AFS
/
xdr-terraform-live


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394
							# Set account-wide variables. These are automatically pulled in to configure the remote state bucket in the root
# terragrunt.hcl configuration.
locals {
  account_name   = "legacy-mdr-prod"
  account_alias  = "" # No alias for legacy accounts
  aws_account_id = "477548533976"
  instance_termination_protection = true
  splunk_prefix = "moose"

  account_tags = {
    "Client": local.splunk_prefix
  }
  c2_account_standards_path = "../../mdr-prod-c2/005-account-standards-c2"

  # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
  vpc_info = { } # TODO

  # Instance Configuration
  instance_types = {
    "jira-rds" = "db.t3.medium",  # legacy: db.t2.medium
  }
  jira_rds_storage = 50

  aws_waf_logs_hec_token = "FA38B8DD-1398-46D0-BD79-BA046C6064B0"
  portal_data_sync_hec_token = "eb79bb2d-b27d-455d-bc5c-e8cf3165b294"

  # Legacy accounts have some extra key users
  is_legacy = true
  extra_ebs_key_admins = [
    "arn:aws:iam::477548533976:root",
    "arn:aws:iam::477548533976:role/mdr_iam_admins",
    "arn:aws:iam::477548533976:role/mdr_powerusers"
  ]
  extra_ebs_key_users  = [
    "arn:aws:iam::477548533976:role/mdr_powerusers",
    "arn:aws:iam::477548533976:role/msoc-default-instance-role",
    "arn:aws:iam::477548533976:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling",
#    "arn:aws:iam::477548533976:role/portal-instance-role",
    "arn:aws:iam::477548533976:role/mdr_iam_admins"
  ]
  extra_ebs_key_attachers = [
    "arn:aws:iam::477548533976:role/mdr_powerusers",
    "arn:aws:iam::477548533976:role/msoc-default-instance-role",
    "arn:aws:iam::477548533976:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling",
#    "arn:aws:iam::477548533976:role/portal-instance-role",
  ]

  # Legacy information 
  # legacy_vpc information is required to connect the VPCs to the transit gateway.
  legacy_vpcs = {
    afs = {
      id = "vpc-03f17331ab2b493f5",
      private_subnets = [ "subnet-0007c218c485f3d0f", "subnet-0346f2ee70d39a142", "subnet-0c0368b6e268834c3" ]
      public_subnets  = [ "subnet-076eb05d9bc9a8a20", "subnet-07f7725107205e7dd", "subnet-09a74633747a9ef6c" ]
      private_route_tables = [ "rtb-0352c8ce520de1d61", "rtb-0b339f3969ce017ba", "rtb-0d31e13b39ef8e2a2" ]
      public_route_tables  = [ "rtb-0b89de1eb2618f940" ]
    }
    dc-c19 = {
      id = "vpc-09319e71920e6eceb",
      private_subnets = [ "subnet-02f67ef6891e1cf03", "subnet-05dca9dc7daec7f55", "subnet-09e153213a1574574" ]
      public_subnets  = [ "subnet-0f0081c667e8f7692", "subnet-0730266c5fde7e4d1", "subnet-0ec26dace38052008" ]
      private_route_tables = [ "rtb-01c736a552f8bceca", "rtb-01c50d290882d7c3a", "rtb-0b73afea1f62061d2" ]
      public_route_tables  = [ "rtb-00741cf8fb5e29ae4" ]
    }
    la-c19 = {
      id = "vpc-09cd6c187c2edc2f6",
      private_subnets = [ "subnet-0987546fd6690acd0", "subnet-0da0bf814d20f28de", "subnet-045cbc297915ecc1a" ]
      public_subnets  = [ "subnet-0b08ebaf3dde344c8", "subnet-0126b9793b9518a4f", "subnet-0f34803c0a61b98fd" ]
      private_route_tables = [ "rtb-0b20adc9d4996e25f", "rtb-0744d3253991f357b", "rtb-088fb78039b870da0" ]
      public_route_tables  = [ "rtb-076a0ecf5dd7a71f2" ]
    }
    ma-c19 = {
      id = "vpc-01edd85069b6b3715",
      private_subnets = [ "subnet-054507f8e3a49aac4", "subnet-0e926f86ff242b1e3", "subnet-013cf369199d22c25" ]
      public_subnets  = [ "subnet-0383d7430aa9898cc", "subnet-0a01bd202760aac9c", "subnet-03c8394da2648fc3f" ]
      private_route_tables = [ "rtb-029cd593f6b397ac3", "rtb-0484bd5b7b0c1bb2a", "rtb-07214c4a8693b813a" ]
      public_route_tables  = [ "rtb-0ff55720f7142c022" ]
    }
    main_infrastructure = {
      id = "vpc-0b676c4efd7fad548",
      private_subnets = [ "subnet-04234672a4720a7ab", "subnet-0ff1d78804cbcbf3c", "subnet-0294e3b191e651e48" ]
      public_subnets  = [ "subnet-0be578dbe9818a0f3", "subnet-0faeebd324c47a670", "subnet-0cc124793a04f3382" ]
      private_route_tables = [ "rtb-0a45aa54a80e89c48", "rtb-08ff0d423f57fbf0c", "rtb-0481035a575c11af7" ]
      public_route_tables  = [ "rtb-09c2e1f7572807386" ]
    }
    nga = {
      id = "vpc-05e0cf38982e048db",
      private_subnets = [ "subnet-0065a8d0e2e3e3fe2", "subnet-04e8ba3db254147b2", "subnet-077dd32d6e0f86218" ]
      public_subnets  = [ "subnet-0f022b1ebf155d1f9", "subnet-07ca3ac05830b104d", "subnet-0a2384bce743cf303" ]
      private_route_tables = [ "rtb-03b6ef5d5b2b0a490", "rtb-0898516d5a7e7a091", "rtb-09922a5baece66a32" ]
      public_route_tables  = [ "rtb-084bab4d4acc400fc" ]
    }
  }
}