Merge pull request #77 from mdr-engineering/feature/ftd_MSOCI-1442_FixAccountVars

Simplifies, differentiates, and consolidates the VPC Variables

000-skeleton/010-vpc-splunk/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    Purpose = "Splunk VPC"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

000-skeleton/account.hcl

@@ -11,7 +11,13 @@ locals {
   c2_account_standards_path = "../../mdr-TODO-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "TODO/TODO"
+  vpc_info = { 
+    "vpc-splunk" = {
+       "name" = "vpc-splunk",
+       "purpose" = "Splunk Systems",
+       "cidr" = "TODO"
+    }
+  } 
 
   # For testing
   create_test_instance = false

common/aws-us-gov/afs-mdr-common-services-gov/015-security-vpc/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.5.10"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,8 +26,8 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-security"]
   tags = {
-    Purpose = "Security VPC"
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

common/aws-us-gov/afs-mdr-common-services-gov/account.hcl

@@ -10,15 +10,18 @@ locals {
   c2_account_standards_path = "../../../../prod/aws-us-gov/mdr-prod-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.1.132.0/22"
+  vpc_info = {
+    "vpc-security" = {
+      "name" = "vpc-security",
+      "purpose" = "Palo altos, can probably be removed.",
+      "cidr" = "10.1.128.0/22"
+    }
+  }
 
   # For testing
   create_test_instance = false
   test_instance_key_name = "TODO" # The key with which to provision the test instance
 
-  # Account Specific Module Variables
-  security_vpc_cidr = "10.1.128.0/22"
-
   # Panorama / Palo Alto information
   panorama_serial_numbers = [
     "000702891433",

common/aws/mdr-common-services/015-security-vpc/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.5.10"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,8 +26,8 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-security"]
   tags = {
-    Purpose = "Security VPC"
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

common/aws/mdr-common-services/account.hcl

@@ -10,7 +10,13 @@ locals {
   c2_account_standards_path = "../../../../prod/aws/mdr-prod-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.1.1.0/22"
+  vpc_info = {
+    "vpc-security" = {
+      "name" = "vpc-security",
+      "purpose" = "created for palo altos, can probably be removed.",
+      "cidr" = "10.1.0.0/22",
+    }
+  }
 
   #####################################
   # DNS Zones
@@ -40,9 +46,6 @@ locals {
   create_test_instance = false
   test_instance_key_name = "fdamstra" # The key with which to provision the test instance
 
-#  # Account Specific Module Variables
-  security_vpc_cidr = "10.1.0.0/22"
-
 # Palo Alto moved to govcloud
 #  panorama_count = 2 # We need a second serial number for 2
 #  #panorama_instance_type = "m5.2xlarge"

prod/aws-us-gov/mdr-prod-c2/010-vpc-access/terragrunt.hcl

@@ -0,0 +1,39 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-access"]
+  tags = {
+    #Purpose # grabbed from vpc_info
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/010-vpc-portal/terragrunt.hcl

@@ -0,0 +1,39 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-portal"]
+  tags = {
+    #Purpose # grabbed from vpc_info
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/010-vpc-private-services/terragrunt.hcl

@@ -0,0 +1,39 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-private-services"]
+  tags = {
+    #Purpose # grabbed from vpc_info
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/010-vpc-public/terragrunt.hcl

@@ -0,0 +1,39 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-public"]
+  tags = {
+    #Purpose # grabbed from vpc_info
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/010-vpc-splunk/terragrunt.hcl

@@ -0,0 +1,39 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
+  tags = {
+    #Purpose # grabbed from vpc_info
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/010-vpc-system-services/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    Purpose = "Standard VPC"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/015-security-vpc-interconnects/terragrunt.hcl

@@ -0,0 +1,33 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-interconnects"]
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

prod/aws-us-gov/mdr-prod-c2/account.hcl

@@ -12,10 +12,47 @@ locals {
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
   standard_vpc_cidr = "10.40.0.0/22"
 
-  vpc_cidrs = {
-    "standard_vpc" = "10.40.0.0/22",
-    "qualys_vpc" = "10.40.12.0/22",
-    "security_vpc" = "10.179.0.0/22"
+  vpc_info = {
+    "vpc-splunk" = {
+      "name" = "vpc-splunk"
+      "purpose" = "Splunk Systems (MOOSE)"
+      "cidr" = "10.20.16.0/22"
+    },
+    "vpc-system-services" = {
+      "name" = "vpc-system-services",
+      "purpose" = "Internal Services for Systems",
+      "cidr" = "10.40.0.0/22",
+    },
+    "vpc-qualys" = {
+      "name" = "vpc-qualys",
+      "purpose" = "Security Scanning",
+      "cidr" = "10.40.12.0/22"
+    },
+    "vpc-interconnects" = {
+      "name" = "vpc-interconnects",
+      "purpose" = "Interconnections between AWS partitions",
+      "cidr" = "10.179.0.0/22"
+    },
+    "vpc-access" = {
+      "name" = "vpc-access"
+      "purpose" = "Systems providing restricted access, such as bastions and vpn concentrators"
+      "cidr" = "10.40.20.0/22"
+    },
+    "vpc-portal" = {
+      "name" = "vpc-portal"
+      "purpose" = "The Customer Portal"
+      "cidr" = "10.40.32.0/24"
+    },
+    "vpc-public" = {
+      "name" = "vpc-public"
+      "purpose" = "Publicly Accessible Infrastructure Services, such as GHE and Jira"
+      "cidr" = "10.40.24.0/22"
+    },
+    "vpc-private-services" = {
+      "name" = "vpc-private-services"
+      "purpose" = "Private XDR Services for XDR users"
+      "cidr" = "10.40.28.0/22"
+    },
   }
 
   # DNS Resolver

prod/aws/legacy-mdr-prod/account.hcl

@@ -10,7 +10,7 @@ locals {
   c2_account_standards_path = "../../mdr-prod-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "TODO"
+  vpc_info = { } # TODO
 
   # For testing
   create_test_instance = false

prod/aws/mdr-prod-c2/010-vpc-system-services/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    Purpose = "Standard VPC"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws/mdr-prod-c2/account.hcl

@@ -10,12 +10,22 @@ locals {
   c2_account_standards_path = "../../mdr-prod-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.32.0.0/22"
-
-  vpc_cidrs = {
-    "standard_vpc" = "10.32.0.0/22",
-    "qualys_vpc" = "10.32.12.0/22",
-    "security_vpc" = "10.179.4.0/22"
+  vpc_info = {
+    "vpc-system-services" = {
+      "name" = "vpc-system-services",
+      "purpose" = "Internal Services for Systems",
+      "cidr" = "10.32.0.0/22",
+    },
+    "vpc-qualys" = {
+      "name" = "vpc-qualys",
+      "purpose" = "Security Scanning",
+      "cidr" = "10.32.12.0/22",
+    },
+    "vpc-security" = {
+      "name" = "vpc-interconnects",
+      "purpose" = "Interconnections between AWS partitions",
+      "cidr" = "10.179.4.0/22",
+    }
   }
 
   # DNS Resolver

prod/aws-us-gov/mdr-prod-c2/015-security-vpc/terragrunt.hcl → test/aws-us-gov/mdr-test-c2/010-vpc-access/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.5.10"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,8 +26,8 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-access"]
   tags = {
-    Purpose = "Security VPC"
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-c2/015-security-vpc/terragrunt.hcl → test/aws-us-gov/mdr-test-c2/010-vpc-portal/terragrunt.hcl

@@ -13,7 +13,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.6.2"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,8 +26,8 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-portal"]
   tags = {
-    Purpose = "Security VPC"
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-c2/010-vpc-private-services/terragrunt.hcl

@@ -0,0 +1,33 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-private-services"]
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

test/aws-us-gov/mdr-test-c2/010-vpc-public/terragrunt.hcl

@@ -0,0 +1,33 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-public"]
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

test/aws-us-gov/mdr-test-c2/010-vpc-splunk/terragrunt.hcl

@@ -0,0 +1,33 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

test/aws-us-gov/mdr-test-c2/010-vpc-system-services/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    Purpose = "VPC for Services Provided to Internal Systems"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-c2/015-security-vpc-interconnects/terragrunt.hcl

@@ -0,0 +1,33 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/security_vpc?ref=v0.8.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  vpc_info = local.account_vars.locals.vpc_info["vpc-interconnects"]
+  tags = {
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+}

test/aws-us-gov/mdr-test-c2/030-qualys-vpc/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/qualys_scanners?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/qualys_scanners?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "qualys_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.vpc_cidrs["qualys_vpc"]
+  name = "${ local.account_vars.locals.vpc_info["vpc-qualys"]["name"] }-${local.account_vars.locals.account_name}"
+  cidr = local.account_vars.locals.vpc_info["vpc-qualys"]["cidr"]
   tags = {
-    Purpose = "Qualys Scanner VPC"
+    Purpose = local.account_vars.locals.vpc_info["vpc-qualys"]["purpose"]
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 

test/aws-us-gov/mdr-test-c2/account.hcl

@@ -10,12 +10,47 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.20.0.0/22"
-
-  vpc_cidrs = {
-    "standard_vpc" = "10.20.0.0/22",
-    "qualys_vpc" = "10.20.12.0/22",
-    "security_vpc" = "10.179.128.0/22"
+  vpc_info = {
+    "vpc-splunk" = {
+      "name" = "vpc-splunk"
+      "purpose" = "Splunk Systems (MOOSE)"
+      "cidr" = "10.20.16.0/22"
+    },
+    "vpc-system-services" = {
+      "name" = "vpc-system-services",
+      "purpose" = "Internal Services for Systems (not people)",
+      "cidr" = "10.20.0.0/22",
+    },
+    "vpc-qualys" = {
+      "name" = "vpc-qualys",
+      "purpose" = "Security Scanning",
+      "cidr" = "10.20.12.0/22",
+    },
+    "vpc-interconnects" = {
+      "name" = "vpc-interconnects",
+      "purpose" = "Interconnections between AWS partitions",
+      "cidr" = "10.179.128.0/22",
+    },
+    "vpc-access" = {
+      "name" = "vpc-access"
+      "purpose" = "Systems providing restricted access, such as bastions and vpn concentrators"
+      "cidr" = "10.20.20.0/22"
+    },
+    "vpc-portal" = {
+      "name" = "vpc-portal"
+      "purpose" = "The Customer Portal"
+      "cidr" = "10.20.32.0/24"
+    },
+    "vpc-public" = {
+      "name" = "vpc-public"
+      "purpose" = "Publicly Accessible Infrastructure Services, such as GHE and Jira"
+      "cidr" = "10.20.24.0/22"
+    },
+    "vpc-private-services" = {
+      "name" = "vpc-private-services"
+      "purpose" = "Private XDR Services for XDR users"
+      "cidr" = "10.20.28.0/22"
+    },
   }
 
   # DNS Resolver
@@ -32,8 +67,6 @@ locals {
   # AS Number used for various resources, but not every account needs one.
   asn = 64710 # changing this replaces the gateway
 
-  security_vpc_cidr = "10.179.128.0/22"
-
   # Interconnects
   interconnect_asn = 64777
   interconnects_instance_type = "t3a.micro"

test/aws-us-gov/mdr-test-malware/010-vpc-vmray/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-vmray"]
   tags = {
-    Purpose = "VPC for Malware Detonation via VMRay"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-malware/account.hcl

@@ -10,7 +10,13 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.20.4.0/22"
+  vpc_info = {
+    "vpc-vmray" = {
+      "name" = "vpc-vmray",
+      "purpose" = "Malware detonation",
+      "cidr" = "10.20.4.0/22",
+    }
+  }
 
   # For testing
   create_test_instance = false

test/aws-us-gov/mdr-test-modelclient/010-vpc-splunk/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    Purpose = "Splunk VPC"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-modelclient/account.hcl

@@ -10,7 +10,13 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.20.8.0/22"
+  vpc_info = {
+    "vpc-splunk" = {
+      "name" = "vpc-splunk",
+      "purpose" = "Splunk Systems",
+      "cidr" = "10.20.8.0/22",
+    }
+  }
 
   # For testing
   create_test_instance = false

test/aws/legacy-mdr-test/account.hcl

@@ -10,7 +10,7 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "TODO"
+  vpc_info = {} # "TODO"
 
   # For testing
   create_test_instance = false

test/aws/mdr-test-c2/010-vpc-system-services/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    Purpose = "VPC for Services Provided to Internal Systems"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws/mdr-test-c2/account.hcl

@@ -10,7 +10,13 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.16.0.0/22"
+  vpc_info = {
+    "vpc-system-services" = {
+      "name" = "vpc-system-services",
+      "purpose" = "Internal Services for Systems",
+      "cidr" = "10.16.0.0/22",
+    }
+  }
 
   # DNS Resolver
   resolver_instance_type = "t3a.micro"

test/aws/mdr-test-modelclient/010-vpc-splunk/terragrunt.hcl

@@ -18,7 +18,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.7.3"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,10 +31,9 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
-  name = "vpc_primary_${local.account_vars.locals.account_name}"
-  cidr = local.account_vars.locals.standard_vpc_cidr
+  vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    Purpose = "Splunk VPC"
+    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws/mdr-test-modelclient/account.hcl

@@ -9,7 +9,13 @@ locals {
   c2_account_standards_path = "../../mdr-test-c2/005-account-standards-c2"
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
-  standard_vpc_cidr = "10.16.8.0/22"
+  vpc_info = {
+    "vpc-splunk" = {
+      name = "vpc-splunk",
+      purpose = "Splunk Systems",
+      cidr = "10.16.8.0/22",
+    }
+  }
 
   # For testing
   create_test_instance = false