Cleans up directories

* Removes `000-mdradmin-bootstrap` and `001-tfstate` from account
  directories that don't use it (leaving it only in mdr-common-services)
* Copies `006-account-standards` and `010-standard-vpc` to the skeleton
  directory, as these are expected to be in all/most accounts. It does
  not, however, copy them into the rest of the current accounts. I
  suspect we'll do that as needed.
* Updates the `accounts.hcl` skeleton to include additional settings.
* Removes the `000-skeleton-GOV` directory. There are currently no
  differences between gov and commercial, so why maintain two? We can
  add it back if we eventually need it.

000-skeleton-GOV/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

000-skeleton-GOV/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

000-skeleton-GOV/README.md

@@ -1,5 +0,0 @@
-# A skeleton for a new account
-
-Intended to be copied whenever a new account is added to bring it to the current standards.
-
-REPLACE THE CONTENTS OF THIS FILE WITH A DESCRIPTION OF THE ACCOUNT

000-skeleton-GOV/account.hcl

@@ -1,13 +0,0 @@
-# Set account-wide variables. These are automatically pulled in to configure the remote state bucket in the root
-# terragrunt.hcl configuration.
-locals {
-  # TODO put the right values here
-  account_name   = "TODO"
-  account_alias  = "TODO"
-  aws_account_id = "TODO"
-
-  instance_termination_protection = TODO # set to true for production!
-
-  # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "TODO"
-}

000-skeleton/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

000-skeleton/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

000-skeleton/006-account-standards/README.md

@@ -0,0 +1,3 @@
+# Account Standards
+
+Creates elements that are standard in all accounts, such as access keys, kms keys, etc.

000-skeleton/006-account-standards/terragrunt.hcl

@@ -0,0 +1,40 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards?ref=v0.1.1"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  #name = "vpc_primary_${local.account_vars.locals.account_name}"
+  #cidr = local.account_vars.locals.standard_vpc_cidr
+  #tags = {
+  #  Purpose = "Malware Detonation"
+  #  Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  #}
+}

000-skeleton/010-standard-vpc/README.md

@@ -0,0 +1,7 @@
+# Standard VPC
+
+Creates a single VPC from the subnet defined in `../accounts.hcl`, divided into 3 subnets.
+
+## Note:
+
+This is the first using the "terragrunt best practice" template, so it will either serve as a good model or it will fail miserably. Either way, this may be outdated.

000-skeleton-GOV/005-iam/terragrunt.hcl → 000-skeleton/010-standard-vpc/terragrunt.hcl

@@ -7,7 +7,7 @@ locals {
   #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
   #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
   #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
-  #account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
   #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 
   # Extract out common variables for reuse
@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/iam?ref=v0.1.1"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.1.1"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,4 +31,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  name = "vpc_primary_${local.account_vars.locals.account_name}"
+  cidr = local.account_vars.locals.standard_vpc_cidr
+  tags = {
+    Purpose = "Malware Detonation"
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
 }

000-skeleton/account.hcl

@@ -8,5 +8,5 @@ locals {
   instance_termination_protection = TODO # set to true for production!
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "TODO"
+  standard_vpc_cidr = "TODO/TODO"
 }

common/aws/legacy-mdr-root/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

common/aws/legacy-mdr-root/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

common/aws/mdr-cyber-range/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

common/aws/mdr-cyber-range/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

common/aws/mdr-dev-ai/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

common/aws/mdr-dev-ai/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-c2/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-c2/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-malware/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-malware/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-modelclient/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws-us-gov/mdr-prod-modelclient/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/legacy-mdr-prod/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/legacy-mdr-prod/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-c2/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-c2/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-malware/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-malware/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-modelclient/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

prod/aws/mdr-prod-modelclient/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-c2/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-c2/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-malware/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-malware/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-modelclient/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws-us-gov/mdr-test-modelclient/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/legacy-mdr-test/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/legacy-mdr-test/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-c2/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-c2/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-malware/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-malware/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-modelclient/000-mdradmin-bootstrap/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs

test/aws/mdr-test-modelclient/001-tfstate/README.md

@@ -1,5 +0,0 @@
-# UNUSED
-
-As of now this isnt needed.
-
-Reserved for future needs