the example now works end to end

apolloakora · apolloakora · commit f21094aa2a9c · 2019-09-19T15:15:25.000+01:00
diff --git a/README.md b/README.md
@@ -69,9 +69,6 @@ This AWS PostgreSQL database terraform module requires these input variables.
 
 Most organisations have a mandatory set of tags that must be placed on AWS resources for cost and billing reports. Typically they denote owners and specify whether environments are prod or non-prod.
 
-
-Additionally you can denote 
-
 | Input Variable    | Variable Description | Input Example
 |:----------------- |:-------------------- |:----- |
 **`in_ecosystem`** | the ecosystem (environment) name these resources belong to | **`my-app-test`** or **`kubernetes-cluster`**
diff --git a/example/postgres.example-main.tf b/example/postgres.example-main.tf
@@ -1,35 +1,7 @@
 
-/*
- | -- #### ######################## ####
- | -- #### AWS Cloud Authentication ####
- | -- #### ######################## ####
- | --
- | -- This role arn prompts terraform to assume the role specified. Now
- | -- credentials will be sought from the environment when running within
- | -- local surrounds like (on a laptop), however when on an EC2 server
- | -- or within an ECS cluster the environment already has the role.
- | --
-*/
-variable in_role_arn {
-    description = "The Role ARN to use when we assume role to implement the provisioning."
-}
-
-provider aws {
-    assume_role {
-        role_arn = var.in_role_arn
-    }
-}
-
-locals {
-    ecosystem_name = "integration"
-    fresh_db_name  = "brandnewbox"
-    clone_db_name  = "copycatbox"
-}
-
-
-variable in_id_of_db_to_clone {
-    description = "The ID of mummy database to clone from."
-}
+### ############################ ###
+### Example RDS Postgres Outputs ###
+### ############################ ###
 
 output out_fresh_database_hostname { value = module.fresh_db.out_fresh_db_hostname }
 output out_fresh_database_endpoint { value = module.fresh_db.out_fresh_db_endpoint }
@@ -53,8 +25,8 @@ module fresh_db {
     in_database_name     = local.fresh_db_name
 
     in_ecosystem  = local.ecosystem_name
-    in_timestamp   = module.resource-tags.out_tag_timestamp
-    in_description = module.resource-tags.out_tag_description
+    in_timestamp   = local.timestamp
+    in_description = local.description
 }
 
 
@@ -70,21 +42,23 @@ module clone_db {
     in_database_name = local.clone_db_name
 
     in_ecosystem  = local.ecosystem_name
-    in_timestamp   = module.resource-tags.out_tag_timestamp
-    in_description = module.resource-tags.out_tag_description
+    in_timestamp   = local.timestamp
+    in_description = local.description
 }
 
 
 module vpc-network {
 
-    source                 = "github.com/devops4me/terraform-aws-vpc-network"
+    source                 = "devops4me/vpc-network/aws"
+    version                = "1.0.2"
+
     in_vpc_cidr            = "10.81.0.0/16"
     in_num_public_subnets  = 3
     in_num_private_subnets = 3
 
     in_ecosystem  = local.ecosystem_name
-    in_timestamp   = module.resource-tags.out_tag_timestamp
-    in_description = module.resource-tags.out_tag_description
+    in_timestamp   = local.timestamp
+    in_description = local.description
 }
 
 
@@ -94,14 +68,67 @@ module security-group {
     in_ingress     = [ "postgres" ]
     in_vpc_id      = module.vpc-network.out_vpc_id
 
-    in_ecosystem  = local.ecosystem_name
-    in_timestamp   = module.resource-tags.out_tag_timestamp
-    in_description = module.resource-tags.out_tag_description
+    in_ecosystem_name  = local.ecosystem_name
+    in_tag_timestamp   = local.timestamp
+    in_tag_description = local.description
 }
 
 
-module resource-tags {
+locals {
+    fresh_db_name  = "brandnewdb"
+    clone_db_name  = "snapshotdb"
+}
 
-    source = "github.com/devops4me/terraform-aws-resource-tags"
 
+variable in_id_of_db_to_clone {
+    description = "The ID of mummy database to clone from."
+}
+
+
+
+/*
+ | --
+ | -- If you are using an IAM role as the AWS access mechanism then
+ | -- pass it as in_role_arn commonly through an environment variable
+ | -- named TF_VAR_in_role_arn in addition to the usual AWS access
+ | -- key, secret key and default region parameters.
+ | --
+ | -- Individuals and small businesses without hundreds of AWS accounts
+ | -- can omit the in_role_arn variable. and thanks to dynamic assignment
+ | --
+*/
+provider aws {
+    dynamic assume_role {
+        for_each = length( var.in_role_arn ) > 0 ? [ var.in_role_arn ] : [] 
+        content {
+            role_arn = assume_role.value
+	}
+    }
+}
+
+variable in_role_arn {
+    description = "The Role ARN to use when we assume role to implement the provisioning."
+    default = ""
+}
+
+
+/*
+ | --
+ | -- ### ############# ###
+ | -- ### Resource Tags ###
+ | -- ### ############# ###
+ | --
+ | -- Terraform will tag every significant resource allowing you to report and collate
+ | --
+ | --   [1] - all infrastructure in all environments dedicated to your app (ecosystem_name)
+ | --   [2] - the infrastructure dedicated to this environment instance (timestamp)
+ | --
+ | -- The human readable description reveals the when, where and what of the infrastructure.
+ | --
+*/
+locals {
+    ecosystem_name = "dbstack"
+    timestamp = formatdate( "YYMMDDhhmmss", timestamp() )
+    date_time = formatdate( "EEEE DD-MMM-YY hh:mm:ss ZZZ", timestamp() )
+    description = "was created by me on ${ local.date_time }."
 }
