From 944fdd776eb68211a3e58648d1d2ebd9a12f0636 Mon Sep 17 00:00:00 2001 From: Peter Mikus Date: Fri, 1 Apr 2022 14:38:58 +0200 Subject: [PATCH] docs(terraform): Update docs Signed-off-by: Peter Mikus Change-Id: I6ff7572103b24b099281da173215fc1ae1cbf2c0 --- .../terraform-aws-subnet/README.md | 24 +++------ fdio.infra.terraform/terraform-aws-vpc/README.md | 10 ++-- .../terraform-nomad-alertmanager/README.md | 57 ++++++++++++++++++++++ .../terraform-nomad-loki/README.md | 52 ++++++++++++++++++++ .../terraform-nomad-prometheus/README.md | 52 ++++++++++++++++++++ .../terraform-nomad-pyspark-etl/README.md | 50 +++++++++++++++++++ .../terraform-vault-aws-secret-backend/README.md | 40 +++++++++++++++ 7 files changed, 265 insertions(+), 20 deletions(-) create mode 100644 fdio.infra.terraform/terraform-nomad-alertmanager/README.md create mode 100644 fdio.infra.terraform/terraform-nomad-loki/README.md create mode 100644 fdio.infra.terraform/terraform-nomad-prometheus/README.md create mode 100644 fdio.infra.terraform/terraform-nomad-pyspark-etl/README.md create mode 100644 fdio.infra.terraform/terraform-vault-aws-secret-backend/README.md diff --git a/fdio.infra.terraform/terraform-aws-subnet/README.md b/fdio.infra.terraform/terraform-aws-subnet/README.md index 4903bcb36f..54986d1ddb 100644 --- a/fdio.infra.terraform/terraform-aws-subnet/README.md +++ b/fdio.infra.terraform/terraform-aws-subnet/README.md @@ -3,7 +3,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [terraform](#requirement\_terraform) | >= 1.0.4 | | [aws](#requirement\_aws) | ~> 4.3.0 | ## Providers @@ -20,35 +20,25 @@ No modules. | Name | Type | |------|------| -| [aws_internet_gateway.internet_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource | -| [aws_route.route](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource | -| [aws_security_group.security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource | | [aws_subnet.subnet](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource | -| [aws_vpc.vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc) | resource | +| [aws_vpc_ipv4_cidr_block_association.ipv4_cidr_block_association](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_ipv4_cidr_block_association) | resource | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [security\_group\_description](#input\_security\_group\_description) | Security group description. | `string` | `"Allow inbound/outbound traffic"` | no | -| [security\_group\_egress](#input\_security\_group\_egress) | Egress security group map. | `list(any)` | 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 0,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": "-1",
    "to_port": 0
  }
]
| no | -| [security\_group\_ingress](#input\_security\_group\_ingress) | Ingress security group map. | `list(any)` | 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 22,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": "tcp",
    "to_port": 22
  }
]
| no | -| [security\_group\_name](#input\_security\_group\_name) | Name of the security group. | `string` | n/a | yes | -| [security\_group\_revoke\_rules\_on\_delete](#input\_security\_group\_revoke\_rules\_on\_delete) | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. | `bool` | `false` | no | | [subnet\_assign\_ipv6\_address\_on\_creation](#input\_subnet\_assign\_ipv6\_address\_on\_creation) | Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. | `bool` | `false` | no | -| [subnet\_availability\_zone](#input\_subnet\_availability\_zone) | AWS availability zone | `string` | `"us-east-1a"` | no | +| [subnet\_availability\_zone](#input\_subnet\_availability\_zone) | AZ for the subnet. | `string` | `"us-east-1a"` | no | +| [subnet\_cidr\_block](#input\_subnet\_cidr\_block) | The IPv4 CIDR block for the subnet. | `string` | n/a | yes | +| [subnet\_ipv6\_cidr\_block](#input\_subnet\_ipv6\_cidr\_block) | The IPv6 network range for the subnet, in CIDR notation. | `string` | n/a | yes | | [subnet\_map\_public\_ip\_on\_launch](#input\_subnet\_map\_public\_ip\_on\_launch) | Specify true to indicate that instances launched into the subnet should be assigned a public IP address. | `bool` | `false` | no | +| [subnet\_vpc\_id](#input\_subnet\_vpc\_id) | The VPC ID. | `string` | n/a | yes | | [tags\_environment](#input\_tags\_environment) | Environment used for tag. | `string` | `""` | no | | [tags\_name](#input\_tags\_name) | Name used for tag. | `string` | `""` | no | -| [vpc\_assign\_generated\_ipv6\_cidr\_block](#input\_vpc\_assign\_generated\_ipv6\_cidr\_block) | Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. | `bool` | `true` | no | -| [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | The CIDR block for the association. | `string` | `"192.168.0.0/24"` | no | -| [vpc\_enable\_dns\_hostnames](#input\_vpc\_enable\_dns\_hostnames) | Whether or not the VPC has DNS hostname support. | `bool` | `true` | no | -| [vpc\_enable\_dns\_support](#input\_vpc\_enable\_dns\_support) | Whether or not the VPC has DNS support. | `bool` | `true` | no | -| [vpc\_instance\_tenancy](#input\_vpc\_instance\_tenancy) | The allowed tenancy of instances launched into the selected VPC. | `string` | `"default"` | no | ## Outputs | Name | Description | |------|-------------| -| [vpc\_id](#output\_vpc\_id) | The ID of the VPC | +| [subnet\_id](#output\_subnet\_id) | The ID of the Subnet | \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-aws-vpc/README.md b/fdio.infra.terraform/terraform-aws-vpc/README.md index 4903bcb36f..52f6d1cfc7 100644 --- a/fdio.infra.terraform/terraform-aws-vpc/README.md +++ b/fdio.infra.terraform/terraform-aws-vpc/README.md @@ -3,7 +3,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [terraform](#requirement\_terraform) | >= 1.0.4 | | [aws](#requirement\_aws) | ~> 4.3.0 | ## Providers @@ -32,7 +32,7 @@ No modules. |------|-------------|------|---------|:--------:| | [security\_group\_description](#input\_security\_group\_description) | Security group description. | `string` | `"Allow inbound/outbound traffic"` | no | | [security\_group\_egress](#input\_security\_group\_egress) | Egress security group map. | `list(any)` | 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 0,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": "-1",
    "to_port": 0
  }
]
| no | -| [security\_group\_ingress](#input\_security\_group\_ingress) | Ingress security group map. | `list(any)` | 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 22,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": "tcp",
    "to_port": 22
  }
]
| no | +| [security\_group\_ingress](#input\_security\_group\_ingress) | Ingress security group map. | `list(any)` | 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 22,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": "tcp",
    "self": false,
    "to_port": 22
  },
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "from_port": 0,
    "ipv6_cidr_blocks": [
      "::/0"
    ],
    "protocol": -1,
    "self": true,
    "to_port": 0
  }
]
| no | | [security\_group\_name](#input\_security\_group\_name) | Name of the security group. | `string` | n/a | yes | | [security\_group\_revoke\_rules\_on\_delete](#input\_security\_group\_revoke\_rules\_on\_delete) | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. | `bool` | `false` | no | | [subnet\_assign\_ipv6\_address\_on\_creation](#input\_subnet\_assign\_ipv6\_address\_on\_creation) | Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. | `bool` | `false` | no | @@ -50,5 +50,9 @@ No modules. | Name | Description | |------|-------------| -| [vpc\_id](#output\_vpc\_id) | The ID of the VPC | +| [vpc\_id](#output\_vpc\_id) | The ID of the VPC. | +| [vpc\_ipv6\_cidr\_block](#output\_vpc\_ipv6\_cidr\_block) | IPv6 CIDR block. | +| [vpc\_main\_route\_table\_id](#output\_vpc\_main\_route\_table\_id) | The ID of the Main Route Table. | +| [vpc\_security\_group\_id](#output\_vpc\_security\_group\_id) | The ID of the Security Group. | +| [vpc\_subnet\_id](#output\_vpc\_subnet\_id) | The ID of the Subnet. | \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-alertmanager/README.md b/fdio.infra.terraform/terraform-nomad-alertmanager/README.md new file mode 100644 index 0000000000..f5b1f859de --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-alertmanager/README.md @@ -0,0 +1,57 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [nomad](#requirement\_nomad) | >= 1.4.16 | + +## Providers + +| Name | Version | +|------|---------| +| [nomad](#provider\_nomad) | >= 1.4.16 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [nomad_job.nomad_job_alertmanager](https://registry.terraform.io/providers/hashicorp/nomad/latest/docs/resources/job) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [am\_version](#input\_am\_version) | Alertmanager version | `string` | `"0.21.0"` | no | +| [auto\_promote](#input\_auto\_promote) | Specifies if the job should auto-promote to the canary version | `bool` | `true` | no | +| [auto\_revert](#input\_auto\_revert) | Specifies if the job should auto-revert to the last stable job | `bool` | `true` | no | +| [canary](#input\_canary) | Equal to the count of the task group allows blue/green depl. | `number` | `1` | no | +| [cpu](#input\_cpu) | CPU allocation | `number` | `1000` | no | +| [datacenters](#input\_datacenters) | Specifies the list of DCs to be considered placing this task | `list(string)` | 
[
  "dc1"
]
| no | +| [group\_count](#input\_group\_count) | Specifies the number of the task groups running under this one | `number` | `1` | no | +| [job\_name](#input\_job\_name) | Specifies a name for the job | `string` | `"alertmanager"` | no | +| [max\_parallel](#input\_max\_parallel) | Specifies the maximum number of updates to perform in parallel | `number` | `1` | no | +| [memory](#input\_memory) | Specifies the memory required in MB | `number` | `1024` | no | +| [port](#input\_port) | Specifies the static TCP/UDP port to allocate | `number` | `9093` | no | +| [region](#input\_region) | Specifies the list of DCs to be considered placing this task | `string` | `"global"` | no | +| [service\_name](#input\_service\_name) | Specifies the name this service will be advertised in Consul | `string` | `"alertmanager"` | no | +| [slack\_default\_api\_key](#input\_slack\_default\_api\_key) | Alertmanager default slack API key | `string` | `"XXXXXXXXX/XXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX"` | no | +| [slack\_default\_channel](#input\_slack\_default\_channel) | Alertmanager default slack channel | `string` | `"default-channel"` | no | +| [slack\_default\_receiver](#input\_slack\_default\_receiver) | Alertmanager default slack receiver | `string` | `"default-slack-receiver"` | no | +| [slack\_jenkins\_api\_key](#input\_slack\_jenkins\_api\_key) | Alertmanager jenkins slack API key | `string` | `"XXXXXXXXX/XXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX"` | no | +| [slack\_jenkins\_channel](#input\_slack\_jenkins\_channel) | Alertmanager jenkins slack channel | `string` | `"jenkins-channel"` | no | +| [slack\_jenkins\_receiver](#input\_slack\_jenkins\_receiver) | Alertmanager jenkins slack receiver | `string` | `"jenkins-slack-receiver"` | no | +| [use\_canary](#input\_use\_canary) | Uses canary deployment | `bool` | `true` | no | +| [use\_host\_volume](#input\_use\_host\_volume) | Use Nomad host volume feature | `bool` | `false` | no | +| [vault\_secret](#input\_vault\_secret) | Set of properties to be able to fetch secret from vault. | 
object({
    use_vault_provider        = bool,
    vault_kv_policy_name      = string,
    vault_kv_path             = string,
    vault_kv_field_access_key = string,
    vault_kv_field_secret_key = string
  })
| 
{
  "use_vault_provider": false,
  "vault_kv_field_access_key": "access_key",
  "vault_kv_field_secret_key": "secret_key",
  "vault_kv_path": "secret/data/alertmanager",
  "vault_kv_policy_name": "kv"
}
| no | +| [volume\_destination](#input\_volume\_destination) | Specifies where the volume should be mounted inside the task | `string` | `"/data/"` | no | +| [volume\_source](#input\_volume\_source) | The name of the volume to request | `string` | `"persistence"` | no | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-loki/README.md b/fdio.infra.terraform/terraform-nomad-loki/README.md new file mode 100644 index 0000000000..7fec0932db --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-loki/README.md @@ -0,0 +1,52 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [nomad](#requirement\_nomad) | >= 1.4.16 | + +## Providers + +| Name | Version | +|------|---------| +| [nomad](#provider\_nomad) | 1.4.16 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [nomad_job.nomad_job_prometheus](https://registry.terraform.io/providers/hashicorp/nomad/latest/docs/resources/job) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [auto\_promote](#input\_auto\_promote) | Specifies if the job should auto-promote to the canary version | `bool` | `true` | no | +| [auto\_revert](#input\_auto\_revert) | Specifies if the job should auto-revert to the last stable job | `bool` | `true` | no | +| [canary](#input\_canary) | Equal to the count of the task group allows blue/green depl. | `number` | `1` | no | +| [cpu](#input\_cpu) | CPU allocation | `number` | `2000` | no | +| [data\_dir](#input\_data\_dir) | Loki data dir allocation | `string` | `""` | no | +| [datacenters](#input\_datacenters) | Specifies the list of DCs to be considered placing this task | `list(string)` | 
[
  "dc1"
]
| no | +| [gl\_version](#input\_gl\_version) | Grafana Loki version | `string` | `"2.4.2"` | no | +| [group\_count](#input\_group\_count) | Specifies the number of the task groups running under this one | `number` | `1` | no | +| [job\_name](#input\_job\_name) | Specifies a name for the job | `string` | `"loki"` | no | +| [max\_parallel](#input\_max\_parallel) | Specifies the maximum number of updates to perform in parallel | `number` | `1` | no | +| [memory](#input\_memory) | Specifies the memory required in MB | `number` | `4096` | no | +| [port](#input\_port) | Specifies the static TCP/UDP port to allocate | `number` | `3100` | no | +| [region](#input\_region) | Specifies the list of DCs to be considered placing this task | `string` | `"global"` | no | +| [service\_name](#input\_service\_name) | Specifies the name this service will be advertised in Consul | `string` | `"loki"` | no | +| [use\_canary](#input\_use\_canary) | Uses canary deployment | `bool` | `true` | no | +| [use\_host\_volume](#input\_use\_host\_volume) | Use Nomad host volume feature | `bool` | `false` | no | +| [vault\_secret](#input\_vault\_secret) | Set of properties to be able to fetch secret from vault. | 
object({
    use_vault_provider        = bool,
    vault_kv_policy_name      = string,
    vault_kv_path             = string,
    vault_kv_field_access_key = string,
    vault_kv_field_secret_key = string
  })
| 
{
  "use_vault_provider": false,
  "vault_kv_field_access_key": "access_key",
  "vault_kv_field_secret_key": "secret_key",
  "vault_kv_path": "secret/data/prometheus",
  "vault_kv_policy_name": "kv"
}
| no | +| [volume\_destination](#input\_volume\_destination) | Specifies where the volume should be mounted inside the task | `string` | `""` | no | +| [volume\_source](#input\_volume\_source) | The name of the volume to request | `string` | `""` | no | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-prometheus/README.md b/fdio.infra.terraform/terraform-nomad-prometheus/README.md new file mode 100644 index 0000000000..e0568c376c --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-prometheus/README.md @@ -0,0 +1,52 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [nomad](#requirement\_nomad) | >= 1.4.16 | + +## Providers + +| Name | Version | +|------|---------| +| [nomad](#provider\_nomad) | >= 1.4.16 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [nomad_job.nomad_job_prometheus](https://registry.terraform.io/providers/hashicorp/nomad/latest/docs/resources/job) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [auto\_promote](#input\_auto\_promote) | Specifies if the job should auto-promote to the canary version | `bool` | `true` | no | +| [auto\_revert](#input\_auto\_revert) | Specifies if the job should auto-revert to the last stable job | `bool` | `true` | no | +| [canary](#input\_canary) | Equal to the count of the task group allows blue/green depl. | `number` | `1` | no | +| [cpu](#input\_cpu) | CPU allocation | `number` | `2000` | no | +| [data\_dir](#input\_data\_dir) | Prometheus DISK allocation | `string` | `"/data"` | no | +| [datacenters](#input\_datacenters) | Specifies the list of DCs to be considered placing this task | `list(string)` | 
[
  "dc1"
]
| no | +| [group\_count](#input\_group\_count) | Specifies the number of the task groups running under this one | `number` | `4` | no | +| [job\_name](#input\_job\_name) | Specifies a name for the job | `string` | `"prometheus"` | no | +| [max\_parallel](#input\_max\_parallel) | Specifies the maximum number of updates to perform in parallel | `number` | `1` | no | +| [memory](#input\_memory) | Specifies the memory required in MB | `number` | `4096` | no | +| [pm\_version](#input\_pm\_version) | Prometheus version | `string` | `"2.33.1"` | no | +| [port](#input\_port) | Specifies the static TCP/UDP port to allocate | `number` | `9090` | no | +| [region](#input\_region) | Specifies the list of DCs to be considered placing this task | `string` | `"global"` | no | +| [service\_name](#input\_service\_name) | Specifies the name this service will be advertised in Consul | `string` | `"prometheus"` | no | +| [use\_canary](#input\_use\_canary) | Uses canary deployment | `bool` | `true` | no | +| [use\_host\_volume](#input\_use\_host\_volume) | Use Nomad host volume feature | `bool` | `true` | no | +| [vault\_secret](#input\_vault\_secret) | Set of properties to be able to fetch secret from vault. | 
object({
    use_vault_provider        = bool,
    vault_kv_policy_name      = string,
    vault_kv_path             = string,
    vault_kv_field_access_key = string,
    vault_kv_field_secret_key = string
  })
| 
{
  "use_vault_provider": false,
  "vault_kv_field_access_key": "access_key",
  "vault_kv_field_secret_key": "secret_key",
  "vault_kv_path": "secret/data/prometheus",
  "vault_kv_policy_name": "kv"
}
| no | +| [volume\_destination](#input\_volume\_destination) | Specifies where the volume should be mounted inside the task | `string` | `"/data/"` | no | +| [volume\_source](#input\_volume\_source) | The name of the volume to request | `string` | `"prod-volume-data1-1"` | no | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-pyspark-etl/README.md b/fdio.infra.terraform/terraform-nomad-pyspark-etl/README.md new file mode 100644 index 0000000000..1147ddb16a --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-pyspark-etl/README.md @@ -0,0 +1,50 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [nomad](#requirement\_nomad) | >= 1.4.16 | + +## Providers + +| Name | Version | +|------|---------| +| [nomad](#provider\_nomad) | >= 1.4.16 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [nomad_job.nomad_job_etl](https://registry.terraform.io/providers/hashicorp/nomad/latest/docs/resources/job) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [aws\_access\_key\_id](#input\_aws\_access\_key\_id) | AWS access key. | `string` | `"aws"` | no | +| [aws\_default\_region](#input\_aws\_default\_region) | AWS region | `string` | `"aws"` | no | +| [aws\_secret\_access\_key](#input\_aws\_secret\_access\_key) | AWS secret key | `string` | `"aws"` | no | +| [cpu](#input\_cpu) | Specifies the CPU required to run this task in MHz. | `number` | `10000` | no | +| [cron](#input\_cron) | Specifies a cron expression configuring the interval to launch. | `string` | `"@daily"` | no | +| [datacenters](#input\_datacenters) | Specifies the list of DCs to be considered placing this task. | `list(string)` | 
[
  "dc1"
]
| no | +| [envs](#input\_envs) | Specifies ETL environment variables. | `list(string)` | `[]` | no | +| [image](#input\_image) | Specifies the Docker image to run. | `string` | `"pmikus/docker-ubuntu-focal-aws-glue:latest"` | no | +| [job\_name](#input\_job\_name) | Specifies a name for the job. | `string` | `"etl"` | no | +| [memory](#input\_memory) | Specifies the memory required in MB. | `number` | `20000` | no | +| [out\_aws\_access\_key\_id](#input\_out\_aws\_access\_key\_id) | AWS access key. | `string` | `"aws"` | no | +| [out\_aws\_default\_region](#input\_out\_aws\_default\_region) | AWS region | `string` | `"aws"` | no | +| [out\_aws\_secret\_access\_key](#input\_out\_aws\_secret\_access\_key) | AWS secret key | `string` | `"aws"` | no | +| [prohibit\_overlap](#input\_prohibit\_overlap) | Specifies if this job should wait until previous completed. | `bool` | `true` | no | +| [time\_zone](#input\_time\_zone) | Specifies the time zone to evaluate the next launch interval. | `string` | `"UTC"` | no | +| [type](#input\_type) | Specifies the Nomad scheduler to use. | `string` | `"batch"` | no | +| [vault\_secret](#input\_vault\_secret) | Set of properties to be able to fetch secret from vault. | 
object({
    use_vault_provider        = bool,
    vault_kv_policy_name      = string,
    vault_kv_path             = string,
    vault_kv_field_access_key = string,
    vault_kv_field_secret_key = string
  })
| 
{
  "use_vault_provider": false,
  "vault_kv_field_access_key": "access_key",
  "vault_kv_field_secret_key": "secret_key",
  "vault_kv_path": "secret/data/etl",
  "vault_kv_policy_name": "kv"
}
| no | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/fdio.infra.terraform/terraform-vault-aws-secret-backend/README.md b/fdio.infra.terraform/terraform-vault-aws-secret-backend/README.md new file mode 100644 index 0000000000..af0fa29334 --- /dev/null +++ b/fdio.infra.terraform/terraform-vault-aws-secret-backend/README.md @@ -0,0 +1,40 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.4 | +| [vault](#requirement\_vault) | >=2.22.1 | + +## Providers + +| Name | Version | +|------|---------| +| [vault](#provider\_vault) | >=2.22.1 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [vault_aws_secret_backend.aws](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/aws_secret_backend) | resource | +| [vault_aws_secret_backend_role.admin](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/aws_secret_backend_role) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [aws\_access\_key](#input\_aws\_access\_key) | AWS access key | `string` | n/a | yes | +| [aws\_secret\_key](#input\_aws\_secret\_key) | AWS secret key | `string` | n/a | yes | +| [name](#input\_name) | Vault path | `string` | `"dynamic-aws-creds-vault"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [backend](#output\_backend) | n/a | +| [role](#output\_role) | n/a | + \ No newline at end of file -- 2.16.6