diff --git a/README.md b/README.md index c809ea5..2bfafc4 100644 --- a/README.md +++ b/README.md @@ -1 +1,137 @@ -# tf_label \ No newline at end of file +# tf_label + +Terraform module designed to generate consistent label names and tags for resources. Use `tf_label` to implement a strict naming convention. + +A label follows the following convention: `{namespace}-{stage}-{name}-{attributes}`. The delimiter (e.g. `-`) is interchangable. + +It's recommended to use one `tf_label` module for every unique resource of a given resource type. For example, if you have 10 instances, there should be 10 different labels. However, if you have multiple different kinds of resources (e.g. instances, security groups, file systems, and elastic ips), then they can all share the same label assuming they are logically related. + +All [Cloud Posse modules](https://github.com/cloudposse?utf8=%E2%9C%93&q=tf_&type=&language=) use this module to ensure resources can be instantiated multiple times within an account and without conflict. + +## Usage + +### Simple Example + +Include this repository as a module in your existing terraform code: + +``` +module "eg_prod_bastion_label" { + source = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0" + namespace = "eg" + stage = "prod" + name = "bastion" + attributes = ["public"] + delimiter = "-" + tags = "${map("BusinessUnit", "XYZ", "Snapshot", "true")}" +} +``` + +This will create an `id` with the value of `eg-prod-bastion-public`. + +Now reference the label when creating an instance (for example): +``` +resource "aws_instance" "eg_prod_bastion_public" { + instance_type = "t1.micro" + tags = "${module.eg_prod_bastion_label.tags}" +} +``` + +Or define a security group: +``` +resource "aws_security_group" "eg_prod_bastion_public" { + vpc_id = "${var.vpc_id}" + name = "${module.eg_prod_bastion_label.id}" + tags = "${module.eg_prod_bastion_label.tags}" + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} +``` + + +### Advanced Example + +Here is a more complex example with two instances using two different labels. Note how efficiently the tags are defined for both the instance and the security group. + +``` +module "eg_prod_bastion_abc_label" { + source = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0" + namespace = "eg" + stage = "prod" + name = "bastion" + attributes = ["abc"] + delimiter = "-" + tags = "${map("BusinessUnit", "ABC")}" +} + +resource "aws_security_group" "eg_prod_bastion_abc" { + name = "${module.eg_prod_bastion_abc_label.id}" + tags = "${module.eg_prod_bastion_abc_label.tags}" + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_instance" "eg_prod_bastion_abc" { + instance_type = "t1.micro" + tags = "${module.eg_prod_bastion_abc_label.tags}" + vpc_security_group_ids = ["${aws_security_group.eg_prod_bastion_abc.id"}] +} + +module "eg_prod_bastion_xyz_label" { + source = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0" + namespace = "eg" + stage = "prod" + name = "bastion" + attributes = ["xyz"] + delimiter = "-" + tags = "${map("BusinessUnit", "XYZ")}" +} + +resource "aws_security_group" "eg_prod_bastion_xyz" { + name = "module.eg_prod_bastion_xyz_label.id" + tags = "${module.eg_prod_bastion_xyz_label.tags}" + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_instance" "eg_prod_bastion_xyz" { + instance_type = "t1.micro" + tags = "${module.eg_prod_bastion_xyz_label.tags}" + vpc_security_group_ids = ["${aws_security_group.eg_prod_bastion_xyz.id}"] +} +``` + + +## Variables + +| Name | Default | Description | Required | +|:-----------------------------|:--------------:|:--------------------------------------------------------|:--------:| +| namespace | `` | Namespace (e.g. `cp` or `cloudposse`) | Yes | +| stage | `` | Stage (e.g. `prod`, `dev`, `staging`) | Yes | +| name | `` | Name (e.g. `bastion` or `db`) | Yes | +| attributes | [] | Additional attributes (e.g. `policy` or `role`) | No | +| tags | {} | Additional tags (e.g. `map("BusinessUnit","XYZ")` | No | + +**WARNING** Any tags passed as an input to this module will *override* the tags generated by this module. + +## Outputs + +| Name | Decription | +|:------------------|:----------------------| +| id | Disambiguated ID | +| name | Normalized name | +| namespace | Normalized namespace | +| stage | Normalized stage | +| attributes | Normalized attributes | +| tags | Normalized Tag map | diff --git a/main.tf b/main.tf index 89efbea..c9d2f21 100644 --- a/main.tf +++ b/main.tf @@ -1,9 +1,10 @@ resource "null_resource" "default" { triggers = { - id = "${lower(format("%v-%v-%v", var.namespace, var.stage, var.name))}" - name = "${lower(format("%v", var.name))}" - namespace = "${lower(format("%v", var.namespace))}" - stage = "${lower(format("%v", var.stage))}" + id = "${lower(join(var.delimiter, compact(concat(list(var.namespace, var.stage, var.name), var.attributes))))}" + name = "${lower(format("%v", var.name))}" + namespace = "${lower(format("%v", var.namespace))}" + stage = "${lower(format("%v", var.stage))}" + attributes = "${lower(format("%v", join(var.delimiter, compact(var.attributes))))}" } lifecycle { diff --git a/outputs.tf b/outputs.tf index b1a2fa9..ed0e7c7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,12 +2,32 @@ output "id" { value = "${null_resource.default.triggers.id}" } +output "name" { + value = "${null_resource.default.triggers.name}" +} + +output "namespace" { + value = "${null_resource.default.triggers.namespace}" +} + +output "stage" { + value = "${null_resource.default.triggers.stage}" +} + +output "attributes" { + value = "${null_resource.default.triggers.attributes}" +} + +# Merge input tags with our tags. +# Note: `Name` has a special meaning in AWS and we need to disamgiuate it by using the computed `id` output "tags" { value = "${ - map( - "Name", "${null_resource.default.triggers.id}", - "Namespace", "${null_resource.default.triggers.namespace}", - "Stage", "${null_resource.default.triggers.stage}" + merge( + map( + "Name", "${null_resource.default.triggers.id}", + "Namespace", "${null_resource.default.triggers.namespace}", + "Stage", "${null_resource.default.triggers.stage}" + ), var.tags ) }" } diff --git a/tests/.gitignore b/tests/.gitignore new file mode 100644 index 0000000..e2bf8bc --- /dev/null +++ b/tests/.gitignore @@ -0,0 +1,2 @@ +*.tfstate +*.tfstate.backup diff --git a/tests/test.tf b/tests/test.tf new file mode 100644 index 0000000..c7c2f68 --- /dev/null +++ b/tests/test.tf @@ -0,0 +1,32 @@ +module "test" { + source = "../" + namespace = "Namespace" + stage = "Stage" + name = "Name" + attributes = ["1", "2", "3", ""] + tags = "${map("Key", "Value")}" +} + +output "id" { + value = "${module.test.id}" +} + +output "name" { + value = "${module.test.name}" +} + +output "namespace" { + value = "${module.test.namespace}" +} + +output "stage" { + value = "${module.test.stage}" +} + +output "attributes" { + value = "${module.test.attributes}" +} + +output "tags" { + value = "${module.test.tags}" +} diff --git a/variables.tf b/variables.tf index 4c8fa16..7babf23 100644 --- a/variables.tf +++ b/variables.tf @@ -1,3 +1,17 @@ variable "namespace" {} variable "stage" {} -variable "name" {} \ No newline at end of file +variable "name" {} + +variable "delimiter" { + default = "-" +} + +variable "attributes" { + type = "list" + default = [] +} + +variable "tags" { + type = "map" + default = {} +}