Skip to content
/ aft-customization-automation Public

PoC Terraform module to enable fully automated workflow for customization changes in AFT

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kjansson/aft-customization-automation

BranchesTags

Repository files navigation

aft-customization-automation

Overview

PoC Terraform module for automating customization pipeline invokation in Account Factory for Terraform (AFT), bypassing the manual step of triggering the account customization step function manually on changes.

Alt text

Prerequisites

  • AFT framework deployed
  • AFT repos hosted on Github

Deployment

Deploys into AFT management account. The module creates workflow for one customization repository, so to enable automatic invokation for both global customization and account customization you need to deploy the module for each repository.

Requirements

Name Version
terraform >= 1.0.0
aws >= 5.11.0, < 6.0.0

Providers

Name Version
aws 5.67.0
local 2.5.2
random 3.6.3

Resources

Name Type
aws_cloudwatch_log_group.account-customization-invoker resource
aws_codebuild_project.account_customization_invoker_pipeline resource
aws_codepipeline.codestar_customization_invoker resource
aws_codestarconnections_connection.github resource
aws_iam_role.customization_invoker_codepipeline_role resource
aws_iam_role_policy.customization_invoker_codepipeline_policy resource
aws_kms_alias.invoke resource
aws_kms_key.invoke resource
aws_s3_bucket.codepipeline_bucket resource
aws_s3_bucket_public_access_block.aft-codepipeline-customizations-block-public-access resource
aws_s3_bucket_server_side_encryption_configuration.aft-codepipeline-customizations-bucket-encryption resource
aws_s3_bucket_versioning.codepipeline_bucket resource
random_string.codepipeline_bucket_suffix resource
aws_caller_identity.current data source
aws_kms_key.aft data source
aws_partition.current data source
aws_region.current data source
aws_s3_bucket.codepipeline_bucket data source
local_file.account_request_buildspec data source

Inputs

Name Description Type Default Required
aft_kms_key_alias The alias of the KMS key used by AFT. string "alias/aft" no
codepipeline_s3_bucket_name The name of the S3 bucket to store the CodePipeline artifacts. If not given one will be created. string "" no
codestar_connection_arn The ARN of the CodeStar connection string "" no
customization_name The name of the customization string n/a yes
customizations_repo_branch The branch of the repository containing the customizations string n/a yes
customizations_repo_name The name of the repository containing the customizations string n/a yes
global_codebuild_timeout The timeout in minutes for the CodeBuild project number 300 no
key_arn The ARN of the KMS key to use for encrypting the CodePipeline artifacts. If not given one will be created. string "" no
log_retention_days The number of days to retain logs number 7 no

Outputs

Name Description
codepipeline_arn ARN of the CodePipeline
codepipeline_bucket_arn ARN of the S3 bucket to store the CodePipeline artifacts
codepipeline_bucket_name Name of the S3 bucket to store the CodePipeline artifacts
codestar_connection_arn ARN of the CodeStar connection
invokation_kms_key_arn ARN of the KMS key used to encrypt the CodePipeline artifacts

About

PoC Terraform module to enable fully automated workflow for customization changes in AFT

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages