Skip to content

Commit b2ed690

Browse files
authored
1-step cross-account and region copy; on-demand only; Terraform (#1)
* 1-step cross-region & cross-account copy; folders; more error handling * Short EventBridge Target IDs; OrgID from CFn parameter to IAM policy variable * Typo + another too-long EventBridge target ID; * principal with condition * Wrap CloudFormation StackSet in Terraform * exists on leaf only in event pattern; no int() on text string; describe params In EventBridge rule patterns, "exists" works only on leaf nodes. exists: false works as expected, passing, if the parent node is missing from the event. https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-pattern-operators.html#eb-filtering-exists-matching int() on ARN must have been a copy/paste error! Param descriptions need to reflect new on-demand-only capabilities * Queue policy: rule ARNs, for failed sends; Terraform module: required params * More EventBridge rule ARNs, for exclusivity in error queue policy * A few more short-form CloudFormation intrinsics * ReadMe: diagram * Event rule pattern quoting * Remove TF module Params default (some keys required) * Terraform: OU IDs, not names, to allow for other than top-level OUs * TF: StackSet description
1 parent 4a12e1c commit b2ed690

20 files changed

Lines changed: 1529 additions & 904 deletions

.gitignore

Lines changed: 93 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,49 @@
1+
###############################################################################
2+
# TERRAFORM (GitHub-provided template, as of 2025-09)
3+
###############################################################################
4+
5+
# Local .terraform directories
6+
.terraform/
7+
8+
# .tfstate files
9+
*.tfstate
10+
*.tfstate.*
11+
12+
# Crash log files
13+
crash.log
14+
crash.*.log
15+
16+
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
17+
# password, private keys, and other secrets. These should not be part of version
18+
# control as they are data points which are potentially sensitive and subject
19+
# to change depending on the environment.
20+
*.tfvars
21+
*.tfvars.json
22+
23+
# Ignore override files as they are usually used to override resources locally and so
24+
# are not checked in
25+
override.tf
26+
override.tf.json
27+
*_override.tf
28+
*_override.tf.json
29+
30+
# Ignore transient lock info files created by terraform apply
31+
.terraform.tfstate.lock.info
32+
33+
# Include override files you do wish to add to version control using negated pattern
34+
# !example_override.tf
35+
36+
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
37+
# example: *tfplan*
38+
39+
# Ignore CLI configuration files
40+
.terraformrc
41+
terraform.rc
42+
43+
###############################################################################
44+
# PYTHON (GitHub-provided template, as of 2025-05)
45+
###############################################################################
46+
147
# Byte-compiled / optimized / DLL files
248
__pycache__/
349
*.py[cod]
@@ -50,6 +96,7 @@ coverage.xml
5096
*.py,cover
5197
.hypothesis/
5298
.pytest_cache/
99+
cover/
53100

54101
# Translations
55102
*.mo
@@ -72,6 +119,7 @@ instance/
72119
docs/_build/
73120

74121
# PyBuilder
122+
.pybuilder/
75123
target/
76124

77125
# Jupyter Notebook
@@ -82,6 +130,8 @@ profile_default/
82130
ipython_config.py
83131

84132
# pyenv
133+
# For a library or package, you might want to ignore these files since the code is
134+
# intended to run in multiple environments; otherwise, check them in:
85135
.python-version
86136

87137
# pipenv
@@ -91,7 +141,30 @@ ipython_config.py
91141
# install all needed dependencies.
92142
#Pipfile.lock
93143

94-
# PEP 582; used by e.g. github.com/David-OConnor/pyflow
144+
# UV
145+
# Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
146+
# This is especially recommended for binary packages to ensure reproducibility, and is more
147+
# commonly ignored for libraries.
148+
#uv.lock
149+
150+
# poetry
151+
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
152+
# This is especially recommended for binary packages to ensure reproducibility, and is more
153+
# commonly ignored for libraries.
154+
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
155+
#poetry.lock
156+
157+
# pdm
158+
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
159+
#pdm.lock
160+
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
161+
# in version control.
162+
# https://pdm.fming.dev/latest/usage/project/#working-with-version-control
163+
.pdm.toml
164+
.pdm-python
165+
.pdm-build/
166+
167+
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
95168
__pypackages__/
96169

97170
# Celery stuff
@@ -127,3 +200,22 @@ dmypy.json
127200

128201
# Pyre type checker
129202
.pyre/
203+
204+
# pytype static type analyzer
205+
.pytype/
206+
207+
# Cython debug symbols
208+
cython_debug/
209+
210+
# PyCharm
211+
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
212+
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
213+
# and can be added to the global gitignore or merged into this file. For a more nuclear
214+
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
215+
#.idea/
216+
217+
# Ruff stuff:
218+
.ruff_cache/
219+
220+
# PyPI configuration file
221+
.pypirc

0 commit comments

Comments
 (0)