From b6802ceb3251927683242ae22a8989536768c621 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:18:11 +0000 Subject: [PATCH 01/13] Add terraform docs generation --- .githooks/pre-commit | 5 ++ .github/workflows/ci.yml | 22 +++++++ asset-account/terraform/stack-set/README.md | 57 +++++++++++++++++++ .../terraform/stack-set/variables.tf | 18 +++--- 4 files changed, 94 insertions(+), 8 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 1d69abe..4420cd4 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -38,6 +38,11 @@ if command_exists ./node_modules/.bin/prettier; then echo "$files" | xargs ./node_modules/.bin/prettier --ignore-unknown --write fi +if command_exists terraform-docs; then + cd asset-account/terraform/stack-set + terraform-docs markdown . --output-file README.md +fi + # Add the modified/prettified files to staging echo "$files" | xargs git add diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c27df31..e1b1390 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,6 +47,28 @@ jobs: - run: terraform validate working-directory: ${{ matrix.project }} + terraform-docs: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - run: | + curl https://github.com/terraform-docs/terraform-docs/releases/download/v0.19.0/terraform-docs-v0.19.0-linux-amd64.tar.gz \ + --location + --retry 5 \ + --retry-all-errors \ + --show-error | + tar -xz > ./terraform-docs + + - run: chmod +x ./terraform-docs + + - run: ./terraform-docs markdown . > README.md + working-directory: asset-account/terraform/stack-set + + - run: >- + git diff --exit-code --color=always || ( echo "Terraform docs are + out-of-date. See the diff above." && exit 1 ) + prettier: runs-on: ubuntu-latest steps: diff --git a/asset-account/terraform/stack-set/README.md b/asset-account/terraform/stack-set/README.md index 0383280..9dbb7df 100644 --- a/asset-account/terraform/stack-set/README.md +++ b/asset-account/terraform/stack-set/README.md @@ -21,3 +21,60 @@ module "elastio_asset_account" { // Provide input parameters } ``` + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.0 | +| [aws](#requirement\_aws) | >= 5.0 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | >= 5.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [aws_cloudformation_stack_instances.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances) | resource | +| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [accounts](#input\_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | +| [administration\_role\_arn](#input\_administration\_role\_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | +| [auto\_deployment](#input\_auto\_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
    enabled                          = optional(bool)
    retain_stacks_on_account_removal = optional(bool)
  })
| `null` | no | +| [call\_as](#input\_call\_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | +| [deployment\_targets](#input\_deployment\_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
    account_filter_type     = optional(string)
    accounts                = optional(list(string))
    accounts_url            = optional(string)
    organizational_unit_ids = optional(list(string))
  })
| `null` | no | +| [encrypt\_with\_cmk](#input\_encrypt\_with\_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | +| [execution\_role\_name](#input\_execution\_role\_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | +| [iam\_resource\_names\_prefix](#input\_iam\_resource\_names\_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [iam\_resource\_names\_suffix](#input\_iam\_resource\_names\_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [lambda\_tracing](#input\_lambda\_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | +| [managed\_execution](#input\_managed\_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
    active = optional(bool)
  })
| `null` | no | +| [operation\_preferences](#input\_operation\_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
    concurrency_mode             = optional(string)
    failure_tolerance_count      = optional(number)
    failure_tolerance_percentage = optional(number)
    max_concurrent_count         = optional(number)
    max_concurrent_percentage    = optional(number)

    # Region settings are not supported, because there must be at most one stack per account in a single region.
  })
| `null` | no | +| [permission\_model](#input\_permission\_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | +| [region](#input\_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | +| [retain\_stacks](#input\_retain\_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | +| [stack\_set\_description](#input\_stack\_set\_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | +| [stack\_set\_name](#input\_stack\_set\_name) | n/a | `string` | `"ElastioAssetAccount"` | no | +| [tags](#input\_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | +| [template\_url](#input\_template\_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [stack\_instances](#output\_stack\_instances) | The outputs of the aws\_cloudformation\_stack\_instances resource. | +| [stack\_set](#output\_stack\_set) | The outputs of the aws\_cloudformation\_stack\_set resource. | + \ No newline at end of file diff --git a/asset-account/terraform/stack-set/variables.tf b/asset-account/terraform/stack-set/variables.tf index 6699cae..91a3b28 100644 --- a/asset-account/terraform/stack-set/variables.tf +++ b/asset-account/terraform/stack-set/variables.tf @@ -35,7 +35,7 @@ variable "deployment_targets" { Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model. If you are using the `SELF_MANAGED` permissions model specify `accounts` instead. - Details: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets + [Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) DESCR type = object({ @@ -71,6 +71,8 @@ variable "tags" { } variable "auto_deployment" { + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1)" + type = object({ enabled = optional(bool) retain_stacks_on_account_removal = optional(bool) @@ -101,7 +103,7 @@ variable "stack_set_description" { ################################## variable "operation_preferences" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences)" type = object({ concurrency_mode = optional(string) @@ -116,7 +118,7 @@ variable "operation_preferences" { } variable "managed_execution" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1)" type = object({ active = optional(bool) @@ -125,35 +127,35 @@ variable "managed_execution" { } variable "administration_role_arn" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1)" type = string default = null } variable "execution_role_name" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1)" type = string default = null } variable "permission_model" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1)" type = string default = null } variable "call_as" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1)" type = string default = null } variable "retain_stacks" { - description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1" + description = "[See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1)" type = bool default = null From 9225508e456a0e37f491657aaa9b729028131f68 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:20:30 +0000 Subject: [PATCH 02/13] Better docs --- .githooks/pre-commit | 8 ++++---- .github/workflows/ci.yml | 4 ++-- asset-account/terraform/stack-set/variables.tf | 4 +++- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 4420cd4..a2ffc52 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -34,15 +34,15 @@ if command_exists typos; then echo "$files" | xargs typos fi -if command_exists ./node_modules/.bin/prettier; then - echo "$files" | xargs ./node_modules/.bin/prettier --ignore-unknown --write -fi - if command_exists terraform-docs; then cd asset-account/terraform/stack-set terraform-docs markdown . --output-file README.md fi +if command_exists ./node_modules/.bin/prettier; then + echo "$files" | xargs ./node_modules/.bin/prettier --ignore-unknown --write +fi + # Add the modified/prettified files to staging echo "$files" | xargs git add diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e1b1390..14fc202 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -57,8 +57,8 @@ jobs: --location --retry 5 \ --retry-all-errors \ - --show-error | - tar -xz > ./terraform-docs + --show-error \ + | tar -xz > ./terraform-docs - run: chmod +x ./terraform-docs diff --git a/asset-account/terraform/stack-set/variables.tf b/asset-account/terraform/stack-set/variables.tf index 91a3b28..4c6ba4d 100644 --- a/asset-account/terraform/stack-set/variables.tf +++ b/asset-account/terraform/stack-set/variables.tf @@ -112,7 +112,9 @@ variable "operation_preferences" { max_concurrent_count = optional(number) max_concurrent_percentage = optional(number) - # Region settings are not supported, because there must be at most one stack per account in a single region. + # Region settings are not supported, because + # there must be at most one stack per account + # in a single region. }) default = null } From 3104797e2a0107c896824b7998f0152834218398 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:25:59 +0000 Subject: [PATCH 03/13] Fix --- .githooks/pre-commit | 3 +- .github/workflows/ci.yml | 5 +- asset-account/terraform/stack-set/README.md | 74 +++++++++++---------- 3 files changed, 43 insertions(+), 39 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index a2ffc52..6c136d1 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -35,8 +35,9 @@ if command_exists typos; then fi if command_exists terraform-docs; then - cd asset-account/terraform/stack-set + pushd asset-account/terraform/stack-set terraform-docs markdown . --output-file README.md + popd fi if command_exists ./node_modules/.bin/prettier; then diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 14fc202..efdda43 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,11 +54,12 @@ jobs: - run: | curl https://github.com/terraform-docs/terraform-docs/releases/download/v0.19.0/terraform-docs-v0.19.0-linux-amd64.tar.gz \ - --location + --location \ + --silent \ --retry 5 \ --retry-all-errors \ --show-error \ - | tar -xz > ./terraform-docs + | tar -xz - > ./terraform-docs - run: chmod +x ./terraform-docs diff --git a/asset-account/terraform/stack-set/README.md b/asset-account/terraform/stack-set/README.md index 9dbb7df..82ddbc0 100644 --- a/asset-account/terraform/stack-set/README.md +++ b/asset-account/terraform/stack-set/README.md @@ -23,18 +23,19 @@ module "elastio_asset_account" { ``` + ## Requirements -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| Name | Version | +| ------------------------------------------------------------------------ | ------- | +| [terraform](#requirement_terraform) | >= 1.0 | +| [aws](#requirement_aws) | >= 5.0 | ## Providers -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| Name | Version | +| ------------------------------------------------ | ------- | +| [aws](#provider_aws) | >= 5.0 | ## Modules @@ -42,39 +43,40 @@ No modules. ## Resources -| Name | Type | -|------|------| +| Name | Type | +| ----------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | | [aws_cloudformation_stack_instances.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances) | resource | -| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | +| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [accounts](#input\_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | -| [administration\_role\_arn](#input\_administration\_role\_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | -| [auto\_deployment](#input\_auto\_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
    enabled                          = optional(bool)
    retain_stacks_on_account_removal = optional(bool)
  })
| `null` | no | -| [call\_as](#input\_call\_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | -| [deployment\_targets](#input\_deployment\_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
    account_filter_type     = optional(string)
    accounts                = optional(list(string))
    accounts_url            = optional(string)
    organizational_unit_ids = optional(list(string))
  })
| `null` | no | -| [encrypt\_with\_cmk](#input\_encrypt\_with\_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | -| [execution\_role\_name](#input\_execution\_role\_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | -| [iam\_resource\_names\_prefix](#input\_iam\_resource\_names\_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [iam\_resource\_names\_suffix](#input\_iam\_resource\_names\_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [lambda\_tracing](#input\_lambda\_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | -| [managed\_execution](#input\_managed\_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
    active = optional(bool)
  })
| `null` | no | -| [operation\_preferences](#input\_operation\_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
    concurrency_mode             = optional(string)
    failure_tolerance_count      = optional(number)
    failure_tolerance_percentage = optional(number)
    max_concurrent_count         = optional(number)
    max_concurrent_percentage    = optional(number)

    # Region settings are not supported, because there must be at most one stack per account in a single region.
  })
| `null` | no | -| [permission\_model](#input\_permission\_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | -| [region](#input\_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | -| [retain\_stacks](#input\_retain\_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | -| [stack\_set\_description](#input\_stack\_set\_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | -| [stack\_set\_name](#input\_stack\_set\_name) | n/a | `string` | `"ElastioAssetAccount"` | no | -| [tags](#input\_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | -| [template\_url](#input\_template\_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | +| Name | Description | Type | Default | Required | +| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | +| [accounts](#input_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | +| [administration_role_arn](#input_administration_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | +| [auto_deployment](#input_auto_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
 enabled = optional(bool)
 retain_stacks_on_account_removal = optional(bool)
 })
| `null` | no | +| [call_as](#input_call_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | +| [deployment_targets](#input_deployment_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
 account_filter_type = optional(string)
 accounts = optional(list(string))
 accounts_url = optional(string)
 organizational_unit_ids = optional(list(string))
 })
| `null` | no | +| [encrypt_with_cmk](#input_encrypt_with_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | +| [execution_role_name](#input_execution_role_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | +| [iam_resource_names_prefix](#input_iam_resource_names_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [iam_resource_names_suffix](#input_iam_resource_names_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | +| [managed_execution](#input_managed_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
 active = optional(bool)
 })
| `null` | no | +| [operation_preferences](#input_operation_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
 concurrency_mode = optional(string)
 failure_tolerance_count = optional(number)
 failure_tolerance_percentage = optional(number)
 max_concurrent_count = optional(number)
 max_concurrent_percentage = optional(number)

 # Region settings are not supported, because
 # there must be at most one stack per account
 # in a single region.
 })
| `null` | no | +| [permission_model](#input_permission_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | +| [region](#input_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | +| [retain_stacks](#input_retain_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | +| [stack_set_description](#input_stack_set_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | +| [stack_set_name](#input_stack_set_name) | n/a | `string` | `"ElastioAssetAccount"` | no | +| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | +| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | ## Outputs -| Name | Description | -|------|-------------| -| [stack\_instances](#output\_stack\_instances) | The outputs of the aws\_cloudformation\_stack\_instances resource. | -| [stack\_set](#output\_stack\_set) | The outputs of the aws\_cloudformation\_stack\_set resource. | - \ No newline at end of file +| Name | Description | +| -------------------------------------------------------------------------------- | --------------------------------------------------------------- | +| [stack_instances](#output_stack_instances) | The outputs of the aws_cloudformation_stack_instances resource. | +| [stack_set](#output_stack_set) | The outputs of the aws_cloudformation_stack_set resource. | + + From 27846d09632a89d361f4ba18dbb847752cad453a Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:28:06 +0000 Subject: [PATCH 04/13] Fix --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index efdda43..a3903b7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,7 +59,7 @@ jobs: --retry 5 \ --retry-all-errors \ --show-error \ - | tar -xz - > ./terraform-docs + | tar -xz > ./terraform-docs - run: chmod +x ./terraform-docs From a38358e2d374c4dcf236e0086b2332e11a60b332 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:29:35 +0000 Subject: [PATCH 05/13] Fix CI --- .github/workflows/ci.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a3903b7..70e4a67 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,6 +49,12 @@ jobs: terraform-docs: runs-on: ubuntu-latest + + strategy: + matrix: + project: + - asset-account/terraform/stack-set + steps: - uses: actions/checkout@v4 @@ -60,11 +66,13 @@ jobs: --retry-all-errors \ --show-error \ | tar -xz > ./terraform-docs + working-directory: ${{ matrix.project }} - run: chmod +x ./terraform-docs + working-directory: ${{ matrix.project }} - run: ./terraform-docs markdown . > README.md - working-directory: asset-account/terraform/stack-set + working-directory: ${{ matrix.project }} - run: >- git diff --exit-code --color=always || ( echo "Terraform docs are From 83724521fff7a3685f0d581810325cf41a05ca77 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:31:17 +0000 Subject: [PATCH 06/13] Add prettier --- .github/workflows/ci.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 70e4a67..d30af6c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -52,11 +52,16 @@ jobs: strategy: matrix: - project: + terraform_module: - asset-account/terraform/stack-set steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: "22" + cache: "npm" + - run: npm ci --ignore-scripts - run: | curl https://github.com/terraform-docs/terraform-docs/releases/download/v0.19.0/terraform-docs-v0.19.0-linux-amd64.tar.gz \ @@ -66,13 +71,15 @@ jobs: --retry-all-errors \ --show-error \ | tar -xz > ./terraform-docs - working-directory: ${{ matrix.project }} + working-directory: ${{ matrix.terraform_module }} - run: chmod +x ./terraform-docs - working-directory: ${{ matrix.project }} + working-directory: ${{ matrix.terraform_module }} - - run: ./terraform-docs markdown . > README.md - working-directory: ${{ matrix.project }} + - run: ./terraform-docs markdown . --output-file README.md + working-directory: ${{ matrix.terraform_module }} + + - run: npx prettier -w . - run: >- git diff --exit-code --color=always || ( echo "Terraform docs are From 7ed74e3730ae8647745d620670ba28dee9be2cca Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:32:27 +0000 Subject: [PATCH 07/13] Fix From 538a48233ead7d7aa5b17f2a4b1ef836cfe5fb16 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:34:21 +0000 Subject: [PATCH 08/13] Fix --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d30af6c..f1c2f66 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -70,7 +70,7 @@ jobs: --retry 5 \ --retry-all-errors \ --show-error \ - | tar -xz > ./terraform-docs + | tar -xz terraform-docs > ./terraform-docs working-directory: ${{ matrix.terraform_module }} - run: chmod +x ./terraform-docs From 1c70f7e00ae5621cbf27486f5a645854d86c4981 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:36:24 +0000 Subject: [PATCH 09/13] Fix --- .githooks/pre-commit | 2 +- asset-account/terraform/stack-set/README.md | 72 ++++++++++----------- 2 files changed, 36 insertions(+), 38 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 6c136d1..a1bf265 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -41,7 +41,7 @@ if command_exists terraform-docs; then fi if command_exists ./node_modules/.bin/prettier; then - echo "$files" | xargs ./node_modules/.bin/prettier --ignore-unknown --write + xargs ./node_modules/.bin/prettier --ignore-unknown --write fi # Add the modified/prettified files to staging diff --git a/asset-account/terraform/stack-set/README.md b/asset-account/terraform/stack-set/README.md index 82ddbc0..d57cb6b 100644 --- a/asset-account/terraform/stack-set/README.md +++ b/asset-account/terraform/stack-set/README.md @@ -23,19 +23,18 @@ module "elastio_asset_account" { ``` - ## Requirements -| Name | Version | -| ------------------------------------------------------------------------ | ------- | -| [terraform](#requirement_terraform) | >= 1.0 | -| [aws](#requirement_aws) | >= 5.0 | +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.0 | +| [aws](#requirement\_aws) | >= 5.0 | ## Providers -| Name | Version | -| ------------------------------------------------ | ------- | -| [aws](#provider_aws) | >= 5.0 | +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | >= 5.0 | ## Modules @@ -43,40 +42,39 @@ No modules. ## Resources -| Name | Type | -| ----------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | +| Name | Type | +|------|------| | [aws_cloudformation_stack_instances.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances) | resource | -| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | +| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | ## Inputs -| Name | Description | Type | Default | Required | -| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | -| [accounts](#input_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | -| [administration_role_arn](#input_administration_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | -| [auto_deployment](#input_auto_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
 enabled = optional(bool)
 retain_stacks_on_account_removal = optional(bool)
 })
| `null` | no | -| [call_as](#input_call_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | -| [deployment_targets](#input_deployment_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
 account_filter_type = optional(string)
 accounts = optional(list(string))
 accounts_url = optional(string)
 organizational_unit_ids = optional(list(string))
 })
| `null` | no | -| [encrypt_with_cmk](#input_encrypt_with_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | -| [execution_role_name](#input_execution_role_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | -| [iam_resource_names_prefix](#input_iam_resource_names_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [iam_resource_names_suffix](#input_iam_resource_names_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | -| [managed_execution](#input_managed_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
 active = optional(bool)
 })
| `null` | no | -| [operation_preferences](#input_operation_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
 concurrency_mode = optional(string)
 failure_tolerance_count = optional(number)
 failure_tolerance_percentage = optional(number)
 max_concurrent_count = optional(number)
 max_concurrent_percentage = optional(number)

 # Region settings are not supported, because
 # there must be at most one stack per account
 # in a single region.
 })
| `null` | no | -| [permission_model](#input_permission_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | -| [region](#input_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | -| [retain_stacks](#input_retain_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | -| [stack_set_description](#input_stack_set_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | -| [stack_set_name](#input_stack_set_name) | n/a | `string` | `"ElastioAssetAccount"` | no | -| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | -| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [accounts](#input\_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | +| [administration\_role\_arn](#input\_administration\_role\_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | +| [auto\_deployment](#input\_auto\_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
    enabled                          = optional(bool)
    retain_stacks_on_account_removal = optional(bool)
  })
| `null` | no | +| [call\_as](#input\_call\_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | +| [deployment\_targets](#input\_deployment\_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
    account_filter_type     = optional(string)
    accounts                = optional(list(string))
    accounts_url            = optional(string)
    organizational_unit_ids = optional(list(string))
  })
| `null` | no | +| [encrypt\_with\_cmk](#input\_encrypt\_with\_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | +| [execution\_role\_name](#input\_execution\_role\_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | +| [iam\_resource\_names\_prefix](#input\_iam\_resource\_names\_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [iam\_resource\_names\_suffix](#input\_iam\_resource\_names\_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [lambda\_tracing](#input\_lambda\_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | +| [managed\_execution](#input\_managed\_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
    active = optional(bool)
  })
| `null` | no | +| [operation\_preferences](#input\_operation\_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
    concurrency_mode             = optional(string)
    failure_tolerance_count      = optional(number)
    failure_tolerance_percentage = optional(number)
    max_concurrent_count         = optional(number)
    max_concurrent_percentage    = optional(number)

    # Region settings are not supported, because
    # there must be at most one stack per account
    # in a single region.
  })
| `null` | no | +| [permission\_model](#input\_permission\_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | +| [region](#input\_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | +| [retain\_stacks](#input\_retain\_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | +| [stack\_set\_description](#input\_stack\_set\_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | +| [stack\_set\_name](#input\_stack\_set\_name) | n/a | `string` | `"ElastioAssetAccount"` | no | +| [tags](#input\_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | +| [template\_url](#input\_template\_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | ## Outputs -| Name | Description | -| -------------------------------------------------------------------------------- | --------------------------------------------------------------- | -| [stack_instances](#output_stack_instances) | The outputs of the aws_cloudformation_stack_instances resource. | -| [stack_set](#output_stack_set) | The outputs of the aws_cloudformation_stack_set resource. | - +| Name | Description | +|------|-------------| +| [stack\_instances](#output\_stack\_instances) | The outputs of the aws\_cloudformation\_stack\_instances resource. | +| [stack\_set](#output\_stack\_set) | The outputs of the aws\_cloudformation\_stack\_set resource. | From 9e10d451d7710c2198b206ecf39b0cd86acfa3ea Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:36:51 +0000 Subject: [PATCH 10/13] Fix the fxi --- .githooks/pre-commit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index a1bf265..615e2d2 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -41,7 +41,7 @@ if command_exists terraform-docs; then fi if command_exists ./node_modules/.bin/prettier; then - xargs ./node_modules/.bin/prettier --ignore-unknown --write + ./node_modules/.bin/prettier --ignore-unknown --write fi # Add the modified/prettified files to staging From 2bb37f5fbd72dff4a57395266788af2d524dd548 Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:37:28 +0000 Subject: [PATCH 11/13] Fix the fix of the fix --- .githooks/pre-commit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 615e2d2..72b0eb1 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -41,7 +41,7 @@ if command_exists terraform-docs; then fi if command_exists ./node_modules/.bin/prettier; then - ./node_modules/.bin/prettier --ignore-unknown --write + ./node_modules/.bin/prettier --ignore-unknown --write . fi # Add the modified/prettified files to staging From 5c9844b75679daa50688de303c87fe09f394bf4f Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:38:49 +0000 Subject: [PATCH 12/13] Fix the fix of the fix that fixes the fix --- .githooks/pre-commit | 4 +- asset-account/terraform/stack-set/README.md | 72 +++++++++++---------- 2 files changed, 40 insertions(+), 36 deletions(-) diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 72b0eb1..98253d7 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -36,12 +36,14 @@ fi if command_exists terraform-docs; then pushd asset-account/terraform/stack-set + files="$files asset-account/terraform/stack-set/README.md" + terraform-docs markdown . --output-file README.md popd fi if command_exists ./node_modules/.bin/prettier; then - ./node_modules/.bin/prettier --ignore-unknown --write . + echo "$files" | xargs ./node_modules/.bin/prettier --ignore-unknown --write fi # Add the modified/prettified files to staging diff --git a/asset-account/terraform/stack-set/README.md b/asset-account/terraform/stack-set/README.md index d57cb6b..82ddbc0 100644 --- a/asset-account/terraform/stack-set/README.md +++ b/asset-account/terraform/stack-set/README.md @@ -23,18 +23,19 @@ module "elastio_asset_account" { ``` + ## Requirements -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| Name | Version | +| ------------------------------------------------------------------------ | ------- | +| [terraform](#requirement_terraform) | >= 1.0 | +| [aws](#requirement_aws) | >= 5.0 | ## Providers -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| Name | Version | +| ------------------------------------------------ | ------- | +| [aws](#provider_aws) | >= 5.0 | ## Modules @@ -42,39 +43,40 @@ No modules. ## Resources -| Name | Type | -|------|------| +| Name | Type | +| ----------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | | [aws_cloudformation_stack_instances.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances) | resource | -| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | +| [aws_cloudformation_stack_set.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [accounts](#input\_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | -| [administration\_role\_arn](#input\_administration\_role\_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | -| [auto\_deployment](#input\_auto\_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
    enabled                          = optional(bool)
    retain_stacks_on_account_removal = optional(bool)
  })
| `null` | no | -| [call\_as](#input\_call\_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | -| [deployment\_targets](#input\_deployment\_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
    account_filter_type     = optional(string)
    accounts                = optional(list(string))
    accounts_url            = optional(string)
    organizational_unit_ids = optional(list(string))
  })
| `null` | no | -| [encrypt\_with\_cmk](#input\_encrypt\_with\_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | -| [execution\_role\_name](#input\_execution\_role\_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | -| [iam\_resource\_names\_prefix](#input\_iam\_resource\_names\_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [iam\_resource\_names\_suffix](#input\_iam\_resource\_names\_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | -| [lambda\_tracing](#input\_lambda\_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | -| [managed\_execution](#input\_managed\_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
    active = optional(bool)
  })
| `null` | no | -| [operation\_preferences](#input\_operation\_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
    concurrency_mode             = optional(string)
    failure_tolerance_count      = optional(number)
    failure_tolerance_percentage = optional(number)
    max_concurrent_count         = optional(number)
    max_concurrent_percentage    = optional(number)

    # Region settings are not supported, because
    # there must be at most one stack per account
    # in a single region.
  })
| `null` | no | -| [permission\_model](#input\_permission\_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | -| [region](#input\_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | -| [retain\_stacks](#input\_retain\_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | -| [stack\_set\_description](#input\_stack\_set\_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | -| [stack\_set\_name](#input\_stack\_set\_name) | n/a | `string` | `"ElastioAssetAccount"` | no | -| [tags](#input\_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | -| [template\_url](#input\_template\_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | +| Name | Description | Type | Default | Required | +| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | +| [accounts](#input_accounts) | The IDs AWS accounts where you want to create stack instances.

Specify `accounts` only if you are using `SELF_MANAGED` permissions model.
If you are using the `SERVICE_MANAGED` permissions model specify `deployment_targets` instead. | `list(string)` | `null` | no | +| [administration_role_arn](#input_administration_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no | +| [auto_deployment](#input_auto_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | 
object({
 enabled = optional(bool)
 retain_stacks_on_account_removal = optional(bool)
 })
| `null` | no | +| [call_as](#input_call_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no | +| [deployment_targets](#input_deployment_targets) | The AWS Organizations accounts for which to create stack instances.

Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.

[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | 
object({
 account_filter_type = optional(string)
 accounts = optional(list(string))
 accounts_url = optional(string)
 organizational_unit_ids = optional(list(string))
 })
| `null` | no | +| [encrypt_with_cmk](#input_encrypt_with_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no | +| [execution_role_name](#input_execution_role_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no | +| [iam_resource_names_prefix](#input_iam_resource_names_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [iam_resource_names_suffix](#input_iam_resource_names_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no | +| [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no | +| [managed_execution](#input_managed_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | 
object({
 active = optional(bool)
 })
| `null` | no | +| [operation_preferences](#input_operation_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | 
object({
 concurrency_mode = optional(string)
 failure_tolerance_count = optional(number)
 failure_tolerance_percentage = optional(number)
 max_concurrent_count = optional(number)
 max_concurrent_percentage = optional(number)

 # Region settings are not supported, because
 # there must be at most one stack per account
 # in a single region.
 })
| `null` | no | +| [permission_model](#input_permission_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no | +| [region](#input_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no | +| [retain_stacks](#input_retain_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no | +| [stack_set_description](#input_stack_set_description) | n/a | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no | +| [stack_set_name](#input_stack_set_name) | n/a | `string` | `"ElastioAssetAccount"` | no | +| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no | +| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes | ## Outputs -| Name | Description | -|------|-------------| -| [stack\_instances](#output\_stack\_instances) | The outputs of the aws\_cloudformation\_stack\_instances resource. | -| [stack\_set](#output\_stack\_set) | The outputs of the aws\_cloudformation\_stack\_set resource. | +| Name | Description | +| -------------------------------------------------------------------------------- | --------------------------------------------------------------- | +| [stack_instances](#output_stack_instances) | The outputs of the aws_cloudformation_stack_instances resource. | +| [stack_set](#output_stack_set) | The outputs of the aws_cloudformation_stack_set resource. | + From 7b336f825e0a14419e39c6c4f7ed1292119a266a Mon Sep 17 00:00:00 2001 From: Veetaha Date: Fri, 21 Mar 2025 12:40:00 +0000 Subject: [PATCH 13/13] Add node_modules to gitigore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index f4c18be..bdebada 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ terraform.tfstate terraform.tfstate.backup terraform.tfvars +/node_modules