Merge pull request #433 from mdr-engineering/feature/ftd_na_UpdatingMisc

Fixes for Updated Terraform

common/aws-us-gov/afs-mdr-common-services-gov/000-mdradmin-bootstrap/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.12, < 0.13"
-}

common/aws-us-gov/afs-mdr-common-services-gov/001-tfstate/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.12, < 0.13"
-}

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/.gitignore

@@ -1,5 +0,0 @@
-# as this directory contains the old style of terragrunt,
-# it generates these two files in the local directory, but
-# we don't need/want to keep them around.
-backend.tf
-provider.tf

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/okta_saml.tf

@@ -1,5 +0,0 @@
-module "common_services_roles" {
-  source        = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//submodules/iam/common_services_roles?ref=v2.1.2"
-  account_alias = "afs-mdr-common-services-gov"
-  okta_app      = "AWS - GovCloud"
-}

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/provider-okta.tf

@@ -1,4 +0,0 @@
-provider "okta" {
-  org_name = "mdr-multipass"
-  base_url = "okta.com"
-}

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/required_provider.tf

@@ -1,24 +0,0 @@
-# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-      version = "= 3.37.0" # 2021-04-29: upgrade from 2.66
-    }
-    template = {
-      source = "hashicorp/template"
-      version = "= 2.2.0" # 2021-04-29: ugprade from 2.1.0
-    }
-    vault = {
-      source = "hashicorp/vault"
-      version = "= 2.19.1" # 2021-04-29: upgrade from 2.18.0
-    }
-    sensu = {
-      source = "jtopjian/sensu"
-      version = "= 0.10.5"
-    }
-    okta = {
-      source  = "oktadeveloper/okta"
-    }
-  }
-}

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/terragrunt.hcl

@@ -1,11 +1,27 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/iam-okta?ref=v3.0.1"
+}
+
+# Include all settings from the root terragrunt.hcl file
 include {
   path = find_in_parent_folders()
 }
 
-# ---------------------------------------------------------------------------------------------------------------------
-# Generate a required providers block
-# This module needs to override the root to add okta
-# ---------------------------------------------------------------------------------------------------------------------
 generate "required_providers" {
   path      = "required_provider.tf"
   if_exists = "overwrite_terragrunt"
@@ -16,20 +32,23 @@ terraform {
       source = "hashicorp/aws"
       version = "= 3.59.0" # 2021-09-21: upgrade from 3.37.0
     }
-    vault = {
-      source = "hashicorp/vault"
-      version = "= 2.19.1" # 2021-04-29: upgrade from 2.18.0
-    }
-    sensu = {
-      source = "jtopjian/sensu"
-      version = "= 0.10.5"
-    }
     okta = {
-      source  = "oktadeveloper/okta"
+      source = "okta/okta"
+      version = "= 3.13.13"
     }
   }
 }
 EOF
 }
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}
 terraform_version_constraint = "= 1.0.7"
 terragrunt_version_constraint = "= 0.32.3"

common/aws-us-gov/afs-mdr-common-services-gov/004-iam-okta/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.13"
-}

common/aws-us-gov/afs-mdr-common-services-gov/account.hcl

@@ -6,6 +6,7 @@ locals {
   aws_account_id = "701290387780"
   instance_termination_protection = true # set to true for production!
   splunk_prefix = "moose"
+  okta_app = "AWS - GovCloud"
 
   account_tags = {
     "Client": local.splunk_prefix

common/aws/mdr-common-services/000-mdradmin-bootstrap/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.12, < 0.13"
-}

common/aws/mdr-common-services/001-tfstate/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.12, < 0.13"
-}

common/aws/mdr-common-services/004-iam-okta/.gitignore

@@ -1,4 +0,0 @@
-# This is the old style of terragrunt, which creates these two
-# files in the local directory. We don't want/need them.
-backend.tf
-provider.tf

common/aws/mdr-common-services/004-iam-okta/README.md

@@ -1,5 +0,0 @@
-To use:
-
-OKTA_API_TOKEN="xxxx" terragrunt init
-OKTA_API_TOKEN="xxxx" terragrunt apply
-

common/aws/mdr-common-services/004-iam-okta/TODO

@@ -1 +0,0 @@
-This should be moved to xdr-terraform-modules and coverted to just a terragrunt.hcl file

common/aws/mdr-common-services/004-iam-okta/okta_saml.tf

@@ -1,5 +0,0 @@
-module "common_services_roles" {
-  source        = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//submodules/iam/common_services_roles?ref=v2.1.2"
-  account_alias = "afs-mdr-common-services"
-  okta_app      = "AWS - Commercial"
-}

common/aws/mdr-common-services/004-iam-okta/provider-okta.tf

@@ -1,4 +0,0 @@
-provider "okta" {
-  org_name = "mdr-multipass"
-  base_url = "okta.com"
-}

common/aws/mdr-common-services/004-iam-okta/required_provider.tf

@@ -1,24 +0,0 @@
-# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-      version = "= 3.37.0" # 2021-04-29: upgrade from 2.66
-    }
-    template = {
-      source = "hashicorp/template"
-      version = "= 2.2.0" # 2021-04-29: ugprade from 2.1.0
-    }
-    vault = {
-      source = "hashicorp/vault"
-      version = "= 2.19.1" # 2021-04-29: upgrade from 2.18.0
-    }
-    sensu = {
-      source = "jtopjian/sensu"
-      version = "= 0.10.5"
-    }
-    okta = {
-      source  = "oktadeveloper/okta"
-    }
-  }
-}

common/aws/mdr-common-services/004-iam-okta/terragrunt.hcl

@@ -1,11 +1,27 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/iam-okta?ref=v3.0.1"
+}
+
+# Include all settings from the root terragrunt.hcl file
 include {
   path = find_in_parent_folders()
 }
 
-# ---------------------------------------------------------------------------------------------------------------------
-# Generate a required providers block
-# This module needs to override the root to add okta
-# ---------------------------------------------------------------------------------------------------------------------
 generate "required_providers" {
   path      = "required_provider.tf"
   if_exists = "overwrite_terragrunt"
@@ -16,20 +32,23 @@ terraform {
       source = "hashicorp/aws"
       version = "= 3.59.0" # 2021-09-21: upgrade from 3.37.0
     }
-    vault = {
-      source = "hashicorp/vault"
-      version = "= 2.19.1" # 2021-04-29: upgrade from 2.18.0
-    }
-    sensu = {
-      source = "jtopjian/sensu"
-      version = "= 0.10.5"
-    }
     okta = {
-      source  = "oktadeveloper/okta"
+      source = "okta/okta"
+      version = "= 3.13.13"
     }
   }
 }
 EOF
 }
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}
 terraform_version_constraint = "= 1.0.7"
 terragrunt_version_constraint = "= 0.32.3"

common/aws/mdr-common-services/004-iam-okta/version.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = "~> 0.13"
-}

common/aws/mdr-common-services/004-iam-okta/versions.tf

@@ -1,3 +0,0 @@
-terraform {
-  required_version = ">= 0.13"
-}

common/aws/mdr-common-services/account.hcl

@@ -6,6 +6,7 @@ locals {
   aws_account_id = "471284459109"
   instance_termination_protection = true # set to true for production!
   splunk_prefix = "moose"
+  okta_app = "AWS - Commercial"
 
   account_tags = {
     "Client": local.splunk_prefix