Update AWS Terraform Modules to configure consolidated CT

[afiune]

Useful information to accomplish this task:

https://www.padok.fr/en/blog/terraform-aws-accounts#:~:text=You%20can%20now%20apply%20the,actions%20on%20the%20others%20accounts!

padok.frApply the same Terraform on multiple AWS accountsYou want to apply the same terraform code to several Amazon Web Services (AWS) accounts? Learn how to use IAM to change the terraform provider parameter

https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-instances

Terraform by HashiCorp

Providers - Configuration Language - Terraform by HashiCorp

Providers are responsible in Terraform for managing the lifecycle of a resource: create, read, update, delete.

https://www.terraform.io/docs/providers/aws/index.html

Terraform by HashiCorpProvider: AWS - Terraform by HashiCorpThe Amazon Web Services (AWS) provider is used to interact with the many resources supported by AWS. The provider needs to be configured with the proper credentials before it can be used.

Solution Example

provider "aws" {}

provider "lacework" {}

module "aws_config" {
	source = "./modules/config"
}

module "aws_cloudtrail_main" {
	source                = "./modules/cloudtrail"
	bucket_force_destroy  = true
	use_existing_iam_role = true
	iam_role_name         = module.aws_config.iam_role_name
	iam_role_external_id  = module.aws_config.external_id
}

# Additional provider configuration for sub-account 1
provider "aws" {
	alias  = "sub-acocunt-1"
	# Add sub-account 1 creds
}

module "aws_cloudtrail_sub_account_1" {
	provider              = "sub-account-1"
	source                = "./modules/cloudtrail"

	# Use previous cloudtrail S3 bucket and SNS topic
	# but DO create a cloudtrail pointing to those resources
	sub_cloudtrail   = true
	bucket_name      = module.aws_cloudtrail_main.bucket_name
	sns_topic_name   = module.aws_cloudtrail_main.sns_topic_name
}

JIRA: ALLY-90