Skip to content

Latest commit

 

History

History
86 lines (74 loc) · 7.87 KB

README.md

File metadata and controls

86 lines (74 loc) · 7.87 KB
Raw

infrastructure

Requirements

Name Version
terraform >=1.3
aws ~> 5.0

Providers

Name Version
aws ~> 5.0
local n/a
null n/a
random n/a

Modules

No modules.

Resources

Name Type
aws_cloudwatch_event_rule.ingestion_sfn_trigger_rule resource
aws_cloudwatch_event_target.ingestion_sfn_trigger resource
aws_db_instance.rds_postgres resource
aws_iam_policy.policy_for_execution_role resource
aws_iam_role.cloudwatch_role resource
aws_iam_role.lambda_execution_role resource
aws_iam_role.sfn_role resource
aws_iam_role_policy.cloudwatch_policy resource
aws_iam_role_policy.sfn_policy resource
aws_iam_role_policy_attachment.LambdaExecutionRolePolicyAttachment resource
aws_lambda_function.ingestion-lambda resource
aws_lambda_function.migration-lambda resource
aws_secretsmanager_secret.rds_master_password resource
aws_secretsmanager_secret_version.rds_master_password resource
aws_security_group.lambda_sg resource
aws_security_group.rds_sg resource
aws_sfn_state_machine.ingestion-step-function resource
null_resource.ingestion_lambda_build resource
null_resource.migration_lambda_build resource
random_password.rds_master_password resource
aws_caller_identity.current data source
aws_iam_policy_document.cloudwatch_assume_role data source
aws_iam_policy_document.cloudwatch_policy_document data source
aws_iam_policy_document.lambda_assume_role data source
aws_iam_policy_document.permissions_for_execution_role data source
aws_iam_policy_document.sf_assume_role data source
aws_iam_policy_document.sfn_policy_document data source
aws_security_group.default data source
aws_subnet.selected data source
aws_subnets.default data source
aws_vpc.selected data source
local_file.ingestion_lambda_build data source
local_file.migration_lambda_build data source

Inputs

Name Description Type Default Required
aws_profile AWS profile to use for authentication string n/a yes
aws_region AWS region where to deploy resources string n/a yes
db_subnet_group_name Name of the RDS subnet group string n/a yes
disable_ingestion_schedule Disable the ingestion schedule bool false no
environment_type Environment type string n/a yes
ingestion_schedule Cron schedule for the CloudWatch Event Rule string "rate(24 hours)" no
permissions_boundary_arn ARN of the permissions boundary to use for the IAM role string n/a yes
project_name Name of the project string "secrets-finder" no
rds_db_name Name of the database to create in the RDS instance string "secrets_finder" no
rds_username Username for the RDS instance string "secrets_finder" no
s3_bucket_name Name of the S3 bucket to create string n/a yes
subnet_name Name of the subnet where to deploy the resources (wildcards are allowed: first match is used) string n/a yes
tags A map of tags to add to the resources map(string) n/a yes
vpc_name Identifier of the VPC to use for secrets-finder string n/a yes

Outputs

Name Description
rds_pg_endpoint n/a