From 0dbd79d2072392ce9d6be14fa6040d9db982bbc5 Mon Sep 17 00:00:00 2001
From: Bayron Carranza <bayron.carranza@gmail.com>
Date: Wed, 21 Jun 2023 14:50:54 -0600
Subject: [PATCH] Terraform for EC2 Tagging (#439)

---
 terraform-modules/aws/ec2-tag/README.md    | 40 ++++++++++++++++++++++
 terraform-modules/aws/ec2-tag/main.tf      | 25 ++++++++++++++
 terraform-modules/aws/ec2-tag/output.tf    |  3 ++
 terraform-modules/aws/ec2-tag/variables.tf | 34 ++++++++++++++++++
 4 files changed, 102 insertions(+)
 create mode 100644 terraform-modules/aws/ec2-tag/README.md
 create mode 100644 terraform-modules/aws/ec2-tag/main.tf
 create mode 100644 terraform-modules/aws/ec2-tag/output.tf
 create mode 100644 terraform-modules/aws/ec2-tag/variables.tf

diff --git a/terraform-modules/aws/ec2-tag/README.md b/terraform-modules/aws/ec2-tag/README.md
new file mode 100644
index 000000000..b15e8fcfd
--- /dev/null
+++ b/terraform-modules/aws/ec2-tag/README.md
@@ -0,0 +1,40 @@
+## EC2 Tagging
+- It collects information about running instances in the AWS (Amazon Web Services) cloud.
+- It retrieves the identity of the AWS account that is executing the code.
+- It creates a local variable called "instance_tags" that contains information about the instances and their associated tags.
+- It applies the AWS EC2 tag to each instance based on the collected information.
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ec2_tag.tag_instances](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_instances.existing_instances](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/instances) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_account_tags"></a> [account\_tags](#input\_account\_tags) | Tags for each AWS account.<br><br>This variable allows you to provide tags for different AWS accounts using a map structure. Each AWS account is identified by its unique account ID, and you can specify multiple tags for each account using key-value pairs.<br><br>Example Usage:<br><br>inputs:<br>  {<br>    "account\_id\_1" = {<br>      "key1" = "value1"<br>      "key2" = "value2"<br>      "key3" = "value3"<br>      "key4" = "value4"<br>    }<br>    "account\_id\_1" = {<br>      "key1" = "value1"<br>      "key2" = "value2"<br>      "key3" = "value3"<br>      "key4" = "value4"<br>    }<br>    ... (Add more AWS account tags here) ...<br>  } | `map(map(string))` | `{}` | no |
+| <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | AWS region | `string` | `"us-west-2"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_instance_tags"></a> [instance\_tags](#output\_instance\_tags) | n/a |
diff --git a/terraform-modules/aws/ec2-tag/main.tf b/terraform-modules/aws/ec2-tag/main.tf
new file mode 100644
index 000000000..a11b5696f
--- /dev/null
+++ b/terraform-modules/aws/ec2-tag/main.tf
@@ -0,0 +1,25 @@
+data "aws_instances" "existing_instances" {
+  instance_state_names = ["running"]
+}
+
+data "aws_caller_identity" "current" {}
+
+locals {
+  instance_tags = flatten([
+    for ec2_id in data.aws_instances.existing_instances.ids : [
+      for key, value in var.account_tags[data.aws_caller_identity.current.account_id] : {
+        resource_id = ec2_id
+        key         = key
+        value       = value
+      }
+    ]
+  ])
+}
+
+resource "aws_ec2_tag" "tag_instances" {
+  for_each = { for idx, tag in local.instance_tags : idx => tag }
+
+  resource_id   = each.value.resource_id
+  key           = each.value.key
+  value         = each.value.value
+}
diff --git a/terraform-modules/aws/ec2-tag/output.tf b/terraform-modules/aws/ec2-tag/output.tf
new file mode 100644
index 000000000..873fe39cd
--- /dev/null
+++ b/terraform-modules/aws/ec2-tag/output.tf
@@ -0,0 +1,3 @@
+output "instance_tags" {
+  value = var.account_tags[data.aws_caller_identity.current.account_id]
+}
\ No newline at end of file
diff --git a/terraform-modules/aws/ec2-tag/variables.tf b/terraform-modules/aws/ec2-tag/variables.tf
new file mode 100644
index 000000000..01f2f4558
--- /dev/null
+++ b/terraform-modules/aws/ec2-tag/variables.tf
@@ -0,0 +1,34 @@
+variable "account_tags" {
+  description = <<-EOF
+    Tags for each AWS account.
+    
+    This variable allows you to provide tags for different AWS accounts using a map structure. Each AWS account is identified by its unique account ID, and you can specify multiple tags for each account using key-value pairs.
+
+    Example Usage:
+
+    inputs:
+      {
+        "account_id_1" = {
+          "key1" = "value1"
+          "key2" = "value2"
+          "key3" = "value3"
+          "key4" = "value4"
+        }
+        "account_id_1" = {
+          "key1" = "value1"
+          "key2" = "value2"
+          "key3" = "value3"
+          "key4" = "value4"
+        }
+        ... (Add more AWS account tags here) ...
+      }
+  EOF
+  type        = map(map(string))
+  default     = {}
+}
+
+variable "aws_region" {
+  description = "AWS region"
+  type        = string
+  default     = "us-west-2"
+}