birkoff · October 14, 2023 21:15
diff --git a/application-main.tf b/application-main.tf
 # Terraform state will be stored on Shared-Services
 # No interpolations allowed here!!!!!
 terraform {
  backend "s3" {
    bucket         = "terraform-state-shared-services" # Shared Services
    region         = "us-east-1"
    profile        = "shared-services"
    # Set this only when using Terraform Workspaces
    key            = "lab/web-ui/terraform.tfstate"
    dynamodb_table = "shared-services-lock-table"

    # When NOT Implementing Workspaces Do the following:
    # terraform init \
    #   -backend-config="dynamodb_table=shared-services-lock-table" \
    #   -backend-config="key=dev/lab/web-ui/terraform.tfstate"
    # terraform plan -var 'env=dev'
    # terraform apply -var 'env=dev'
  }
 }

 # When NOT Implementing Workspaces You need the following:
 #variable "env" {
 #  type = string
 #  default = "dev"
 #  description = "This variable is NOT required when we use Terraform Workspaces"
 #}

 locals {
  dns_manager_hosted_zone_name = "example.com"
  ns_record_name               = "${local.env}-lab"
  workloads_hosted_zone_name   = "${local.ns_record_name}.${local.dns_manager_hosted_zone_name}"
  frontend_subdomain_aliases = [
    "hector", # [https://hector.dev-lab.example.com/, https://hector.test-lab.example.com/, https://hector.prod-lab.example.com/]
    "portal"  # [https://portal.dev-lab.example.com/, https://hector.test-lab.example.com/, https://hector.prod-lab.example.com/]
  ]
  terraform_assumable_role = "terraform-role"
  region                   = "us-east-1"

  # Un-Comment depending if you implement Workspaces or Not.
  env = terraform.workspace
  # env                   = var.env
  
  account_mapping = {
    dns : 555555555555
    dev : 222222222222
    default : 222222222222
    test : 333333333333
    prod : 444444444444
  }
 }

 # AWS Provider to Workloads Accounts (Dev, Test, Prod)
 provider "aws" {
  region  = local.region
  profile = "shared-services"
  assume_role {
    role_arn = "arn:aws:iam::${lookup(local.account_mapping, local.env)}:role/${local.terraform_assumable_role}"
  }
 }

 data "aws_route53_zone" "this" {
  name = local.workloads_hosted_zone_name
 }

 data "aws_acm_certificate" "this" {
  domain = local.workloads_hosted_zone_name
 }
 #####################################################
 # env = dev, test, prod (S3 + CloudFront + Route53 Records)
 #####################################################
 module "s3_cf_web" {
  source                     = "git::https://github.com/birkoff/terraform-module-web-ui.git//"
  comment                    = "Portal UI For using s3 bucket"
  bucket_region              = local.region
  hosted_zone_id             = data.aws_route53_zone.this.zone_id
  hosted_zone_name           = data.aws_route53_zone.this.name
  acm_certificate_arn        = data.aws_acm_certificate.this.arn
  frontend_subdomain_aliases = local.frontend_subdomain_aliases
 }

 resource "aws_s3_object" "index_html" {
  bucket       = module.s3_cf_web.s3_bucket_name
  key          = "index.html"
  source       = "index.html"
  content_type = "text/html"
  etag         = filemd5("index.html")
 }
	# Terraform state will be stored on Shared-Services
	# No interpolations allowed here!!!!!
	terraform {
	backend "s3" {
	bucket = "terraform-state-shared-services" # Shared Services
	region = "us-east-1"
	profile = "shared-services"
	# Set this only when using Terraform Workspaces
	key = "lab/web-ui/terraform.tfstate"
	dynamodb_table = "shared-services-lock-table"

	# When NOT Implementing Workspaces Do the following:
	# terraform init \
	# -backend-config="dynamodb_table=shared-services-lock-table" \
	# -backend-config="key=dev/lab/web-ui/terraform.tfstate"
	# terraform plan -var 'env=dev'
	# terraform apply -var 'env=dev'
	}
	}

	# When NOT Implementing Workspaces You need the following:
	#variable "env" {
	# type = string
	# default = "dev"
	# description = "This variable is NOT required when we use Terraform Workspaces"
	#}

	locals {
	dns_manager_hosted_zone_name = "example.com"
	ns_record_name = "${local.env}-lab"
	workloads_hosted_zone_name = "${local.ns_record_name}.${local.dns_manager_hosted_zone_name}"
	frontend_subdomain_aliases = [
	"hector", # [https://hector.dev-lab.example.com/, https://hector.test-lab.example.com/, https://hector.prod-lab.example.com/]
	"portal" # [https://portal.dev-lab.example.com/, https://hector.test-lab.example.com/, https://hector.prod-lab.example.com/]
	]
	terraform_assumable_role = "terraform-role"
	region = "us-east-1"

	# Un-Comment depending if you implement Workspaces or Not.
	env = terraform.workspace
	# env = var.env

	account_mapping = {
	dns : 555555555555
	dev : 222222222222
	default : 222222222222
	test : 333333333333
	prod : 444444444444
	}
	}

	# AWS Provider to Workloads Accounts (Dev, Test, Prod)
	provider "aws" {
	region = local.region
	profile = "shared-services"
	assume_role {
	role_arn = "arn:aws:iam::${lookup(local.account_mapping, local.env)}:role/${local.terraform_assumable_role}"
	}
	}

	data "aws_route53_zone" "this" {
	name = local.workloads_hosted_zone_name
	}

	data "aws_acm_certificate" "this" {
	domain = local.workloads_hosted_zone_name
	}
	#####################################################
	# env = dev, test, prod (S3 + CloudFront + Route53 Records)
	#####################################################
	module "s3_cf_web" {
	source = "git::https://github.com/birkoff/terraform-module-web-ui.git//"
	comment = "Portal UI For using s3 bucket"
	bucket_region = local.region
	hosted_zone_id = data.aws_route53_zone.this.zone_id
	hosted_zone_name = data.aws_route53_zone.this.name
	acm_certificate_arn = data.aws_acm_certificate.this.arn
	frontend_subdomain_aliases = local.frontend_subdomain_aliases
	}

	resource "aws_s3_object" "index_html" {
	bucket = module.s3_cf_web.s3_bucket_name
	key = "index.html"
	source = "index.html"
	content_type = "text/html"
	etag = filemd5("index.html")
	}