Jenkins CI
71be2abd2e
- Terraform modules: VPC, EC2, RDS, S3, CloudFront, Route53, Lambda, IAM, Security Groups - Ansible playbooks for server configuration - Scripts: create-test-environment.sh, destroy-test-environment.sh, validate-environment.sh - Documentation: README, QUICKSTART, AGENTS - Jenkins pipeline for automated deployment - Jenkins pipeline for environment destruction
54 lines
1.2 KiB
Terraform
54 lines
1.2 KiB
Terraform
variable "environment" {}
|
|
variable "account_id" {}
|
|
|
|
resource "aws_iam_role" "ec2_role" {
|
|
name = "sacc4-ec2-role-${var.environment}"
|
|
assume_role_policy = jsonencode({
|
|
Version = "2012-10-17"
|
|
Statement = [{
|
|
Action = "sts:AssumeRole"
|
|
Effect = "Allow"
|
|
Principal = { Service = "ec2.amazonaws.com" }
|
|
}]
|
|
})
|
|
}
|
|
|
|
resource "aws_iam_role_policy" "ec2_policy" {
|
|
name = "sacc4-ec2-policy-${var.environment}"
|
|
role = aws_iam_role.ec2_role.id
|
|
policy = jsonencode({
|
|
Version = "2012-10-17"
|
|
Statement = [
|
|
{
|
|
Effect = "Allow"
|
|
Action = [
|
|
"s3:GetObject",
|
|
"s3:PutObject",
|
|
"s3:ListBucket"
|
|
]
|
|
Resource = [
|
|
"arn:aws:s3:::sacc4-*",
|
|
"arn:aws:s3:::sacc4-*/*"
|
|
]
|
|
},
|
|
{
|
|
Effect = "Allow"
|
|
Action = [
|
|
"logs:CreateLogGroup",
|
|
"logs:CreateLogStream",
|
|
"logs:PutLogEvents"
|
|
]
|
|
Resource = "arn:aws:logs:*:*:log-group:/sacc4/*"
|
|
}
|
|
]
|
|
})
|
|
}
|
|
|
|
resource "aws_iam_instance_profile" "ec2_profile" {
|
|
name = "sacc4-ec2-profile-${var.environment}"
|
|
role = aws_iam_role.ec2_role.name
|
|
}
|
|
|
|
output "ec2_instance_profile_name" {
|
|
value = aws_iam_instance_profile.ec2_profile.name
|
|
} |