[MSOCI-1334] Qualys Scanners in Gov-Test-C2

test/aws-us-gov/mdr-test-c2/030-qualys-vpc/README.md

@@ -0,0 +1,2 @@
+# Qualys VPC and Scanner(s)
+

test/aws-us-gov/mdr-test-c2/030-qualys-vpc/terragrunt.hcl

@@ -0,0 +1,45 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+
+  # Extract out common variables for reuse
+  #env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/qualys_scanners?ref=v0.5.4"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  name = "qualys_${local.account_vars.locals.account_name}"
+  cidr = local.account_vars.locals.vpc_cidrs["qualys_vpc"]
+  tags = {
+    Purpose = "Qualys Scanner VPC"
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+
+  personalization_codes = {
+    standard = "21009597903247"
+    preauthorized = "21005906078774"
+  }
+}

test/aws-us-gov/mdr-test-c2/031-attach-qualys-vpc-to-transit-gateway/README.md

@@ -0,0 +1,5 @@
+# Attaches this account's Qualys VPCs to the transit gateway, but for the HUB account.
+
+You can reuse this module to attach additional VPCs by updating
+either the dependencies or the inputs, as appropriate.
+

test/aws-us-gov/mdr-test-c2/031-attach-qualys-vpc-to-transit-gateway/terragrunt.hcl

@@ -0,0 +1,49 @@
+locals {
+  # If you want to use any of the variables in _this_ file, you have to load them here.
+  # However, they will all be available as inputs to the module loaded in terraform.source
+  # below.
+
+  # e.g. inherited variables:
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
+}
+
+dependency "target_vpc" {
+  config_path = "../030-qualys-vpc"
+}
+
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  # Double slash is intentional and required to show root of modules
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/transit_gateway_client?ref=v0.5.4"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders()
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt source above
+inputs = {
+  # All of the inputs from the inherited hcl files are available automatically
+  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
+  # will be more flexible if you specify particular input values.
+  tags = {
+    Name = "${local.partition_vars.locals.aws_partition_alias}-${local.environment_vars.locals.environment}"
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
+  }
+  accept_invitation = false # Should only be true for the first one
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
+  vpc_id = dependency.target_vpc.outputs.vpc_id
+  subnets = dependency.target_vpc.outputs.private_subnets
+  route_tables = concat(dependency.target_vpc.outputs.private_route_tables, dependency.target_vpc.outputs.public_route_tables)
+}

test/aws-us-gov/mdr-test-c2/account.hcl

@@ -12,6 +12,12 @@ locals {
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
   standard_vpc_cidr = "10.20.0.0/22"
 
+  vpc_cidrs = {
+    "standard_vpc" = "10.20.0.0/22",
+    "qualys_vpc" = "10.20.12.0/22",
+    "security_vpc" = "10.179.128.0/22"
+  }
+
   # For testing
   create_test_instance = false
   test_instance_key_name = "fdamstra" # They with which to provision the test instance