[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/14: cdn: Do not hard-code the profile name.
From: |
Chris Marusich |
Subject: |
04/14: cdn: Do not hard-code the profile name. |
Date: |
Sat, 29 Dec 2018 02:04:54 -0500 (EST) |
marusich pushed a commit to branch master
in repository maintenance.
commit 1204bc3d4517dc4194b1635965f653430527a6c9
Author: Chris Marusich <address@hidden>
Date: Thu Dec 27 14:55:28 2018 -0800
cdn: Do not hard-code the profile name.
* cdn/terraform/main.tf (provider) <profile>: Remove it.
---
cdn/terraform/main.tf | 49 ++++++++++++++++++++++++++++++++-----------------
1 file changed, 32 insertions(+), 17 deletions(-)
diff --git a/cdn/terraform/main.tf b/cdn/terraform/main.tf
index 3a8f0d0..6900a68 100644
--- a/cdn/terraform/main.tf
+++ b/cdn/terraform/main.tf
@@ -1,26 +1,41 @@
-# See: https://www.terraform.io/docs/providers/aws
-
-provider "aws" {
- # You must set up an AWS Credentials file a profile of the same name
- # (i.e., "guix"). For example, put this in your ~/.aws/credentials:
- #
- # [guix]
- # aws_access_key_id=ACCESS_KEY_ID
- # aws_secret_access_key=SECRET_ACCESS_KEY
- #
- # See:
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
- # That documentation AWS CLI documentation, but the same ideas apply
- # generally to other AWS SDKs and tools.
- profile = "guix"
-}
-
-# A friendly name for our account - this is displayed in various
+# Provider documentation: https://www.terraform.io/docs/providers/aws
+#
+# Some AWS credentials documentation:
+# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
+#
+# You must set up an AWS Credentials file to use the AWS provider.
+# For example, you might put the following in ~/.aws/credentials:
+#
+# [guix]
+# aws_access_key_id=ACCESS_KEY_ID
+# aws_secret_access_key=SECRET_ACCESS_KEY
+#
+# Then you can invoke "terraform" like this to use the credentials:
+#
+# AWS_PROFILE=guix AWS_DEFAULT_REGION=us-west-2 terraform apply
+#
+# The first environment variable tells the AWS provider to look for a
+# "profile" named "guix". You can use any profile name you want, but
+# it needs to match the profile name in the AWS credentials file.
+#
+# The second environment variable tells the AWS provider what region
+# to use. For global services like IAM or CloudFront, you can use any
+# region, but you might get better performance when using a region
+# that is geographically close to you. If we ever use any services
+# that are not global (e.g., EC2), then the region will specify where
+# those resources (e.g., EC2 instances) will exist.
+
+provider "aws" {}
+
+# A friendly name for our account. This is displayed in various
# places, such as the AWS Management Console.
+
resource "aws_iam_account_alias" "alias" {
account_alias = "guix"
}
# Encourage good password hygiene.
+
resource "aws_iam_account_password_policy" "strict" {
minimum_password_length = 20
require_lowercase_characters = true
- branch master updated (777e9e1 -> 5b68c2f), Chris Marusich, 2018/12/29
- 14/14: cdn: Add an example command to the README.org., Chris Marusich, 2018/12/29
- 11/14: cdn: Provision a TLS certificate for ci.guix.info., Chris Marusich, 2018/12/29
- 07/14: cdn: Use Terraform's S3 backend., Chris Marusich, 2018/12/29
- 13/14: cdn: Add billing alarms., Chris Marusich, 2018/12/29
- 10/14: cdn: Switch default region to us-east-1., Chris Marusich, 2018/12/29
- 08/14: cdn: Add a lifecycle policy to the state bucket., Chris Marusich, 2018/12/29
- 06/14: cdn: Add an S3 bucket to hold Terraform state., Chris Marusich, 2018/12/29
- 12/14: cdn: Allow clients to use both HTTP and HTTPS., Chris Marusich, 2018/12/29
- 04/14: cdn: Do not hard-code the profile name.,
Chris Marusich <=
- 02/14: cdn: Give Ludo and Ricardo administrative access., Chris Marusich, 2018/12/29
- 05/14: cdn: Add a CloudFront distribution fronting berlin., Chris Marusich, 2018/12/29
- 03/14: cdn: Add thoughts about next steps to README., Chris Marusich, 2018/12/29
- 01/14: cdn: Initial commit of Terraform configuration., Chris Marusich, 2018/12/29
- 09/14: cdn: Add a basic deployment plan to the README.org, Chris Marusich, 2018/12/29