From a58a6959e5925733a21896b649851c3f58273c16 Mon Sep 17 00:00:00 2001 From: stackgen-automation Date: Wed, 23 Jul 2025 12:29:57 +0000 Subject: [PATCH] Exported from stackgen by appcd-e2e --- a2a-agentic-directory-1/terraform/.gitignore | 32 ++++ a2a-agentic-directory-1/terraform/.metadata | 7 + a2a-agentic-directory-1/terraform/README.md | 3 + a2a-agentic-directory-1/terraform/main.tf | 147 +++++++++++++++ .../aws_cloudwatch_log_group.tf | 10 + .../aws_cloudwatch_log_group/outputs.tf.json | 14 ++ .../variables.tf.json | 27 +++ .../modules/aws_dynamodb/aws_dynamodb.tf | 65 +++++++ .../modules/aws_dynamodb/outputs.tf.json | 9 + .../modules/aws_dynamodb/variables.tf.json | 115 ++++++++++++ .../aws_eip_composite/aws_eip_composite.tf | 10 + .../modules/aws_eip_composite/outputs.tf.json | 19 ++ .../aws_eip_composite/variables.tf.json | 18 ++ .../modules/aws_iam_role/aws_iam_role.tf | 20 ++ .../modules/aws_iam_role/outputs.tf.json | 14 ++ .../modules/aws_iam_role/variables.tf.json | 69 +++++++ .../aws_iam_role_policy.tf | 5 + .../aws_iam_role_policy/variables.tf.json | 33 ++++ .../aws_internet_gateway.tf | 6 + .../aws_internet_gateway/outputs.tf.json | 14 ++ .../aws_internet_gateway/variables.tf.json | 18 ++ .../modules/aws_lambda/aws_lambda.tf | 125 +++++++++++++ .../modules/aws_lambda/outputs.tf.json | 29 +++ .../modules/aws_lambda/variables.tf.json | 172 +++++++++++++++++ .../aws_nat_gateway_with_eip.tf | 23 +++ .../aws_nat_gateway_with_eip/outputs.tf.json | 14 ++ .../variables.tf.json | 40 ++++ .../aws_route_table_composite.tf | 31 ++++ .../variables.tf.json | 40 ++++ .../terraform/modules/aws_s3/aws_s3.tf | 105 +++++++++++ .../terraform/modules/aws_s3/outputs.tf.json | 24 +++ .../modules/aws_s3/variables.tf.json | 72 +++++++ .../terraform/modules/aws_sg/aws_sg.tf | 30 +++ .../terraform/modules/aws_sg/outputs.tf.json | 14 ++ .../modules/aws_sg/variables.tf.json | 49 +++++ .../modules/aws_subnet/aws_subnet.tf | 9 + .../modules/aws_subnet/outputs.tf.json | 14 ++ .../modules/aws_subnet/variables.tf.json | 41 ++++ .../terraform/modules/aws_vpc/aws_vpc.tf | 8 + .../terraform/modules/aws_vpc/outputs.tf.json | 24 +++ .../modules/aws_vpc/variables.tf.json | 47 +++++ a2a-agentic-directory-1/terraform/outputs.tf | 175 ++++++++++++++++++ a2a-agentic-directory-1/terraform/provider.tf | 23 +++ .../terraform/variables.tf | 4 + 44 files changed, 1768 insertions(+) create mode 100644 a2a-agentic-directory-1/terraform/.gitignore create mode 100644 a2a-agentic-directory-1/terraform/.metadata create mode 100644 a2a-agentic-directory-1/terraform/README.md create mode 100644 a2a-agentic-directory-1/terraform/main.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/aws_cloudwatch_log_group.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_dynamodb/aws_dynamodb.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_dynamodb/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_dynamodb/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_eip_composite/aws_eip_composite.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_eip_composite/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_eip_composite/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_iam_role/aws_iam_role.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_iam_role/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_iam_role/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/aws_iam_role_policy.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/aws_internet_gateway.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_lambda/aws_lambda.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_lambda/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_lambda/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/aws_nat_gateway_with_eip.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/aws_route_table_composite.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_s3/aws_s3.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_s3/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_s3/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_sg/aws_sg.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_sg/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_sg/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_subnet/aws_subnet.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_subnet/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_subnet/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_vpc/aws_vpc.tf create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_vpc/outputs.tf.json create mode 100644 a2a-agentic-directory-1/terraform/modules/aws_vpc/variables.tf.json create mode 100644 a2a-agentic-directory-1/terraform/outputs.tf create mode 100644 a2a-agentic-directory-1/terraform/provider.tf create mode 100644 a2a-agentic-directory-1/terraform/variables.tf diff --git a/a2a-agentic-directory-1/terraform/.gitignore b/a2a-agentic-directory-1/terraform/.gitignore new file mode 100644 index 0000000..05b2a76 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/.gitignore @@ -0,0 +1,32 @@ +# Source: https://github.com/github/gitignore/blob/main/Terraform.gitignore +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log +crash.*.log + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Ignore transient lock info files created by terraform apply +.terraform.tfstate.lock.info + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc + diff --git a/a2a-agentic-directory-1/terraform/.metadata b/a2a-agentic-directory-1/terraform/.metadata new file mode 100644 index 0000000..6a631d9 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/.metadata @@ -0,0 +1,7 @@ +{ + "app_stack_name": "another-appstack-3823", + "iac_type": "Terraform", + "provider": "aws", + "multi_env": false, + "exporter": "terraform" +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/README.md b/a2a-agentic-directory-1/terraform/README.md new file mode 100644 index 0000000..86a36cd --- /dev/null +++ b/a2a-agentic-directory-1/terraform/README.md @@ -0,0 +1,3 @@ +# README +This is a readme file for IaC generated with StackGen. +You can modify your appStack -> [here](http://main.dev.stackgen.com/appstacks/25944a89-c81e-48b1-abaf-bbb9e9bd611c) diff --git a/a2a-agentic-directory-1/terraform/main.tf b/a2a-agentic-directory-1/terraform/main.tf new file mode 100644 index 0000000..622ef37 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/main.tf @@ -0,0 +1,147 @@ +module "stackgen_27409e31-132a-4297-9059-3ff8d7ae8213" { + source = "./modules/aws_nat_gateway_with_eip" + create_eip = "true" + nat_gateway_name = "some_name" + subnet_id = "subnet-xxxxxxxxxxxxxxxxx" +} + +module "stackgen_32e26297-c006-4fee-94e9-b7b3e93281ee" { + source = "./modules/aws_iam_role" + assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" +} + +module "stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83" { + source = "./modules/aws_lambda" + architecture = "x86_64" + authorization_type = "NONE" + cors = [] + create_function_url = false + description = null + environment_variables = {} + event_source_arn = null + event_source_mapping = [] + filename = null + function_name = "stackgen_87e517-function" + handler = "main.lambda_handler" + image_uri = null + log_format = null + log_group_name = module.stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519.name + memory_size = 128 + role = module.stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19.arn + runtime = "python3.8" + s3_bucket = null + s3_key = null + s3_object_version = null + system_log_level = null + tags = null + timeout = 3 +} + +module "stackgen_3b084fac-76d6-4866-b832-482defe9db45" { + source = "./modules/aws_vpc" + cidr_block = "10.0.0.0/16" + enable_dns_hostnames = true + enable_dns_support = true + enable_network_address_usage_metrics = false + instance_tenancy = "default" +} + +module "stackgen_451dae65-d79f-4f2a-8a1b-f0246001cb58" { + source = "./modules/aws_subnet" + vpc_id = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.id +} + +module "stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19" { + source = "./modules/aws_iam_role" + assume_role_policy = "{\"Version\": \"2012-10-17\",\"Statement\": [{\"Action\": \"sts:AssumeRole\",\"Effect\": \"Allow\",\"Principal\": {\"Service\": \"lambda.amazonaws.com\"}}]}" + description = "IAM role for Lambda function to access DynamoDB and CloudWatch Logs." + force_detach_policies = true + inline_policy = [] + max_session_duration = 3600 + name = "lambda_dynamodb_cloudwatch_role" + path = "/" + permissions_boundary = null + tags = {} +} + +module "stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519" { + source = "./modules/aws_cloudwatch_log_group" + name = "/aws/lambda/stackgen_87e517-function" + retention_in_days = "30" + tags = {} +} + +module "stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e" { + source = "./modules/aws_s3" + bucket_name = "BUCKET_NAME" + enable_website_configuration = "false" + website_error_document = "ERROR_DOCUMENT" + website_index_document = "INDEX_DOCUMENT" +} + +module "stackgen_6ac5717b-7b2a-4814-86a8-9f9b817636e0" { + source = "./modules/aws_sg" + description = "Security group for the custom VPC" + name = "custom-vpc-sg" +} + +module "stackgen_7c4f5b9f-d3a0-4d3e-b141-fac7497f304d" { + source = "./modules/aws_iam_role_policy" + name = "Writer-stackgen_f61eb3" + policy = "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"CloudwatchLogGroup55b44ffd94ed557f88bd1d56734f55190\",\n \"Action\": [\n \"logs:CreateLogGroup\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${module.stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519.arn}\"\n ]\n },\n {\n \"Sid\": \"CloudwatchLogGroup55b44ffd94ed557f88bd1d56734f55191\",\n \"Action\": [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\n \"${module.stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519.arn}:*\"\n ]\n }\n ]\n}" + role = module.stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19.name + role_type = "Writer" +} + +module "stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52" { + source = "./modules/aws_eip_composite" + name = "some_name" +} + +module "stackgen_cb0995de-c5ce-4f72-8c69-7f61cb3326fe" { + source = "./modules/aws_cloudwatch_log_group" + name = "my-log-group" + retention_in_days = 30 + tags = { + environment = "production" + } +} + +module "stackgen_d35c94fb-1203-4f9b-bd77-fed58630ad32" { + source = "./modules/aws_route_table_composite" + name = "route-table-name" + routes = [] + subnet_ids = [] + vpc_id = "vpc-id" +} + +module "stackgen_e461f19b-faca-4753-9fca-986858b4aeb5" { + source = "./modules/aws_internet_gateway" + tags = "{\"Name\": \"internet-gateway\"}" + vpc_id = null +} + +module "stackgen_e6de8357-2bf7-4668-a6dd-1f6efac90dbc" { + source = "./modules/aws_subnet" + vpc_id = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.id +} + +module "stackgen_f0ed6411-1f8b-4363-a8c2-8f6868b90e1d" { + source = "./modules/aws_dynamodb" + attribute = [{ + name = "attribute1" + type = "type1" + }] + billing_mode = "PROVISIONED" + global_secondary_indexes = [] + hash_key = "string" + local_secondary_indexes = [] + point_in_time_recovery_enabled = true + read_capacity = null + server_side_encryption_enabled = true + table_name = "string" + tags = {} + ttl = [] + write_capacity = null +} + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/aws_cloudwatch_log_group.tf b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/aws_cloudwatch_log_group.tf new file mode 100644 index 0000000..5290a78 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/aws_cloudwatch_log_group.tf @@ -0,0 +1,10 @@ +resource "aws_cloudwatch_log_group" "this" { + name = var.name + retention_in_days = var.retention_in_days + + tags = var.tags +} + + + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/outputs.tf.json new file mode 100644 index 0000000..2c2f8a2 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_cloudwatch_log_group.this.arn}" + }, + "name": { + "description": "The value of the name output", + "sensitive": false, + "value": "${aws_cloudwatch_log_group.this.name}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/variables.tf.json new file mode 100644 index 0000000..70ac2f1 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_cloudwatch_log_group/variables.tf.json @@ -0,0 +1,27 @@ +{ + "variable": { + "name": [ + { + "description": "The name of the log group", + "type": "string", + "nullable": true + } + ], + "retention_in_days": [ + { + "description": "The number of days to retain log events", + "type": "number", + "nullable": true, + "default": 7 + } + ], + "tags": [ + { + "description": "A map of tags to add to all resources", + "default": {}, + "type": "map(string)", + "nullable": true + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/aws_dynamodb.tf b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/aws_dynamodb.tf new file mode 100644 index 0000000..cb8c460 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/aws_dynamodb.tf @@ -0,0 +1,65 @@ +locals { + hasStreaming = var.stream_view_type != "None" +} + +# Create DynamoDB table +resource "aws_dynamodb_table" "this" { + name = var.table_name + billing_mode = var.billing_mode + read_capacity = var.read_capacity + write_capacity = var.write_capacity + hash_key = var.hash_key + range_key = var.range_key + + stream_enabled = local.hasStreaming + stream_view_type = local.hasStreaming ? var.stream_view_type : null + + dynamic "attribute" { + for_each = var.attribute + content { + name = attribute.value.name + type = attribute.value.type + } + } + + dynamic "global_secondary_index" { + for_each = var.global_secondary_indexes + content { + name = global_secondary_index.value.name + hash_key = global_secondary_index.value.hash_key + range_key = global_secondary_index.value.range_key + projection_type = global_secondary_index.value.projection_type + read_capacity = global_secondary_index.value.read_capacity + write_capacity = global_secondary_index.value.write_capacity + } + } + + dynamic "local_secondary_index" { + for_each = var.local_secondary_indexes + content { + name = local_secondary_index.value.name + range_key = local_secondary_index.value.range_key + projection_type = local_secondary_index.value.projection_type + } + } + + point_in_time_recovery { + enabled = var.point_in_time_recovery_enabled + } + + server_side_encryption { + enabled = var.server_side_encryption_enabled + } + + tags = var.tags + + dynamic "ttl" { + for_each = var.ttl + content { + attribute_name = ttl.value.attribute_name + enabled = ttl.value.enabled + } + } +} + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/outputs.tf.json new file mode 100644 index 0000000..f458675 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/outputs.tf.json @@ -0,0 +1,9 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_dynamodb_table.this.arn}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/variables.tf.json new file mode 100644 index 0000000..9baf1f5 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_dynamodb/variables.tf.json @@ -0,0 +1,115 @@ +{ + "variable": { + "billing_mode": [ + { + "description": "The billing mode of the DynamoDB table", + "type": "string", + "default": "PROVISIONED" + } + ], + "write_capacity": [ + { + "default": 1, + "description": "Number of write units for this table. If the billing_mode is PROVISIONED, this field is required.", + "type": "number", + "nullable": true + } + ], + "read_capacity": [ + { + "default": 1, + "description": "Number of read units for this table. If the billing_mode is PROVISIONED, this field is required.", + "type": "number", + "nullable": true + } + ], + "table_name": [ + { + "description": "The name of the DynamoDB table", + "type": "string", + "default": "my-table" + } + ], + "hash_key": [ + { + "description": "The hash key of the DynamoDB table", + "type": "string", + "default": "id" + } + ], + "range_key": [ + { + "description": "The range key of the DynamoDB table", + "type": "string", + "default": "", + "nullable": true + } + ], + "attribute": [ + { + "description": "The attribute of the DynamoDB table", + "type": "list(object({ name: string, type: string }))", + "default": [ + { + "name": "id", + "type": "S" + } + ] + } + ], + "global_secondary_indexes": [ + { + "description": "A list of maps representing the global secondary indexes", + "type": "list(object({ name: string, hash_key: string, range_key: string, projection_type: string, read_capacity: number, write_capacity: number }))", + "default": [], + "nullable": true + } + ], + "local_secondary_indexes": [ + { + "description": "A list of maps representing the local secondary indexes", + "type": "list(object({ name: string, range_key: string, projection_type: string }))", + "default": [], + "nullable": true + } + ], + "ttl": [ + { + "description": "A map representing the TTL settings", + "type": "list(object({ attribute_name: string, enabled: bool }))", + "default": [], + "nullable": true + } + ], + "tags": [ + { + "description": "A map of tags to apply to the resources", + "type": "map(string)", + "default": {}, + "nullable": true + } + ], + "stream_view_type": [ + { + "description": "Indicates the DynamoDB Streams settings for the table. Set to `None` to disable streaming.", + "type": "string", + "default": "NEW_IMAGE", + "nullable": true + } + ], + "point_in_time_recovery_enabled": [ + { + "description": "Indicates whether point in time recovery is to be enabled (true) or disabled (false)", + "type": "bool", + "default": true + } + ], + "server_side_encryption_enabled": [ + { + "description": "Indicates whether server side encryption is to be enabled (true) or disabled (false)", + "type": "bool", + "default": true + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/aws_eip_composite.tf b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/aws_eip_composite.tf new file mode 100644 index 0000000..043b4ab --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/aws_eip_composite.tf @@ -0,0 +1,10 @@ +resource "aws_eip" "main" { + domain = "vpc" + + tags = merge( + { + Name = var.name + }, + var.tags + ) +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/outputs.tf.json new file mode 100644 index 0000000..7b0a524 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/outputs.tf.json @@ -0,0 +1,19 @@ +{ + "output": { + "allocation_id": { + "description": "The allocation ID of the EIP", + "sensitive": false, + "value": "${aws_eip.main.allocation_id}" + }, + "id": { + "description": "The ID of the EIP", + "sensitive": false, + "value": "${aws_eip.main.id}" + }, + "public_ip": { + "description": "The public IP address of the EIP", + "sensitive": false, + "value": "${aws_eip.main.public_ip}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/variables.tf.json new file mode 100644 index 0000000..f7f5406 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_eip_composite/variables.tf.json @@ -0,0 +1,18 @@ +{ + "variable": { + "name": [ + { + "description": "Name to be used for the EIP", + "type": "string" + } + ], + "tags": [ + { + "default": {}, + "description": "Tags to apply to the EIP", + "type": "map(string)", + "nullable": true + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_iam_role/aws_iam_role.tf b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/aws_iam_role.tf new file mode 100644 index 0000000..c6828aa --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/aws_iam_role.tf @@ -0,0 +1,20 @@ +resource "aws_iam_role" "this" { + name = var.name + description = var.description + permissions_boundary = var.permissions_boundary == "" ? null : var.permissions_boundary + assume_role_policy = var.assume_role_policy + path = var.path != "" ? var.path : "/" + max_session_duration = var.max_session_duration != 0 ? var.max_session_duration : 3600 + + dynamic "inline_policy" { + # if policy and name are not empty, then create the inline policy + for_each = [for policy in var.inline_policy : policy if policy.policy != "" && policy.name != ""] + + content { + name = inline_policy.value.name + policy = inline_policy.value.policy + } + } + force_detach_policies = var.force_detach_policies + tags = var.tags +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_iam_role/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/outputs.tf.json new file mode 100644 index 0000000..9c2ea74 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_iam_role.this.arn}" + }, + "name": { + "description": "The value of the name output", + "sensitive": false, + "value": "${aws_iam_role.this.name}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_iam_role/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/variables.tf.json new file mode 100644 index 0000000..4631717 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_iam_role/variables.tf.json @@ -0,0 +1,69 @@ +{ + "variable": { + "assume_role_policy": [ + { + "description": "The policy that grants an entity permission to assume the role", + "type": "string", + "nullable": false + } + ], + "description": [ + { + "description": "The description of the role", + "nullable": true, + "type": "string" + } + ], + "force_detach_policies": [ + { + "default": true, + "description": "Specifies to force detaching any policies the role has before destroying it", + "type": "bool", + "nullable": true + } + ], + "inline_policy": [ + { + "description": "The policy document", + "nullable": true, + "type": "list(object({ name: string, policy: string }))" + } + ], + "name": [ + { + "description": "The name of the role", + "type": "string", + "nullable": true + } + ], + "tags": [ + { + "description": "A mapping of tags to assign to the role", + "nullable": true, + "type": "map(string)" + } + ], + "path": [ + { + "description": "The path to the role", + "type": "string", + "nullable": true + } + ], + "max_session_duration": [ + { + "description": "The maximum session duration (in seconds) that you want to set for the specified role", + "type": "number", + "nullable": true + } + ], + "permissions_boundary": [ + { + "description": "The ARN of the policy that is used to set the permissions boundary for the role", + "type": "string", + "nullable": true, + "default": null + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/aws_iam_role_policy.tf b/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/aws_iam_role_policy.tf new file mode 100644 index 0000000..18c1595 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/aws_iam_role_policy.tf @@ -0,0 +1,5 @@ +resource "aws_iam_role_policy" "this" { + name = var.name + role = var.role + policy = var.policy +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/variables.tf.json new file mode 100644 index 0000000..987c209 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_iam_role_policy/variables.tf.json @@ -0,0 +1,33 @@ +{ + "variable": { + "name": [ + { + "description": "Name of the Role Policy", + "type": "string", + "nullable": true + } + ], + "policy": [ + { + "description": "JSON formatted inline policy document", + "type": "string", + "nullable": false + } + ], + "role": [ + { + "description": "The name of the IAM role to attach to the policy", + "type": "string", + "nullable": false + } + ], + "role_type":[ + { + "description": "The type of the IAM role to attach to the policy", + "default": "custom", + "type": "string", + "nullable": true + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/aws_internet_gateway.tf b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/aws_internet_gateway.tf new file mode 100644 index 0000000..39df622 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/aws_internet_gateway.tf @@ -0,0 +1,6 @@ +resource "aws_internet_gateway" "this" { + vpc_id = var.vpc_id + tags = var.tags +} + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/outputs.tf.json new file mode 100644 index 0000000..a17ba6f --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_internet_gateway.this.arn}" + }, + "id": { + "description": "The value of the id output", + "sensitive": false, + "value": "${aws_internet_gateway.this.id}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/variables.tf.json new file mode 100644 index 0000000..be2013d --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_internet_gateway/variables.tf.json @@ -0,0 +1,18 @@ +{ + "variable": { + "vpc_id": [ + { + "type": "string", + "description": "The VPC ID to create in.", + "nullable": true + } + ], + "tags": [ + { + "type": "map(string)", + "description": "A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.", + "nullable": true + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_lambda/aws_lambda.tf b/a2a-agentic-directory-1/terraform/modules/aws_lambda/aws_lambda.tf new file mode 100644 index 0000000..ad4dcaf --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_lambda/aws_lambda.tf @@ -0,0 +1,125 @@ +resource "aws_lambda_function" "this" { + architectures = [var.architecture] + function_name = var.function_name + description = var.description + role = var.role + handler = var.handler + runtime = var.runtime + timeout = var.timeout + memory_size = var.memory_size + + # using local file for lambda + filename = var.filename != "" ? var.filename : null + source_code_hash = var.filename != "" && var.filename != null ? filemd5(var.filename) : null + + # using s3 bucket for lambda + s3_bucket = var.s3_bucket != "" ? var.s3_bucket : null + s3_key = var.s3_key + s3_object_version = var.s3_object_version + + # using ecr image for lambda + image_uri = var.image_uri != "" ? var.image_uri : null + package_type = var.image_uri != "" && var.image_uri != null ? "Image" : "Zip" + + dynamic "logging_config" { + for_each = var.log_format != null ? [1] : [] + content { + log_group = var.log_group_name + log_format = var.log_format + system_log_level = var.system_log_level + } + } + + environment { + variables = var.environment_variables + } + + tags = var.tags + +} + +resource "aws_lambda_function_url" "this" { + count = var.create_function_url ? 1 : 0 + function_name = aws_lambda_function.this.function_name + authorization_type = var.create_function_url && var.authorization_type == null ? "NONE" : var.authorization_type + + dynamic "cors" { + for_each = var.cors + content { + allow_origins = cors.value.allow_origins + allow_methods = cors.value.allow_methods + allow_headers = cors.value.allow_headers + max_age = cors.value.max_age + allow_credentials = cors.value.allow_credentials + } + } +} + + + +resource "aws_lambda_event_source_mapping" "this" { + count = length(var.event_source_mapping) + # common for all event sources + event_source_arn = var.event_source_mapping[count.index].event_source_arn + function_name = aws_lambda_function.this.arn + starting_position = var.event_source_mapping[count.index].starting_position + batch_size = var.event_source_mapping[count.index].batch_size + enabled = var.event_source_mapping[count.index].enabled + + # for MSK + topics = [var.event_source_mapping[count.index].msk_topic] + + # for MQ + queues = [var.event_source_mapping[count.index].mq_queue] + + # for kinesis and dynamodb + bisect_batch_on_function_error = var.event_source_mapping[count.index].bisect_batch_on_function_error + maximum_record_age_in_seconds = var.event_source_mapping[count.index].maximum_record_age_in_seconds + maximum_retry_attempts = var.event_source_mapping[count.index].maximum_retry_attempts + parallelization_factor = var.event_source_mapping[count.index].parallelization_factor + + # for kinsesis dynamodb and kafka + destination_config { + on_failure { + destination_arn = var.event_source_mapping[count.index].on_failure_destination_arn + } + } + maximum_batching_window_in_seconds = var.event_source_mapping[count.index].maximum_batching_window_in_seconds + + # for SQS,kinesis and dynamodb + filter_criteria { + filter { + pattern = var.event_source_mapping[count.index].filter_pattern + } + } + + # for dynamodb + document_db_event_source_config { + collection_name = var.event_source_mapping[count.index].collection_name + database_name = var.event_source_mapping[count.index].database_name + full_document = var.event_source_mapping[count.index].full_document + } + # for SQS + scaling_config { + maximum_concurrency = var.event_source_mapping[count.index].maximum_concurrency + } +} + +# in case of asyncronous invocation onfigure permission for lambda to invoke the destination +# allowed destination for asyncronous invocation are SQS, SNS and Lambda function, event bridge +resource "aws_lambda_permission" "this" { + count = length(var.event_source_mapping) + statement_id = var.event_source_mapping[count.index].principal + count.index + action = "lambda:InvokeFunction" + function_name = aws_lambda_function.this.function_name + principal = var.event_source_mapping[count.index].principal + source_arn = var.event_source_arn +} + + + + + + + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_lambda/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_lambda/outputs.tf.json new file mode 100644 index 0000000..d531c87 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_lambda/outputs.tf.json @@ -0,0 +1,29 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_lambda_function.this.arn}" + }, + "function_arn": { + "description": "The value of the function_arn output", + "sensitive": false, + "value": "${aws_lambda_function.this.arn}" + }, + "function_name": { + "description": "The value of the function_name output", + "sensitive": false, + "value": "${aws_lambda_function.this.function_name}" + }, + "function_url": { + "description": "The value of the function_url output", + "sensitive": false, + "value": "${var.create_function_url ? aws_lambda_function_url.this[0].function_url : null}" + }, + "invoke_arn": { + "description": "The value of the invoke_arn output", + "sensitive": false, + "value": "${aws_lambda_function.this.invoke_arn}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_lambda/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_lambda/variables.tf.json new file mode 100644 index 0000000..1e1af83 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_lambda/variables.tf.json @@ -0,0 +1,172 @@ +{ + "variable": { + "architecture": [ + { + "default": "x86_64", + "description": "The architectures supported by the function.", + "nullable": true, + "type": "string" + } + ], + "authorization_type": [ + { + "default": "NONE", + "description": "The authorization type for the function URL.", + "nullable": true, + "type": "string" + } + ], + "cors":[ + { + "description": "The CORS configuration for the function.", + "nullable": true, + "type": "list(object({ allow_credentials: bool, allow_headers: list(string), allow_methods: list(string), allow_origins: list(string), max_age: number }))" + } + ], + "create_function_url": [ + { + "default": false, + "description": "Whether to create a URL for the Lambda Function.", + "nullable": true, + "type": "bool" + } + ], + "description": [ + { + "description": "Description of what your Lambda Function does.", + "nullable": true, + "type": "string" + } + ], + "environment_variables": [ + { + "description": "A map that defines environment variables for the Lambda Function.", + "nullable": true, + "type": "map(string)" + } + ], + "event_source_arn": [ + { + "description": "The ARN of the event source.", + "nullable": true, + "type": "string" + } + ], + "filename": [ + { + "description": "The path to the function's deployment package(zip) within the local filesystem", + "nullable": true, + "type": "string" + } + ], + "image_uri": [ + { + "description": "ECR image URI containing the function's deployment package", + "nullable": true, + "type": "string" + } + ], + "function_name": [ + { + "description": "Unique name for your Lambda Function.", + "nullable": false, + "type": "string" + } + ], + "handler": [ + { + "default": "main.lambda_handler", + "description": "The entry point for the Lambda Function.", + "nullable": false, + "type": "string" + } + ], + "log_format": [ + { + "description": "The format of the logs in the log group.", + "nullable": true, + "type": "string" + } + ], + "log_group_name": [ + { + "description": "The name of the CloudWatch log group to send logs to.", + "nullable": true, + "type": "string" + } + ], + "role": [ + { + "description": "The ARN of the IAM role that the Lambda Function assumes when it executes your function to access any other AWS services.", + "nullable": false, + "type": "string" + } + ], + "runtime": [ + { + "description": "runtime to use when running the Lambda Function.", + "nullable": false, + "type": "string", + "default": "python3.8" + } + ], + "timeout": [ + { + "description": "The amount of time your Lambda Function has to run in seconds.", + "default": 3, + "nullable": true, + "type": "number" + } + ], + "memory_size": [ + { + "description": "The amount of memory that your Lambda Function has access to in MB.", + "default": 128, + "nullable": true, + "type": "number" + } + ], + "s3_bucket": [ + { + "description": "The S3 bucket location that contains the function's deployment package.", + "nullable": true, + "type": "string" + } + ], + "s3_key": [ + { + "description": "The S3 key of an object containing the function's deployment package.", + "nullable": true, + "type": "string" + } + ], + "s3_object_version": [ + { + "description": "The object version of the function's deployment package.", + "nullable": true, + "type": "string" + } + ], + "system_log_level": [ + { + "description": "The log level for the Lambda Function.", + "nullable": true, + "type": "string" + } + ], + "event_source_mapping":[ + { + "description": "The event source mapping configuration.", + "nullable": true, + "type": "list(object({ event_source_arn: string, starting_position: string,batch_size:number,enabled:bool,msk_topic:string,mq_queue:string,bisect_batch_on_function_error:bool, maximum_record_age_in_seconds:number,maximum_retry_attempts:number,parallelization_factor:number,on_failure_destination_arn:string,maximum_batching_window_in_seconds:number,filter_pattern:string,collection_name:string,database_name:string,full_document:string,maximum_concurrency:number,principal:string }))" + } + ], + "tags":[ + { + "description": "A mapping of tags to assign to the resource.", + "nullable": true, + "type": "map(string)" + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/aws_nat_gateway_with_eip.tf b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/aws_nat_gateway_with_eip.tf new file mode 100644 index 0000000..9bccc68 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/aws_nat_gateway_with_eip.tf @@ -0,0 +1,23 @@ +resource "aws_nat_gateway" "this" { + subnet_id = var.subnet_id + allocation_id = var.create_eip ? aws_eip.nat[0].id : var.eip_allocation_id + + tags = merge( + { + Name = var.nat_gateway_name + }, + var.tags + ) +} + +resource "aws_eip" "nat" { + count = var.create_eip ? 1 : 0 + domain = "vpc" + + tags = merge( + { + Name = "${var.nat_gateway_name}-eip" + }, + var.tags + ) +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/outputs.tf.json new file mode 100644 index 0000000..9524e25 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "nat_gateway_id": { + "description": "The ID of the NAT Gateway", + "sensitive": false, + "value": "${aws_nat_gateway.this.id}" + }, + "nat_gateway_private_ip": { + "description": "The private IP address of the NAT Gateway", + "sensitive": false, + "value": "${aws_nat_gateway.this.private_ip}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/variables.tf.json new file mode 100644 index 0000000..fbcce10 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_nat_gateway_with_eip/variables.tf.json @@ -0,0 +1,40 @@ +{ + "variable": { + "subnet_id": [ + { + "description": "Subnet ID where the NAT Gateway will be created", + "type": "string", + "nullable": false + } + ], + "nat_gateway_name": [ + { + "description": "Name of the NAT Gateway", + "type": "string" + } + ], + "create_eip": [ + { + "description": "Whether to create a new EIP for the NAT Gateway", + "type": "bool", + "default": true + } + ], + "eip_allocation_id": [ + { + "description": "Existing EIP allocation ID to use for the NAT Gateway. Required if create_eip is false", + "type": "string", + "default": "", + "nullable": true + } + ], + "tags": [ + { + "description": "Tags to be applied to the NAT Gateway", + "type": "map(string)", + "default": {}, + "nullable": true + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/aws_route_table_composite.tf b/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/aws_route_table_composite.tf new file mode 100644 index 0000000..25ee574 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/aws_route_table_composite.tf @@ -0,0 +1,31 @@ +resource "aws_route_table" "main" { + vpc_id = var.vpc_id + + dynamic "route" { + for_each = var.routes + content { + cidr_block = route.value.cidr_block + + # Dynamically set the target based on the target_type + gateway_id = route.value.target_type == "gateway" ? route.value.target_id : null + nat_gateway_id = route.value.target_type == "nat_gateway" ? route.value.target_id : null + network_interface_id = route.value.target_type == "network_interface" ? route.value.target_id : null + vpc_peering_connection_id = route.value.target_type == "vpc_peering_connection" ? route.value.target_id : null + transit_gateway_id = route.value.target_type == "transit_gateway" ? route.value.target_id : null + } + } + + tags = merge( + { + Name = var.name + }, + var.tags + ) +} + +resource "aws_route_table_association" "main" { + count = length(var.subnet_ids) + + subnet_id = var.subnet_ids[count.index] + route_table_id = aws_route_table.main.id +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/variables.tf.json new file mode 100644 index 0000000..3aef5bf --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_route_table_composite/variables.tf.json @@ -0,0 +1,40 @@ +{ + "variable": { + "name": [ + { + "description": "Name prefix for the route table", + "type": "string", + "nullable": false + } + ], + "routes": [ + { + "default": [], + "description": "List of route configurations for the route table", + "type": "list(object({ cidr_block: string, target_type: string, target_id: string }))" + } + ], + "subnet_ids": [ + { + "description": "List of subnet IDs to associate with the route table", + "type": "list(string)", + "nullable": false + } + ], + "tags": [ + { + "default": {}, + "description": "Tags to apply to all resources", + "type": "map(string)", + "nullable": true + } + ], + "vpc_id": [ + { + "description": "VPC ID where the route table will be created", + "type": "string", + "nullable": false + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_s3/aws_s3.tf b/a2a-agentic-directory-1/terraform/modules/aws_s3/aws_s3.tf new file mode 100644 index 0000000..38bb649 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_s3/aws_s3.tf @@ -0,0 +1,105 @@ +resource "aws_s3_bucket" "this" { + bucket = var.bucket_name + tags = var.tags +} + +# create versioning for the bucket +resource "aws_s3_bucket_versioning" "this" { + # create this resource only if var.versioning is not empty + count = var.enable_versioning ? 1 : 0 + + bucket = aws_s3_bucket.this.id + + # enable versioning + versioning_configuration { + status = "Enabled" + } +} + +# Create a server-side encryption configuration for the bucket +resource "aws_s3_bucket_server_side_encryption_configuration" "this" { + # create this resource only if var.sse_algorithm is not empty + count = var.sse_algorithm != "" ? 1 : 0 + + bucket = aws_s3_bucket.this.id + + rule { + apply_server_side_encryption_by_default { + kms_master_key_id = var.sse_algorithm == "aws:kms" ? aws_kms_key.custom_s3_kms_key[0].key_id : null + sse_algorithm = var.sse_algorithm + } + } +} + +# block public access +resource "aws_s3_bucket_public_access_block" "this" { + + bucket = aws_s3_bucket.this.id + + block_public_acls = var.block_public_access + block_public_policy = var.block_public_access + ignore_public_acls = var.block_public_access + restrict_public_buckets = var.block_public_access +} + + +resource "aws_s3_bucket_website_configuration" "this" { + count = var.enable_website_configuration ? 1 : 0 + bucket = aws_s3_bucket.this.id + + index_document { + suffix = var.website_index_document + } + + error_document { + key = var.website_error_document + } +} + +resource "aws_s3_bucket_policy" "website_bucket_policy" { + count = var.enable_website_configuration ? 1 : 0 + bucket = aws_s3_bucket.this.id + policy = data.aws_iam_policy_document.website_bucket_policy[0].json +} + +data "aws_iam_policy_document" "website_bucket_policy" { + count = var.enable_website_configuration ? 1 : 0 + statement { + effect = "Allow" + principals { + type = "AWS" + identifiers = ["*"] + } + actions = ["s3:GetObject"] + resources = ["${aws_s3_bucket.this.arn}/*"] + + } +} + +resource "aws_s3_bucket_policy" "allow_access" { + count = var.bucket_policy != "" ? 1 : 0 + bucket = aws_s3_bucket.this.id + policy = var.bucket_policy +} + + +resource "aws_kms_key" "custom_s3_kms_key" { + count = var.sse_algorithm == "aws:kms" ? 1 : 0 + description = "Custom KMS key for s3 bucket encryption" + enable_key_rotation = true +} + +resource "aws_kms_alias" "a" { + count = var.sse_algorithm == "aws:kms" ? 1 : 0 + name = "alias/s3-${replace(aws_s3_bucket.this.bucket, ".", "-")}" + target_key_id = aws_kms_key.custom_s3_kms_key[0].key_id +} + + + + + + + + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_s3/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_s3/outputs.tf.json new file mode 100644 index 0000000..b5bf317 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_s3/outputs.tf.json @@ -0,0 +1,24 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_s3_bucket.this.arn}" + }, + "bucket_name": { + "description": "The value of the bucket_name output", + "sensitive": false, + "value": "${aws_s3_bucket.this.id}" + }, + "bucket_website_endpoint": { + "description": "The value of the bucket_website_endpoint output", + "sensitive": false, + "value": "${var.enable_website_configuration ? aws_s3_bucket_website_configuration.this[0].website_endpoint : null}" + }, + "kms_arn": { + "description": "The value of the kms_arn output", + "sensitive": false, + "value": "${var.sse_algorithm == \"aws:kms\" ? aws_kms_key.custom_s3_kms_key[0].arn : null}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_s3/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_s3/variables.tf.json new file mode 100644 index 0000000..bce1322 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_s3/variables.tf.json @@ -0,0 +1,72 @@ +{ + "variable": { + "block_public_access": [ + { + "default": true, + "description": "A state of block public access. If false, block public access is not enabled.", + "type": "bool", + "nullable": true + } + ], + "bucket_name": [ + { + "description": "The name of the s3 bucket", + "nullable": false, + "type": "string" + } + ], + "enable_versioning": [ + { + "default": true, + "description": "Enable versioning for the bucket", + "type": "bool", + "nullable": true + } + ], + "sse_algorithm": [ + { + "default": "aws:kms", + "description": "The server-side encryption algorithm to use. Valid values are AES256 and aws:kms. If you specify aws:kms, a new KMS key will be provisioned and used. If empty, no encryption is performed.", + "type": "string", + "nullable": true + } + ], + "enable_website_configuration": [ + { + "default": false, + "description": "Enable website configuration for the bucket", + "type": "bool" + } + ], + "website_index_document": [ + { + "description": "The index document for the bucket", + "type": "string", + "default": "index.html" + } + ], + "website_error_document": [ + { + "description": "The error document for the bucket", + "type": "string", + "default": "404.html" + } + ], + "bucket_policy": [ + { + "description": "The IAM policy of the bucket (can be used to allow access to other roles or accounts)", + "type": "string", + "default": "", + "nullable": true + } + ], + "tags": [ + { + "default": {}, + "description": "A mapping of AWS tags to assign to the bucket.", + "type": "map(string)", + "nullable": true + } + ] + } + } \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_sg/aws_sg.tf b/a2a-agentic-directory-1/terraform/modules/aws_sg/aws_sg.tf new file mode 100644 index 0000000..4ba5b13 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_sg/aws_sg.tf @@ -0,0 +1,30 @@ +resource "aws_security_group" "this" { + name = var.name + description = var.description + vpc_id = var.vpc_id + + tags = var.tags +} + + +resource "aws_vpc_security_group_ingress_rule" "this" { + for_each = { for u in var.ingress : u.description => u } + security_group_id = aws_security_group.this.id + description = each.key + from_port = each.value.from_port + to_port = each.value.to_port + ip_protocol = each.value.protocol + cidr_ipv4 = each.value.cidr_ipv4 +} +resource "aws_vpc_security_group_egress_rule" "this" { + for_each = { for u in var.egress : u.description => u } + security_group_id = aws_security_group.this.id + description = each.key + from_port = each.value.from_port + to_port = each.value.to_port + ip_protocol = each.value.protocol + cidr_ipv4 = each.value.cidr_ipv4 +} + + + diff --git a/a2a-agentic-directory-1/terraform/modules/aws_sg/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_sg/outputs.tf.json new file mode 100644 index 0000000..e95c241 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_sg/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_security_group.this.arn}" + }, + "security_group_id": { + "description": "The value of the security_group_id output", + "sensitive": false, + "value": "${aws_security_group.this.id}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_sg/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_sg/variables.tf.json new file mode 100644 index 0000000..1329aca --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_sg/variables.tf.json @@ -0,0 +1,49 @@ +{ + "variable": { + "name": [ + { + "description": "Name of the security group", + "nullable": false, + "type": "string" + } + ], + "description": [ + { + "description": "Security group description.", + "default": "Managed by Terraform.", + "type": "string" + } + ], + "vpc_id": [ + { + "description": "VPC ID", + "nullable": true, + "type": "string" + } + ], + "egress": [ + { + "description": "Configuration block for egress rules. Can be specified multiple times for each egress rule.", + "type": "list(object({ description: string, from_port: number, to_port: number, protocol: string, cidr_ipv4: string}))", + "default": [], + "nullable": true + } + ], + "ingress": [ + { + "description": "Configuration block for ingress rules. Can be specified multiple times for each ingress rule.", + "type": "list(object({ description: string, from_port: number, to_port: number, protocol: string, cidr_ipv4: string}))", + "default": [], + "nullable": true + } + ], + "tags": [ + { + "description": "A map of tags to add to the resource", + "type": "map(string)", + "nullable": true, + "default": {} + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_subnet/aws_subnet.tf b/a2a-agentic-directory-1/terraform/modules/aws_subnet/aws_subnet.tf new file mode 100644 index 0000000..443708b --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_subnet/aws_subnet.tf @@ -0,0 +1,9 @@ +resource "aws_subnet" "this" { + vpc_id = var.vpc_id + availability_zone = var.availability_zone + cidr_block = var.cidr_block + map_public_ip_on_launch = var.map_public_ip_on_launch + + tags = var.tags + +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_subnet/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_subnet/outputs.tf.json new file mode 100644 index 0000000..53e901f --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_subnet/outputs.tf.json @@ -0,0 +1,14 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_subnet.this.arn}" + }, + "id": { + "description": "The value of the id output", + "sensitive": false, + "value": "${aws_subnet.this.id}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_subnet/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_subnet/variables.tf.json new file mode 100644 index 0000000..beb94c1 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_subnet/variables.tf.json @@ -0,0 +1,41 @@ +{ + "variable": { + "vpc_id": [ + { + "description": "The VPC ID", + "type": "string", + "nullable": false + } + ], + "cidr_block": [ + { + "description": "The CIDR block for the subnet", + "type": "string", + "nullable": true + } + ], + "availability_zone": [ + { + "description": "The availability zone", + "type": "string", + "nullable": true + } + ], + "tags": [ + { + "description": "The tags to apply to the subnet", + "type": "map(string)", + "nullable": true, + "default": {} + } + ], + "map_public_ip_on_launch":[ + { + "description": "Specify true to indicate that instances launched into the subnet should be assigned a public IP address.", + "type": "bool", + "nullable": true, + "default": false + } + ] + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_vpc/aws_vpc.tf b/a2a-agentic-directory-1/terraform/modules/aws_vpc/aws_vpc.tf new file mode 100644 index 0000000..ce66b21 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_vpc/aws_vpc.tf @@ -0,0 +1,8 @@ +resource "aws_vpc" "this" { + cidr_block = var.cidr_block + instance_tenancy = var.instance_tenancy + enable_dns_support = var.enable_dns_support + enable_dns_hostnames = var.enable_dns_hostnames + enable_network_address_usage_metrics = var.enable_network_address_usage_metrics + tags = var.tags +} diff --git a/a2a-agentic-directory-1/terraform/modules/aws_vpc/outputs.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_vpc/outputs.tf.json new file mode 100644 index 0000000..d36b0d9 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_vpc/outputs.tf.json @@ -0,0 +1,24 @@ +{ + "output": { + "arn": { + "description": "The value of the arn output", + "sensitive": false, + "value": "${aws_vpc.this.arn}" + }, + "default_route_table_id": { + "description": "The value of the default_route_table_id output", + "sensitive": false, + "value": "${aws_vpc.this.default_route_table_id}" + }, + "id": { + "description": "The value of the id output", + "sensitive": false, + "value": "${aws_vpc.this.id}" + }, + "vpc_id": { + "description": "The value of the vpc_id output", + "sensitive": false, + "value": "${aws_vpc.this.id}" + } + } +} \ No newline at end of file diff --git a/a2a-agentic-directory-1/terraform/modules/aws_vpc/variables.tf.json b/a2a-agentic-directory-1/terraform/modules/aws_vpc/variables.tf.json new file mode 100644 index 0000000..f8fb561 --- /dev/null +++ b/a2a-agentic-directory-1/terraform/modules/aws_vpc/variables.tf.json @@ -0,0 +1,47 @@ +{ + "variable": { + "cidr_block": [ + { + "description": "The IPv4 CIDR block for the VPC.", + "nullable": false, + "type": "string" + } + ], + "instance_tenancy": [ + { + "description": "The IPv4 CIDR block for the VPC.", + "default": "default", + "type": "string" + } + ], + "enable_dns_support": [ + { + "description": "A boolean flag to enable/disable DNS support in the VPC.", + "default": true, + "type": "bool" + } + ], + "enable_network_address_usage_metrics": [ + { + "description": "Indicates whether Network Address Usage metrics are enabled for your VPC.", + "default": false, + "type": "bool" + } + ], + "enable_dns_hostnames": [ + { + "description": "A boolean flag to enable/disable DNS hostnames in the VPC.", + "default": false, + "type": "bool" + } + ], + "tags": [ + { + "description": "The tags to apply to the subnet", + "type": "map(string)", + "nullable": true, + "default": {} + } + ] + } +} diff --git a/a2a-agentic-directory-1/terraform/outputs.tf b/a2a-agentic-directory-1/terraform/outputs.tf new file mode 100644 index 0000000..acbe51a --- /dev/null +++ b/a2a-agentic-directory-1/terraform/outputs.tf @@ -0,0 +1,175 @@ +output "aws_cloudwatch_log_group_stackgen_cb0995de-c5ce-4f72-8c69-7f61cb3326fe_arn" { + value = module.stackgen_cb0995de-c5ce-4f72-8c69-7f61cb3326fe.arn + sensitive = false +} + +output "aws_cloudwatch_log_group_stackgen_cb0995de-c5ce-4f72-8c69-7f61cb3326fe_name" { + value = module.stackgen_cb0995de-c5ce-4f72-8c69-7f61cb3326fe.name + sensitive = false +} + +output "aws_cloudwatch_log_group_stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519_arn" { + value = module.stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519.arn + sensitive = false +} + +output "aws_cloudwatch_log_group_stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519_name" { + value = module.stackgen_55b44ffd-94ed-557f-88bd-1d56734f5519.name + sensitive = false +} + +output "aws_dynamodb_stackgen_f0ed6411-1f8b-4363-a8c2-8f6868b90e1d_arn" { + value = module.stackgen_f0ed6411-1f8b-4363-a8c2-8f6868b90e1d.arn + sensitive = false +} + +output "aws_eip_composite_stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52_allocation_id" { + value = module.stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52.allocation_id + sensitive = false +} + +output "aws_eip_composite_stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52_id" { + value = module.stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52.id + sensitive = false +} + +output "aws_eip_composite_stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52_public_ip" { + value = module.stackgen_b57496c2-2c9b-4e3f-9f2d-f7f6fd89ef52.public_ip + sensitive = false +} + +output "aws_iam_role_stackgen_32e26297-c006-4fee-94e9-b7b3e93281ee_arn" { + value = module.stackgen_32e26297-c006-4fee-94e9-b7b3e93281ee.arn + sensitive = false +} + +output "aws_iam_role_stackgen_32e26297-c006-4fee-94e9-b7b3e93281ee_name" { + value = module.stackgen_32e26297-c006-4fee-94e9-b7b3e93281ee.name + sensitive = false +} + +output "aws_iam_role_stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19_arn" { + value = module.stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19.arn + sensitive = false +} + +output "aws_iam_role_stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19_name" { + value = module.stackgen_47096752-05d0-57b8-b350-a13e9b5a7c19.name + sensitive = false +} + +output "aws_internet_gateway_stackgen_e461f19b-faca-4753-9fca-986858b4aeb5_arn" { + value = module.stackgen_e461f19b-faca-4753-9fca-986858b4aeb5.arn + sensitive = false +} + +output "aws_internet_gateway_stackgen_e461f19b-faca-4753-9fca-986858b4aeb5_id" { + value = module.stackgen_e461f19b-faca-4753-9fca-986858b4aeb5.id + sensitive = false +} + +output "aws_lambda_stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83_arn" { + value = module.stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83.arn + sensitive = false +} + +output "aws_lambda_stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83_function_arn" { + value = module.stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83.function_arn + sensitive = false +} + +output "aws_lambda_stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83_function_name" { + value = module.stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83.function_name + sensitive = false +} + +output "aws_lambda_stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83_function_url" { + value = module.stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83.function_url + sensitive = false +} + +output "aws_lambda_stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83_invoke_arn" { + value = module.stackgen_392c67f8-2d55-59ea-a942-d91ecc986c83.invoke_arn + sensitive = false +} + +output "aws_nat_gateway_with_eip_stackgen_27409e31-132a-4297-9059-3ff8d7ae8213_nat_gateway_id" { + value = module.stackgen_27409e31-132a-4297-9059-3ff8d7ae8213.nat_gateway_id + sensitive = false +} + +output "aws_nat_gateway_with_eip_stackgen_27409e31-132a-4297-9059-3ff8d7ae8213_nat_gateway_private_ip" { + value = module.stackgen_27409e31-132a-4297-9059-3ff8d7ae8213.nat_gateway_private_ip + sensitive = false +} + +output "aws_s3_stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e_arn" { + value = module.stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e.arn + sensitive = false +} + +output "aws_s3_stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e_bucket_name" { + value = module.stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e.bucket_name + sensitive = false +} + +output "aws_s3_stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e_bucket_website_endpoint" { + value = module.stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e.bucket_website_endpoint + sensitive = false +} + +output "aws_s3_stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e_kms_arn" { + value = module.stackgen_55e617b6-957d-439f-8689-c25a6c2e0b3e.kms_arn + sensitive = false +} + +output "aws_sg_stackgen_6ac5717b-7b2a-4814-86a8-9f9b817636e0_arn" { + value = module.stackgen_6ac5717b-7b2a-4814-86a8-9f9b817636e0.arn + sensitive = false +} + +output "aws_sg_stackgen_6ac5717b-7b2a-4814-86a8-9f9b817636e0_security_group_id" { + value = module.stackgen_6ac5717b-7b2a-4814-86a8-9f9b817636e0.security_group_id + sensitive = false +} + +output "aws_subnet_stackgen_e6de8357-2bf7-4668-a6dd-1f6efac90dbc_arn" { + value = module.stackgen_e6de8357-2bf7-4668-a6dd-1f6efac90dbc.arn + sensitive = false +} + +output "aws_subnet_stackgen_e6de8357-2bf7-4668-a6dd-1f6efac90dbc_id" { + value = module.stackgen_e6de8357-2bf7-4668-a6dd-1f6efac90dbc.id + sensitive = false +} + +output "aws_subnet_stackgen_451dae65-d79f-4f2a-8a1b-f0246001cb58_arn" { + value = module.stackgen_451dae65-d79f-4f2a-8a1b-f0246001cb58.arn + sensitive = false +} + +output "aws_subnet_stackgen_451dae65-d79f-4f2a-8a1b-f0246001cb58_id" { + value = module.stackgen_451dae65-d79f-4f2a-8a1b-f0246001cb58.id + sensitive = false +} + +output "aws_vpc_stackgen_3b084fac-76d6-4866-b832-482defe9db45_arn" { + value = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.arn + sensitive = false +} + +output "aws_vpc_stackgen_3b084fac-76d6-4866-b832-482defe9db45_default_route_table_id" { + value = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.default_route_table_id + sensitive = false +} + +output "aws_vpc_stackgen_3b084fac-76d6-4866-b832-482defe9db45_id" { + value = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.id + sensitive = false +} + +output "aws_vpc_stackgen_3b084fac-76d6-4866-b832-482defe9db45_vpc_id" { + value = module.stackgen_3b084fac-76d6-4866-b832-482defe9db45.vpc_id + sensitive = false +} + diff --git a/a2a-agentic-directory-1/terraform/provider.tf b/a2a-agentic-directory-1/terraform/provider.tf new file mode 100644 index 0000000..f411dbd --- /dev/null +++ b/a2a-agentic-directory-1/terraform/provider.tf @@ -0,0 +1,23 @@ +terraform { + required_version = ">= 1.0.0, < 2.0.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + + awscc = { // AWS Cloud Control + source = "hashicorp/awscc" + version = "~> 1.0" + } + } +} + +provider "awscc" { + region = var.region +} + +provider "aws" { + region = var.region +} diff --git a/a2a-agentic-directory-1/terraform/variables.tf b/a2a-agentic-directory-1/terraform/variables.tf new file mode 100644 index 0000000..60fa06c --- /dev/null +++ b/a2a-agentic-directory-1/terraform/variables.tf @@ -0,0 +1,4 @@ +variable "region" { + description = "AWS region in which the project needs to be setup (us-east-1, ca-west-1, eu-west-3, etc)" +} +