value=data.aws_iam_instance_profile.c9ip.role_arn
+output "c9role" {
+  value = data.aws_iam_instance_profile.c9ip.role_arn
 }
 
 

diff --git a/c9net/data-sg-cicd.tf b/c9net/data-sg-cicd.tf
@@ -1,5 +1,5 @@
 data "aws_security_group" "cicd-sg" {
-  vpc_id=data.aws_vpc.vpc-cicd.id
+  vpc_id = data.aws_vpc.vpc-cicd.id
   filter {
     name   = "tag:workshop"
     values = ["eks-cicd"]

diff --git a/c9net/def-peering.tf b/c9net/def-peering.tf
@@ -1,7 +1,7 @@
 resource "aws_vpc_peering_connection" "def-peer" {
-  peer_vpc_id   = data.terraform_remote_state.net.outputs.eks-vpc
-  vpc_id        = data.aws_vpc.vpc-default.id
-  auto_accept   = true
+  peer_vpc_id = data.terraform_remote_state.net.outputs.eks-vpc
+  vpc_id      = data.aws_vpc.vpc-default.id
+  auto_accept = true
 }
 
 output "peerid" {

diff --git a/c9net/sg-rule-cicd.tf b/c9net/sg-rule-cicd.tf
@@ -21,7 +21,7 @@ resource "aws_security_group_rule" "sg-cicd-self" {
   from_port         = 0
   to_port           = 0
   protocol          = "-1"
-  self = true
+  self              = true
   security_group_id = data.aws_security_group.cicd-sg.id
 }
 

diff --git a/c9net/sg-rule-eks.tf b/c9net/sg-rule-eks.tf
@@ -47,29 +47,29 @@ resource "aws_security_group_rule" "eks-node-egress" {
 
 
 resource "aws_security_group_rule" "eks-all-node" {
-  type              = "ingress"
-  from_port         = 0
-  to_port           = 0
-  protocol          = "-1"
+  type                     = "ingress"
+  from_port                = 0
+  to_port                  = 0
+  protocol                 = "-1"
   source_security_group_id = data.terraform_remote_state.net.outputs.allnodes-sg
-  security_group_id = data.terraform_remote_state.net.outputs.cluster-sg
+  security_group_id        = data.terraform_remote_state.net.outputs.cluster-sg
 }
 
 resource "aws_security_group_rule" "eks-node-all" {
-  type              = "ingress"
-  from_port         = 0
-  to_port           = 0
-  protocol          = "-1"
+  type                     = "ingress"
+  from_port                = 0
+  to_port                  = 0
+  protocol                 = "-1"
   source_security_group_id = data.terraform_remote_state.net.outputs.cluster-sg
-  security_group_id = data.terraform_remote_state.net.outputs.allnodes-sg
+  security_group_id        = data.terraform_remote_state.net.outputs.allnodes-sg
 }
 
 resource "aws_security_group_rule" "eks-all-self" {
   type              = "ingress"
   from_port         = 0
   to_port           = 0
   protocol          = "-1"
-  self = true
+  self              = true
   security_group_id = data.terraform_remote_state.net.outputs.cluster-sg
 }
 
@@ -78,6 +78,6 @@ resource "aws_security_group_rule" "eks-node-self" {
   from_port         = 0
   to_port           = 0
   protocol          = "-1"
-  self = true
+  self              = true
   security_group_id = data.terraform_remote_state.net.outputs.allnodes-sg
 }
diff --git a/cicd/aws_ecr_repository__aws-cli.tf b/cicd/aws_ecr_repository__aws-cli.tf
@@ -1,14 +1,14 @@
 resource "aws_ecr_repository" "aws-cli" {
   name                 = "aws-cli"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
 
   image_scanning_configuration {
     scan_on_push = true
   }
 
   encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
diff --git a/cicd/aws_ecr_repository__busybox.tf b/cicd/aws_ecr_repository__busybox.tf
@@ -1,12 +1,12 @@
 resource "aws_ecr_repository" "busybox" {
   name                 = "busybox"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
diff --git a/cicd/aws_ecr_repository__nginx.tf b/cicd/aws_ecr_repository__nginx.tf
@@ -1,12 +1,12 @@
 resource "aws_ecr_repository" "nginx" {
   name                 = "nginx"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
diff --git a/cicd/aws_ecr_repository__sample-app.tf b/cicd/aws_ecr_repository__sample-app.tf
@@ -1,52 +1,52 @@
 resource "aws_ecr_repository" "sample-app" {
   name                 = "sample-app"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
 
 resource "aws_ecr_repository" "karpenter-webhook" {
   name                 = "karpenter/webhook"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
 
 resource "aws_ecr_repository" "karpenter-controller" {
   name                 = "karpenter/controller"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
 
 
 resource "aws_ecr_repository" "pause" {
   name                 = "pause"
   image_tag_mutability = "IMMUTABLE"
-  force_delete = true
+  force_delete         = true
   image_scanning_configuration {
     scan_on_push = true
   }
-    encryption_configuration {
-        encryption_type = "KMS"
-        kms_key = data.aws_ssm_parameter.tf-eks-keyid.value
+  encryption_configuration {
+    encryption_type = "KMS"
+    kms_key         = data.aws_ssm_parameter.tf-eks-keyid.value
   }
 }
diff --git a/cicd/aws_iam_policy__CodeBuildBasePolicy-eks-cicd-build-app-eu-west-1.tf b/cicd/aws_iam_policy__CodeBuildBasePolicy-eks-cicd-build-app-eu-west-1.tf
@@ -15,8 +15,8 @@ resource "aws_iam_policy" "CodeBuildBasePolicy-eks-cicd-build-app" {
           ]
           Effect = "Allow"
           Resource = [
-             format("arn:aws:logs:%s:%s:log-group:/aws/codebuild/eks-cicd-build-app",data.aws_region.current.name,data.aws_caller_identity.current.account_id),
-             format("arn:aws:logs:%s:%s:log-group:/aws/codebuild/eks-cicd-build-app:*", data.aws_region.current.name,data.aws_caller_identity.current.account_id)
+            format("arn:aws:logs:%s:%s:log-group:/aws/codebuild/eks-cicd-build-app", data.aws_region.current.name, data.aws_caller_identity.current.account_id),
+            format("arn:aws:logs:%s:%s:log-group:/aws/codebuild/eks-cicd-build-app:*", data.aws_region.current.name, data.aws_caller_identity.current.account_id)
           ]
         },
         {
@@ -29,7 +29,7 @@ resource "aws_iam_policy" "CodeBuildBasePolicy-eks-cicd-build-app" {
           ]
           Effect = "Allow"
           Resource = [
-            format("arn:aws:s3:::codepipeline-%s-*",data.aws_region.current.name)
+            format("arn:aws:s3:::codepipeline-%s-*", data.aws_region.current.name)
           ]
         },
         {
@@ -38,7 +38,7 @@ resource "aws_iam_policy" "CodeBuildBasePolicy-eks-cicd-build-app" {
           ]
           Effect = "Allow"
           Resource = [
-            format("arn:aws:codecommit:%s:%s:Terraform-EKS", data.aws_region.current.name,data.aws_caller_identity.current.account_id),
+            format("arn:aws:codecommit:%s:%s:Terraform-EKS", data.aws_region.current.name, data.aws_caller_identity.current.account_id),
           ]
         },
         {
@@ -52,7 +52,7 @@ resource "aws_iam_policy" "CodeBuildBasePolicy-eks-cicd-build-app" {
           Effect = "Allow"
           Resource = [
             #format("arn:aws:codebuild:%s:%s:report-group/eks-cicd-build-app-*",data.aws_caller_identity.current.account_id, data.aws_region.current.name),
-            format("arn:aws:codebuild:%s:%s:report-group/eks-cicd-build-app-*",data.aws_region.current.name,data.aws_caller_identity.current.account_id),
+            format("arn:aws:codebuild:%s:%s:report-group/eks-cicd-build-app-*", data.aws_region.current.name, data.aws_caller_identity.current.account_id),
           ]
         },
       ]

diff --git a/cicd/aws_iam_policy__CodeBuildVpcPolicy-eks-cicd-build-app.tf b/cicd/aws_iam_policy__CodeBuildVpcPolicy-eks-cicd-build-app.tf
@@ -28,13 +28,13 @@ resource "aws_iam_policy" "CodeBuildVpcPolicy-eks-cicd-build-app" {
             StringEquals = {
               "ec2:AuthorizedService" = "codebuild.amazonaws.com"
               "ec2:Subnet" = [
-                format("arn:aws:ec2:%s:%s:subnet/subnet-00cc72ac5b0b79dd4",data.aws_caller_identity.current.account_id, data.aws_region.current.name),
+                format("arn:aws:ec2:%s:%s:subnet/subnet-00cc72ac5b0b79dd4", data.aws_caller_identity.current.account_id, data.aws_region.current.name),
 
               ]
             }
           }
           Effect   = "Allow"
-          Resource = format("arn:aws:ec2:%s:%s:network-interface/*",data.aws_caller_identity.current.account_id, data.aws_region.current.name),
+          Resource = format("arn:aws:ec2:%s:%s:network-interface/*", data.aws_caller_identity.current.account_id, data.aws_region.current.name),
 
         },
       ]

diff --git a/cicd/aws_s3_bucket__codepipeline-bucket.tf b/cicd/aws_s3_bucket__codepipeline-bucket.tf
@@ -9,14 +9,14 @@ output "Name" {
 
 resource "aws_s3_bucket" "codepipeline-bucket" {
   bucket = data.external.bucket_name.result.Name
-  tags           = {}
+  tags   = {}
 
   force_destroy = false
 
 }
 
 resource "aws_s3_bucket_versioning" "codepipeline-bucket" {
-   # Enable versioning so we can see the full revision history of our
+  # Enable versioning so we can see the full revision history of our
   # state files
   bucket = aws_s3_bucket.codepipeline-bucket.id
   versioning_configuration {

diff --git a/cicd/data-sg-cicd.tf b/cicd/data-sg-cicd.tf
@@ -1,5 +1,5 @@
 data "aws_security_group" "cicd" {
-  vpc_id=data.aws_vpc.cicd.id
+  vpc_id = data.aws_vpc.cicd.id
   filter {
     name   = "tag:workshop"
     values = ["eks-cicd"]

diff --git a/cicd/null-auth-cicd.tf b/cicd/null-auth-cicd.tf
@@ -1,16 +1,16 @@
 resource "null_resource" "auth-cidr" {
-triggers = {
+  triggers = {
     always_run = timestamp()
-}
-depends_on     = [aws_iam_role.codebuild-eks-cicd-build-app-service-role]
-provisioner "local-exec" {
+  }
+  depends_on = [aws_iam_role.codebuild-eks-cicd-build-app-service-role]
+  provisioner "local-exec" {
     on_failure  = fail
-    when = create
+    when        = create
     interpreter = ["/bin/bash", "-c"]
     command     = <<EOT
         echo "auth cicd role for K8s"
         ./auth-cicd.sh
         echo "************************************************************************************"
      EOT
-}
+  }
 }
diff --git a/cicd/null-load_ecr.tf b/cicd/null-load_ecr.tf
@@ -1,11 +1,11 @@
 resource "null_resource" "load_ecr" {
-triggers = {
+  triggers = {
     always_run = timestamp()
-}
-depends_on = [aws_ecr_repository.busybox]
-provisioner "local-exec" {
+  }
+  depends_on = [aws_ecr_repository.busybox]
+  provisioner "local-exec" {
     on_failure  = fail
-    when = create
+    when        = create
     interpreter = ["/bin/bash", "-c"]
     command     = <<EOT
         ./load_ecr.sh ${var.karpenter_version}
@@ -19,5 +19,5 @@ provisioner "local-exec" {
 
         echo "************************************************************************************"
      EOT
-}
+  }
 }
diff --git a/cluster/aws_eks-addons.tf b/cluster/aws_eks-addons.tf
@@ -9,12 +9,12 @@ locals {
 resource "aws_eks_addon" "vpc-cni" {
   depends_on = [aws_eks_cluster.cluster]
   #depends_on     = [null_resource.gen_cluster_auth]
-  cluster_name = data.aws_ssm_parameter.tf-eks-cluster-name.value
-  addon_name   = "vpc-cni"
+  cluster_name      = data.aws_ssm_parameter.tf-eks-cluster-name.value
+  addon_name        = "vpc-cni"
   resolve_conflicts = "OVERWRITE"
 
   configuration_values = local.cni_config
-  addon_version     = "v1.12.1-eksbuild.1"
+  addon_version        = "v1.12.1-eksbuild.1"
 
   preserve = true