Merge pull request #235 from mdr-engineering/feature/ftd_MSOCI-1460_Phantom

Phantom Module in Prod and Test GC

prod/aws-us-gov/mdr-prod-c2/250-phantom/.tfswitch.toml

@@ -0,0 +1 @@
+../../../../.tfswitch.toml

prod/aws-us-gov/mdr-prod-c2/250-phantom/terragrunt.hcl

@@ -0,0 +1,42 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/phantom?ref=v1.22.0"
+}
+
+dependency "vpc" {
+  config_path = "../010-vpc-private-services"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  tags = {
+    Purpose = "Phantom System"
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+  instance_type = local.account_vars.locals.instance_types["phantom"]
+  vpc_id = dependency.vpc.outputs.vpc_id
+  vpc_cidr = local.account_vars.locals.vpc_info["vpc-splunk"]["cidr"]
+  azs = dependency.vpc.outputs.azs
+  public_subnets = dependency.vpc.outputs.public_subnets # Phantom is on a PUBLIC subnet for direct comm
+}

prod/aws-us-gov/mdr-prod-c2/account.hcl

@@ -141,15 +141,16 @@ locals {
   instance_types = {
     #"alsi-master"    = "t3a.small",
     #"alsi-worker"    = "t3a.small",
-    "splunk-cm"      = "m5a.xlarge",
-    "splunk-indexer" = "i3en.3xlarge",
-    "splunk-hf"      = "m5a.xlarge",
-    "splunk-sh"      = "m5a.4xlarge",
-    "qcompliance"    = "c5a.8xlarge", # legacy: c4.8xlarge
     "github"         = "c5.4xlarge", # legacy: c4.4xlarge in prod, c5.2xlarge in test
     "github-backup"  = "t3a.medium", # legacy: t2.medium
     "jira-rds"       = "db.t3.medium",
     "jira-server"    = "t3a.medium", # legacy test: t2.small, legacy prod: t2.medium
+    "phantom"        = "m5a.4xlarge", # legacy test: t2.medium, legacy prod: m4.4xlarge
+    "qcompliance"    = "c5a.8xlarge", # legacy: c4.8xlarge
+    "splunk-cm"      = "m5a.xlarge",
+    "splunk-indexer" = "i3en.3xlarge",
+    "splunk-hf"      = "m5a.xlarge",
+    "splunk-sh"      = "m5a.4xlarge",
   }
 
   # Bastion

test/aws-us-gov/mdr-test-c2/250-phantom/.tfswitch.toml

@@ -0,0 +1 @@
+../../../../.tfswitch.toml

test/aws-us-gov/mdr-test-c2/250-phantom/terragrunt.hcl

@@ -0,0 +1,42 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/phantom?ref=v1.22.0"
+}
+
+dependency "vpc" {
+  config_path = "../010-vpc-private-services"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  tags = {
+    Purpose = "Phantom System"
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+  instance_type = local.account_vars.locals.instance_types["phantom"]
+  vpc_id = dependency.vpc.outputs.vpc_id
+  vpc_cidr = local.account_vars.locals.vpc_info["vpc-splunk"]["cidr"]
+  azs = dependency.vpc.outputs.azs
+  public_subnets = dependency.vpc.outputs.public_subnets # Phantom is on a PUBLIC subnet for direct comm
+}

test/aws-us-gov/mdr-test-c2/account.hcl

@@ -142,18 +142,19 @@ locals {
   instance_types = {
     "alsi-master"    = "t3a.small",
     "alsi-worker"    = "t3a.small",
+    "github"         = "c5.2xlarge", # legacy: c4.4xlarge in prod, c5.2xlarge in test
+    "github-backup"  = "t3a.medium", # legacy: t2.micro
+    "jira-rds"       = "db.t3.medium",
+    "jira-server"    = "t3a.small", # legacy test: t2.small, legacy prod: t2.medium
+    "phantom"        = "t3a.medium", # legacy test: t2.medium, legacy prod: m4.4xlarge
+    "qcompliance"    = "t3a.small", # legacy: ? not sure
     "splunk-cm"      = "t3a.small",  # legacy: t2.small
+    "splunk-hf"      = "t3a.small", # legacy: t2.medium
     #"splunk-indexer" = "t3a.small", # legacy: t2.small, but whats the point if we don't have instance storage.
     #"splunk-indexer" = "i3en.large", # legacy: t2.small, but whats the point if we don't have instance storage.
     #"splunk-indexer" = "m5d.large", # these are 1/2 the price of i3en.larges. 8GB RAM, 75GB storage
     "splunk-indexer" = "m5d.xlarge", # 16GB RAM, 150GB SSD
-    "splunk-hf"      = "t3a.small", # legacy: t2.medium
     "splunk-sh"      = "t3a.small", # legacy: ? not sure
-    "qcompliance"    = "t3a.small", # legacy: ? not sure
-    "github"         = "c5.2xlarge", # legacy: c4.4xlarge in prod, c5.2xlarge in test
-    "github-backup"  = "t3a.medium", # legacy: t2.micro
-    "jira-rds"       = "db.t3.medium",
-    "jira-server"    = "t3a.small", # legacy test: t2.small, legacy prod: t2.medium
   }
 
   # TODO: The instance types below should be moved to the instance_type map above