Merge pull request #56 from DNXLabs/Adding_tags_variables

Adding tags variable
DNXLabs · Jul 24, 2024 · ec9992f · ec9992f
2 parents f7c1a13 + 9cc450f
commit ec9992f
Show file tree

Hide file tree

Showing 20 changed files with 233 additions and 36 deletions.
diff --git a/README.md b/README.md
@@ -119,6 +119,7 @@ module "ecs_apps" {
 | secure\_subnet\_ids | List of secure subnet IDs for EFS. | `list(string)` | n/a | yes |
 | security\_group\_ecs\_nodes\_outbound\_cidrs | ECS Nodes outbound allowed CIDRs for the security group. | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | security\_group\_ids | Extra security groups for instances. | `list(string)` | `[]` | no |
+| tags | Map of tags that will be added to created resources. By default resources will be tagged with terraform=true. | `map(string)` | `{}` | no |
 | target\_group\_arns | List of target groups for ASG to register. | `list(string)` | `[]` | no |
 | throughput\_mode | Throughput mode for the file system. Defaults to bursting. Valid values: bursting, provisioned. | `string` | `"bursting"` | no |
 | userdata | Extra commands to pass to userdata. | `string` | `""` | no |

diff --git a/_variables.tf b/_variables.tf
@@ -19,6 +19,11 @@ variable "volume_type" {
   description = "The EBS volume type"
 }
 
+variable "tags" {
+  description = "Map of tags that will be added to created resources. By default resources will be tagged with terraform=true."
+  type        = map(string)
+  default     = {}
+}
 variable "on_demand_percentage" {
   description = "Percentage of on-demand intances vs spot."
   default     = 100

diff --git a/alb-internal.tf b/alb-internal.tf
@@ -24,9 +24,13 @@ resource "aws_lb" "ecs_internal" {
     }
   }
 
-  tags = {
-    Name = "ecs-${var.name}-internal"
-  }
+  tags = merge(
+    var.tags,
+    {
+      "Terraform" = true,
+      Name = "ecs-${var.name}-internal"
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_https_internal" {
@@ -42,6 +46,13 @@ resource "aws_lb_listener" "ecs_https_internal" {
     type             = "forward"
     target_group_arn = aws_lb_target_group.ecs_default_https_internal[0].arn
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_test_https_internal" {
@@ -58,6 +69,12 @@ resource "aws_lb_listener" "ecs_test_https_internal" {
     #target_group_arn = aws_lb_target_group.ecs_replacement_https[0].arn
     target_group_arn = aws_lb_target_group.ecs_default_https_internal[0].arn
   }
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 # Generate a random string to add it to the name of the Target Group
@@ -75,6 +92,12 @@ resource "aws_lb_target_group" "ecs_default_https_internal" {
   port     = 80
   protocol = "HTTP"
   vpc_id   = var.vpc_id
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 
   lifecycle {
     create_before_destroy = true

diff --git a/alb.tf b/alb.tf
@@ -24,9 +24,13 @@ resource "aws_lb" "ecs" {
     }
   }
 
-  tags = {
-    Name = "ecs-${var.name}"
-  }
+  tags = merge(
+    var.tags,
+    {
+      "Terraform" = true,
+      "Name" = "ecs-${var.name}"
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_https" {
@@ -42,6 +46,13 @@ resource "aws_lb_listener" "ecs_https" {
     type             = "forward"
     target_group_arn = aws_lb_target_group.ecs_default_https[0].arn
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_http_redirect" {
@@ -60,6 +71,12 @@ resource "aws_lb_listener" "ecs_http_redirect" {
       status_code = "HTTP_301"
     }
   }
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_test_https" {
@@ -76,6 +93,12 @@ resource "aws_lb_listener" "ecs_test_https" {
     #target_group_arn = aws_lb_target_group.ecs_replacement_https[0].arn
     target_group_arn = aws_lb_target_group.ecs_default_https[0].arn
   }
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "aws_lb_listener" "ecs_test_http_redirect" {
@@ -94,6 +117,12 @@ resource "aws_lb_listener" "ecs_test_http_redirect" {
       status_code = "HTTP_301"
     }
   }
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 # Generate a random string to add it to the name of the Target Group
@@ -111,6 +140,13 @@ resource "aws_lb_target_group" "ecs_default_http" {
   protocol = "HTTP"
   vpc_id   = var.vpc_id
 
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
+
   lifecycle {
     create_before_destroy = true
   }
@@ -124,6 +160,13 @@ resource "aws_lb_target_group" "ecs_default_https" {
   protocol = "HTTP"
   vpc_id   = var.vpc_id
 
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
+
   lifecycle {
     create_before_destroy = true
   }

diff --git a/asg.tf b/asg.tf
@@ -33,10 +33,18 @@ resource "aws_autoscaling_group" "ecs" {
 
   protect_from_scale_in = var.asg_protect_from_scale_in
 
-  tag {
-    key                 = "Name"
-    value               = "ecs-node-${var.name}"
-    propagate_at_launch = true
+  dynamic "tag" {
+    for_each = merge(
+      {
+        Name = "ecs-node-${var.name}"
+      },
+      var.tags
+    )
+    content {
+      key                 = tag.key
+      value               = tag.value
+      propagate_at_launch = true
+    }
   }
 
   target_group_arns         = var.target_group_arns

diff --git a/cloutwatch-alarms-alb.tf b/cloutwatch-alarms-alb.tf
@@ -15,6 +15,12 @@ resource "aws_cloudwatch_metric_alarm" "alb_500_errors" {
   insufficient_data_actions = []
   treat_missing_data        = "ignore"
 
+  tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
   dimensions = {
     LoadBalancer = aws_lb.ecs[0].arn_suffix
   }
@@ -37,6 +43,12 @@ resource "aws_cloudwatch_metric_alarm" "alb_400_errors" {
   insufficient_data_actions = []
   treat_missing_data        = "ignore"
 
+  tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
   dimensions = {
     LoadBalancer = aws_lb.ecs[0].arn_suffix
   }
@@ -75,4 +87,11 @@ resource "aws_cloudwatch_metric_alarm" "alb_latency" {
       }
     }
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
diff --git a/cloutwatch-alarms-asg.tf b/cloutwatch-alarms-asg.tf
@@ -18,4 +18,11 @@ resource "aws_cloudwatch_metric_alarm" "asg_high_cpu" {
   dimensions = {
     AutoScalingGroupName = aws_autoscaling_group.ecs[0].name
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
diff --git a/cloutwatch-alarms-ecs.tf b/cloutwatch-alarms-ecs.tf
@@ -18,6 +18,13 @@ resource "aws_cloudwatch_metric_alarm" "ecs_high_memory" {
   dimensions = {
     ClusterName = aws_ecs_cluster.ecs.name
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "aws_cloudwatch_metric_alarm" "ecs_high_cpu" {
@@ -40,4 +47,11 @@ resource "aws_cloudwatch_metric_alarm" "ecs_high_cpu" {
   dimensions = {
     ClusterName = aws_ecs_cluster.ecs.name
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
diff --git a/cloutwatch-alarms-efs.tf b/cloutwatch-alarms-efs.tf
@@ -18,4 +18,11 @@ resource "aws_cloudwatch_metric_alarm" "efs_credits_low" {
   dimensions = {
     FileSystemId = aws_efs_file_system.ecs[0].id
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
diff --git a/ec2-launch-template.tf b/ec2-launch-template.tf
@@ -32,16 +32,31 @@ resource "aws_launch_template" "ecs" {
   lifecycle {
     create_before_destroy = true
   }
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
 
 resource "tls_private_key" "algorithm" {
   count     = var.ec2_key_enabled ? 1 : 0
   algorithm = "RSA"
   rsa_bits  = 4096
+
 }
 
 resource "aws_key_pair" "generated_key" {
   count      = var.ec2_key_enabled ? 1 : 0
   key_name   = "${var.name}-key"
   public_key = tls_private_key.algorithm[0].public_key_openssh
+
+    tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
 }
diff --git a/ecs.tf b/ecs.tf
@@ -6,10 +6,15 @@ resource "aws_ecs_cluster" "ecs" {
     value = var.container_insights ? "enabled" : "disabled"
   }
 
+  tags = merge(
+    var.tags,
+    {
+      "Terraform" = true
+    },
+  )
   lifecycle {
-    ignore_changes = [
-      tags
-    ]
+    ignore_changes = []
+
   }
 }
 

diff --git a/efs.tf b/efs.tf
@@ -21,10 +21,13 @@ resource "aws_efs_file_system" "ecs" {
     }
   }
 
-  tags = {
-    Name   = "ecs-${var.name}"
-    Backup = var.backup
-  }
+  tags = merge(
+    var.tags,
+    {
+      Name   = "ecs-${var.name}"
+      Backup = var.backup
+    },
+  )
 
   # lifecycle {
   #   prevent_destroy = true
@@ -51,9 +54,14 @@ resource "aws_security_group" "efs" {
   description = "for EFS to talk to ECS cluster"
   vpc_id      = var.vpc_id
 
-  tags = {
-    Name = "ecs-efs-${var.name}"
-  }
+
+    tags = merge(
+    var.tags,
+    {
+      Name   = "ecs-efs-${var.name}"
+      Backup = var.backup
+    },
+  )
 }
 
 resource "aws_security_group_rule" "nfs_from_ecs_to_efs" {

diff --git a/iam-codedeploy.tf b/iam-codedeploy.tf
@@ -1,6 +1,11 @@
 resource "aws_iam_role" "codedeploy_service" {
   name = "codedeploy-service-${var.name}-${data.aws_region.current.name}"
-
+  tags = merge(
+    var.tags,
+    {
+      "terraform" = "true"
+    },
+  )
   assume_role_policy = <<EOF
 {
   "Version": "2012-10-17",

diff --git a/iam-ecs-service.tf b/iam-ecs-service.tf
@@ -1,6 +1,11 @@
 resource "aws_iam_role" "ecs_service" {
   name = "ecs-service-${var.name}-${data.aws_region.current.name}"
-
+  tags = merge(
+    var.tags,
+    {
+      "terraform" = "true"
+    },
+  )
   assume_role_policy = <<EOF
 {
   "Version": "2012-10-17",