AFS
/
xdr-terraform-modules


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
							resource "aws_placement_group" "interconnects" {
  # Distribute them
  name     = "interconnects"
  strategy = "spread"
}

resource "aws_network_interface" "interconnects" {
  count = var.interconnects_count
  subnet_id = var.subnet_id_map["untrusted"][count.index % 2]
  security_groups = [ aws_security_group.interconnects_sg.id ]
  source_dest_check = false
  private_ips_count = 0
  description = "XDR Interconnect ${count.index}"
  tags = {
    Name = "interconnect-${count.index}"
  }
}

resource "aws_eip" "interconnects" {
  count = var.interconnects_count
  vpc = true
  tags = {
    Name = "interconnect-${count.index}"
  }
}

resource "aws_eip_association" "interconnects" {
  count = var.interconnects_count
  network_interface_id = aws_network_interface.interconnects[count.index].id
  allocation_id = aws_eip.interconnects[count.index].id
}

output "ami" {
  value = var.default_ami
}

resource "aws_instance" "interconnects" {
  count = var.interconnects_count
  availability_zone = var.azs[count.index % 2]
  placement_group = aws_placement_group.interconnects.id
  tenancy = "default"
  ebs_optimized = true
  disable_api_termination = var.instance_termination_protection
  instance_initiated_shutdown_behavior = "stop"
  instance_type = var.interconnects_instance_type
  key_name = var.interconnects_key_name
  monitoring = false

  ami = var.default_ami
  lifecycle { ignore_changes = [ ami, key_name, user_data ] }

  tags = merge(
    var.standard_tags,
    var.tags,
    { 
      Name = "interconnect-${count.index}"
    }
  )

  root_block_device {
      volume_type = "gp2"
      #volume_size = "60"
      delete_on_termination = true
  }

  network_interface {
    device_index = 0
    network_interface_id = aws_network_interface.interconnects[count.index].id
  }

  user_data = data.template_cloudinit_config.cloud-init[count.index].rendered
  iam_instance_profile = "msoc-default-instance-profile"

  #lifecycle {
    # This might allow us to update/replace easier?
    #create_before_destroy = true
  #}
}

# DNS Records don't support count yet! Time to migrate to 0.13 beta!
# Seriously, though, if we change the count, we will have to change
# this module, _if_ we want DNS entries.
module "private_dns_record_0" {
  source = "../../submodules/dns/private_A_record"

  name = "interconnect-0"
  ip_addresses = [ aws_instance.interconnects[0].private_ip ]
  dns_info = var.dns_info
  
  providers = {
    aws.c2 = aws.c2
  }
}

module "private_dns_record_1" {
  source = "../../submodules/dns/private_A_record"

  name = "interconnect-1"
  ip_addresses = [ aws_instance.interconnects[1].private_ip ]
  dns_info = var.dns_info
  
  providers = {
    aws.c2 = aws.c2
  }
}

module "public_dns_record_0" {
  source = "../../submodules/dns/public_A_record"

  name = "interconnect-0"
  ip_addresses = [ aws_eip.interconnects[0].public_ip ]
  dns_info = var.dns_info

  providers = {
    aws.mdr-common-services-commercial = aws.mdr-common-services-commercial
  }
}

module "public_dns_record_1" {
  source = "../../submodules/dns/public_A_record"

  name = "interconnect-1"
  ip_addresses = [ aws_eip.interconnects[1].public_ip ]
  dns_info = var.dns_info

  providers = {
    aws.mdr-common-services-commercial = aws.mdr-common-services-commercial
  }
}