First commit (#1)

* Adding simple tests and example

* Adding description to outputs

* Adding index to outputs

* Cleanup and add tests

* Addign docs

* changing variables

* Auto Format

* Update README.yaml

Co-authored-by: Andriy Knysh <[email protected]>

* Update examples/complete/outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update providers.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Changing README

* deleting providers

* Update test/src/examples_complete_test.go

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update test/src/go.mod

Co-authored-by: Andriy Knysh <[email protected]>

* Update test/src/examples_complete_test.go

Co-authored-by: Andriy Knysh <[email protected]>

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Adding empty lines

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Adding empty lines

* Auto Format

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Addressing feedback

* Addressing feedback

* Auto Format

* Addressing feedback

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update README.yaml

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update README.yaml

Co-authored-by: Andriy Knysh <[email protected]>

* Update README.yaml

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Fixing logic

* Auto Format

* more Readme fixes

* fixing typo in variables

* Auto Format

* Move ssm log bucket to its own file and add logic for custom policy etc

* Auto Format

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* fmt

* more readme changes

* Auto Format

* Cleanup

* Addressing feedback

* Auto Format

* Update examples/complete/outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update main.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Update variables.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Auto Format

* Update outputs.tf

Co-authored-by: Andriy Knysh <[email protected]>

* Addressing feedback

* Auto Format

* Auto Format

* Fix tests

* Fixing duplicated output

* fixing variable names, adding more test

* Auto Format

* Fixing providers

* Fixing duplicated resource policy

* Auto Format

* Fixing tests and bucket logix

* Auto Format

* Adding missing provider

* fixing policy for 0.13

* NOPE removing - fixing policy for 0.13

* fixing policy dependency

* Auto Format

* fixing policy dependency

* Auto Format

* Trigger validate-codeowners

* Trigger validate-codeowners

* Trigger validate-codeowners

* Fixing tests

* Auto Format

* Delete .terraform.lock.hcl

* Fixing tests

Co-authored-by: cloudpossebot <[email protected]>
Co-authored-by: Andriy Knysh <[email protected]>

README.yaml

@@ -5,7 +5,7 @@
 #
 
 # Name of this project
-name: terraform-example-module
+name: terraform-aws-ssm-patch-manager
 
 # Logo for this project
 #logo: docs/logo.png
@@ -17,16 +17,16 @@ license: "APACHE2"
 copyrights:
   - name: "Cloud Posse, LLC"
     url: "https://cloudposse.com"
-    year: "2020"
+    year: "2021"
 
 # Canonical GitHub repo
-github_repo: cloudposse/terraform-example-module
+github_repo: cloudposse/terraform-aws-ssm-patch-manager
 
 # Badges to display
 badges:
   - name: "Latest Release"
-    image: "https://img.shields.io/github/release/cloudposse/terraform-example-module.svg"
-    url: "https://github.com/cloudposse/terraform-example-module/releases/latest"
+    image: "https://img.shields.io/github/release/cloudposse/terraform-aws-ssm-patch-manager.svg"
+    url: "https://github.com/cloudposse/terraform-aws-ssm-patch-manager/releases/latest"
   - name: "Slack Community"
     image: "https://slack.cloudposse.com/badge.svg"
     url: "https://slack.cloudposse.com"
@@ -57,31 +57,33 @@ references:
 
 # Short description of this project
 description: |-
-  This is `terraform-example-module` project provides all the scaffolding for a typical well-built Cloud Posse module. It's a template repository you can
-  use when creating new repositories.
+  This module provisions AWS SSM Patch manager maintenance window tasks, targets, patch baselines and patch groups and an s3 bucket for storing patch task logs.
 
 # Introduction to the project
-#introduction: |-
-#  This is an introduction.
+introduction: |-
+  ## Acknowledgements
+    This module was heavily inspired by @jparnaudeau module
+    https://github.com/jparnaudeau/terraform-aws-ssm-patch-management
 
 # How to use this module. Should be an easy example to copy and paste.
 usage: |-
   For a complete example, see [examples/complete](examples/complete).
-  
+
   For automated tests of the complete example using [bats](https://github.com/bats-core/bats-core) and [Terratest](https://github.com/gruntwork-io/terratest)
   (which tests and deploys the example on AWS), see [test](test).
 
   ```hcl
-  module "example" {
-    source = "https://github.com/cloudposse/terraform-example-module.git?ref=master"
-    example = "Hello world!"
+  module "ssm_patch_manager" {
+    source  = "cloudposse/xxxxx/aws"
+    version = "xxxx"
+    name = "test"
   }
   ```
 
 # Example usage
 examples: |-
   Here is an example of using this module:
-  - [`examples/complete`](https://github.com/cloudposse/terraform-example-module/) - complete example of using this module
+  - [`examples/complete`](https://github.com/cloudposse/terraform-aws-ssm-patch-manager/) - complete example of using this module
 
 # How to get started quickly
 #quickstart: |-
@@ -94,5 +96,5 @@ include:
 
 # Contributors to this project
 contributors:
-  - name: "Erik Osterman"
-    github: "osterman"
+  - name: "PePe Amengual"
+    github: "jamengual"

examples/complete/fixtures.us-east-2.tfvars

@@ -6,5 +6,5 @@ environment = "ue2"
 
 stage = "test"
 
-name = "example"
+name = "ssm-patch"
 

examples/complete/main.tf

@@ -1,7 +1,52 @@
-module "example" {
-  source = "../.."
+module "vpc" {
+  source  = "cloudposse/vpc/aws"
+  version = "0.25.0"
 
-  example = var.example
+  cidr_block = "172.16.0.0/16"
 
   context = module.this.context
 }
+
+module "subnets" {
+  source  = "cloudposse/dynamic-subnets/aws"
+  version = "0.39.3"
+
+  availability_zones   = ["us-east-2a", "us-east-2b"]
+  vpc_id               = module.vpc.vpc_id
+  igw_id               = module.vpc.igw_id
+  cidr_block           = module.vpc.vpc_cidr_block
+  nat_gateway_enabled  = true
+  nat_instance_enabled = false
+
+  context = module.this.context
+}
+
+module "ec2_instance" {
+  source  = "cloudposse/ec2-instance/aws"
+  version = "0.38.0"
+
+  vpc_id          = module.vpc.vpc_id
+  subnet          = module.subnets.private_subnet_ids[0]
+  security_groups = [module.vpc.vpc_default_security_group_id]
+  ami             = "ami-009b28ad8707b9ee8"
+  ami_owner       = "amazon"
+  ssh_key_pair    = ""
+
+  # Enabling SSM Patch manager policy, access to the log bucket and the additional tags
+  ssm_patch_manager_enabled       = true
+  ssm_patch_manager_s3_log_bucket = format("%s-%s-%s-%s", module.this.namespace, module.this.environment, module.this.stage, module.this.name)
+
+  tags = {
+    "TOSCAN"  = "true",
+    "TOPATCH" = "true"
+  }
+  context = module.this.context
+
+}
+
+module "ssm_patch_manager" {
+  source = "../.."
+  region = var.region
+
+  context = module.this.context
+}

examples/complete/outputs.tf

@@ -1,14 +1,49 @@
-output "id" {
-  description = "ID of the created example"
-  value       = module.example.id
+output "ssm_patch_log_s3_bucket_id" {
+  description = "SSM Patch Manager s3 log bucket ID"
+  value       = module.ssm_patch_manager.ssm_patch_log_s3_bucket_id
 }
 
-output "example" {
-  description = "Output \"example\" from example module"
-  value       = module.example.example
+output "ssm_patch_log_s3_bucket_arn" {
+  description = "SSM Patch Manager s3 log bucket arn"
+  value       = module.ssm_patch_manager.ssm_patch_log_s3_bucket_arn
 }
 
-output "random" {
-  description = "Output \"random\" from example module"
-  value       = module.example.random
+output "scan_maintenance_window_task_id" {
+  description = "SSM Patch Manager scan maintenance windows task ID"
+  value       = module.ssm_patch_manager.scan_maintenance_window_task_id
+}
+
+output "install_maintenance_window_task_id" {
+  description = "SSM Patch Manager install maintenance windows task ID"
+  value       = module.ssm_patch_manager.install_maintenance_window_task_id
+}
+
+output "scan_maintenance_window_target_id" {
+  description = "SSM Patch Manager scan maintenance window target_id"
+  value       = module.ssm_patch_manager.scan_maintenance_window_target_id
+}
+
+output "install_maintenance_window_target_id" {
+  description = "SSM Patch Manager install maintenance window target ID"
+  value       = module.ssm_patch_manager.install_maintenance_window_target_id
+}
+
+output "install_maintenance_window_id" {
+  description = "SSM Patch Manager install maintenance window ID"
+  value       = module.ssm_patch_manager.install_maintenance_window_id
+}
+
+output "patch_baseline_arn" {
+  description = "SSM Patch Manager patch baseline ARN"
+  value       = module.ssm_patch_manager.patch_baseline_arn
+}
+
+output "install_patch_group_id" {
+  description = "SSM Patch Manager install patch group ID"
+  value       = module.ssm_patch_manager.install_patch_group_id
+}
+
+output "scan_patch_group_id" {
+  description = "SSM Patch Manager scan patch group ID"
+  value       = module.ssm_patch_manager.scan_patch_group_id
 }

examples/complete/providers.tf

@@ -0,0 +1,3 @@
+provider "aws" {
+  region = var.region
+}

examples/complete/variables.tf

@@ -1,4 +1,4 @@
-variable "example" {
+variable "region" {
   type        = string
-  description = "The value which will be passed to the example module"
+  description = "AWS region"
 }

examples/complete/versions.tf

@@ -1,10 +1,17 @@
 terraform {
-  required_version = ">= 0.12.26"
-
   required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0"
+    }
+    null = {
+      source  = "hashicorp/null"
+      version = ">= 2.0"
+    }
     local = {
       source  = "hashicorp/local"
       version = ">= 1.2"
     }
   }
-}
+  required_version = ">= 0.13.0"
+}