Merge pull request #20 from DataDog/jonathan.machado/minor_updates

Make some minors update to clean the code

Author: Bit-Doctor

examples/custom_vpc/main.tf

@@ -14,26 +14,26 @@ provider "aws" {
 }
 
 module "agentless_scanner_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role?ref=0.2.0"
 
   account_roles = [module.delegate_role.role.arn]
 }
 
 module "delegate_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role?ref=0.2.0"
 
   scanner_role_arn = module.agentless_scanner_role.role.arn
 }
 
 module "user_data" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/user_data"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/user_data?ref=0.2.0"
 
   hostname = "agentless-scanning-us-east-1"
   api_key  = var.api_key
 }
 
 module "instance" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/instance"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/instance?ref=0.2.0"
 
   user_data            = module.user_data.install_sh
   iam_instance_profile = module.agentless_scanner_role.profile.name

examples/multi_region/main.tf

@@ -20,19 +20,19 @@ provider "aws" {
 }
 
 module "agentless_scanner_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role?ref=0.2.0"
 
   account_roles = [module.delegate_role.role.arn]
 }
 
 module "delegate_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role?ref=0.2.0"
 
   scanner_role_arn = module.agentless_scanner_role.role.arn
 }
 
 module "agentless_scanner" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner?ref=0.2.0"
   providers = {
     aws = aws.us
   }
@@ -42,7 +42,7 @@ module "agentless_scanner" {
 }
 
 module "agentless_scanner" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner?ref=0.2.0"
   providers = {
     aws = aws.eu
   }

examples/single_region/main.tf

@@ -13,21 +13,21 @@ provider "aws" {
   region = "us-east-1"
 }
 
-module "agentless_scanner_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role"
+module "scanner_role" {
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/agentless-scanner-role?ref=0.2.0"
 
   account_roles = [module.delegate_role.role.arn]
 }
 
 module "delegate_role" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner//modules/scanning-delegate-role?ref=0.2.0"
 
-  scanner_role_arn = module.agentless_scanner_role.role.arn
+  scanner_role_arn = module.scanner_role.role.arn
 }
 
 module "agentless_scanner" {
-  source = "github.com/DataDog/terraform-datadog-agentless-scanner"
+  source = "git::https://github.com/DataDog/terraform-datadog-agentless-scanner?ref=0.2.0"
 
   api_key               = var.api_key
-  instance_profile_name = module.agentless_scanner_role.instance_profile.name
-}
+  instance_profile_name = module.scanner_role.instance_profile.name
+}

main.tf

@@ -4,6 +4,7 @@ module "vpc" {
   source = "./modules/vpc"
 
   enable_ssm_vpc_endpoint = var.enable_ssm && var.enable_ssm_vpc_endpoint
+  tags                    = var.tags
 }
 
 module "user_data" {
@@ -20,4 +21,5 @@ module "instance" {
   user_data            = module.user_data.install_sh
   iam_instance_profile = var.instance_profile_name
   subnet_id            = module.vpc.private_subnet.id
-}
+  tags                 = var.tags
+}

modules/agentless-scanner-role/main.tf

@@ -82,7 +82,8 @@ resource "aws_iam_role_policy_attachment" "attachment" {
 }
 
 resource "aws_iam_role_policy_attachment" "ssm-attachment" {
-  count      = var.enable_ssm ? 1 : 0
+  count = var.enable_ssm ? 1 : 0
+
   policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
   role       = aws_iam_role.role.name
 }

modules/agentless-scanner-role/variables.tf

@@ -28,14 +28,14 @@ variable "kms_key_arn" {
   default     = null
 }
 
+variable "enable_ssm" {
+  description = "Whether to enable AWS SSM to facilitate executing troubleshooting commands on the instance"
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A map of additional tags to add to the IAM role/profile created"
   type        = map(string)
   default     = {}
 }
-
-variable "enable_ssm" {
-  description = "Whether to enable AWS SSM to facilitate executing troubleshooting commands on the instance"
-  type        = bool
-  default     = false
-}

modules/user_data/variables.tf

@@ -14,6 +14,11 @@ variable "api_key_secret_arn" {
   description = "ARN of the secret holding the Datadog API key. Takes precedence over api_key variable"
   type        = string
   default     = null
+
+  validation {
+    condition     = length(var.api_key) == 32 && can(regex("^[[:alnum:]]+$", var.api_key))
+    error_message = "A valid API key must be present in order to plan/apply this module."
+  }
 }
 
 variable "site" {

modules/vpc/variables.tf

@@ -10,14 +10,14 @@ variable "cidr" {
   default     = "10.0.0.0/16"
 }
 
+variable "enable_ssm_vpc_endpoint" {
+  description = "Whether to enable AWS SSM VPC endpoint"
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A map of additional tags to add to the instance/volume created"
   type        = map(string)
   default     = {}
 }
-
-variable "enable_ssm_vpc_endpoint" {
-  description = "Whether to enable AWS SSM VPC endpoint"
-  type        = bool
-  default     = false
-}

variables.tf

@@ -38,4 +38,10 @@ variable "enable_ssm_vpc_endpoint" {
   description = "Whether to enable AWS SSM VPC endpoint (only applicable if enable_ssm is true)"
   type        = bool
   default     = true
-}
+}
+
+variable "tags" {
+  description = "A map of additional tags to add to the IAM role/profile created"
+  type        = map(string)
+  default     = {}
+}