Skip to content

Add ssm patch support #104

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 53 commits into from
Jul 2, 2021
Merged

Add ssm patch support #104

merged 53 commits into from
Jul 2, 2021

Conversation

jamengual
Copy link
Contributor

what

  • move ssm to its own file
  • fix invalid resource reference

why

  • patch fix

jamengual and others added 26 commits June 22, 2021 12:43
@jamengual
Adding SSM patch support
294928e
@cloudpossebot
Auto Format
053ceae
@jamengual
remove uneeded change
6133cbf
@jamengual
Merge branch 'add_ssm_patch_support' of github.com:cloudposse/terrafo…
7eac546 
…rm-aws-ec2-instance into add_ssm_patch_support
@jamengual
remove uneeded change
ad03b75
@cloudpossebot
Auto Format
2b17d4e
@jamengual @aknysh
Update main.tf
9219b10 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual @aknysh
Update main.tf
193d691 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual @aknysh
Update variables.tf
07de895 
Co-authored-by: Andriy Knysh <[email protected]>
@cloudpossebot
Auto Format
9f1088c
@jamengual @aknysh
Update main.tf
9f00bf2 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual @aknysh
Update main.tf
1a98cd1 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual
Adding SSM patch support
1edc0a8
@jamengual @aknysh
Update main.tf
b798e3a 
Co-authored-by: Andriy Knysh <[email protected]>
@cloudpossebot
Auto Format
336799f
@jamengual
Fixinf var name
7894217
@jamengual
Fixinf var name
271fe61
@jamengual
Merge branch 'add_ssm_patch_support' of github.com:cloudposse/terrafo…
16ab864 
…rm-aws-ec2-instance into add_ssm_patch_support
@jamengual
Fixing variable name for count
d4901ac
@jamengual
Fixing variable name for count and adding label module + attribute
d52b935
@cloudpossebot
Auto Format
f60e8af
@jamengual @aknysh
Update main.tf
c50f64b 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual @aknysh
Update main.tf
0ed01c4 
Co-authored-by: Andriy Knysh <[email protected]>
@jamengual
Minor fixes
ebe00ab
@jamengual
Fixing broken resource reference
5b0e320
@jamengual
Fixing broken resource reference
143adf9
@jamengual jamengual requested review from a team as code owners June 27, 2021 04:10
@jamengual jamengual requested a review from jhosteny June 27, 2021 04:10
@jamengual
Copy link
Contributor Author

/test all

1 similar comment
@jamengual
Copy link
Contributor Author

/test all

@jamengual
Copy link
Contributor Author

/test all

bridgecrew[bot]
bridgecrew bot reviewed Jun 30, 2021
View reviewed changes
Copy link

@bridgecrew bridgecrew bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bridgecrew has found 1 infrastructure configuration error in this PR ⬇️

@aknysh
Copy link
Member

aknysh commented Jul 1, 2021

@jamengual

I'd rename

variable "ssm_patch_manager_iam_policy" {
  type        = string
  default     = null
  description = "IAM policy to allow Patch manager to manage the instance"
}

to

variable "ssm_patch_manager_iam_policy_arn" {
  type        = string
  default     = null
  description = "IAM policy ARN to allow Patch Manager to manage the instance. If not provided, `arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore` will be used"
}

aknysh
aknysh reviewed Jul 1, 2021
View reviewed changes
aknysh
aknysh reviewed Jul 1, 2021
View reviewed changes
ssm_patch.tf Outdated
}

module "label_ssm_patch_s3_log_policy" {
enabled = local.ssm_patch_log_bucket_enabled
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

source and version should be before any other attributes

aknysh
aknysh previously approved these changes Jul 1, 2021
View reviewed changes
Copy link
Member

@aknysh aknysh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please see comments

@jamengual @aknysh
Update ssm_patch.tf
f146d74 
Co-authored-by: Andriy Knysh <[email protected]>
bridgecrew[bot]
bridgecrew bot reviewed Jul 1, 2021
View reviewed changes
Copy link

@bridgecrew bridgecrew bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bridgecrew has found 1 infrastructure configuration error in this PR ⬇️

bridgecrew[bot]
bridgecrew bot reviewed Jul 1, 2021
View reviewed changes
Copy link

@bridgecrew bridgecrew bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bridgecrew has found 1 infrastructure configuration error in this PR ⬇️

@jamengual
Copy link
Contributor Author

please see comments

Fixed

@jamengual
Copy link
Contributor Author

/test all

@jamengual
Copy link
Contributor Author

/test all

@jamengual
Copy link
Contributor Author

/test all

aknysh
aknysh reviewed Jul 2, 2021
View reviewed changes
main.tf Outdated
@@ -1,7 +1,7 @@
locals {
enabled = module.this.enabled
instance_count = local.enabled ? 1 : 0
volume_count = var.ebs_volume_count > 0 && local.instance_count > 0 ? var.ebs_volume_count : 0
volume_count = local.enabled && var.ebs_volume_count > 0 ? var.ebs_volume_count : 0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why removing local.instance_coun > 0 ?
Volumes are attached to instances, so if instance_count = 0 we prob should not try to attach

aknysh
aknysh previously approved these changes Jul 2, 2021
View reviewed changes
@jamengual
Copy link
Contributor Author

/test all

@jamengual jamengual merged commit f5c4e19 into master Jul 2, 2021
@jamengual jamengual deleted the add_ssm_patch_support branch July 2, 2021 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bridgecrew bridgecrew[bot] bridgecrew[bot] left review comments

@aknysh aknysh aknysh approved these changes

@jhosteny jhosteny Awaiting requested review from jhosteny

@3h4x 3h4x Awaiting requested review from 3h4x

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jamengual @aknysh @cloudpossebot