Merge pull request #16 from ministryofjustice/bugfix/providers-outsid…

…e-module Bugfix/providers outside module
ministryofjustice · Apr 30, 2019 · 248065e · 248065e
2 parents 50b22d9 + f147361
commit 248065e
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 17 deletions.
diff --git a/README.md b/README.md
@@ -4,13 +4,23 @@ This terraform module will create an ECR repository and IAM credentials to acces
 
 ## Usage
 
+**This module will create the resources in the region of the providers specified in the `providers` input.**
+
+**Be sure to create the relevant providers, see example/main.tf**
+
+**From module version 3.2, this replaces the use of the `aws_region`.**
+
 ```hcl
 module "best_team_ecr_credentials" {
   source = "github.com/ministryofjustice/cloud-platform-terraform-ecr-credentials"
 
   repo_name = "test-repo"
   team_name = "best-team"
-  aws_region= "eu-west-2" 
+
+  # This is a new input
+  providers = { 
+    aws = "aws.london"
+  }
 }
 ```
 
@@ -24,7 +34,8 @@ Note: From version 3.0 of this module, The AWS region  will default to eu-west-2
 | team_name | name of the team creating the credentials | string | - | yes |
 | enable_policy | Sets a ECR lifecycle policy to delete every image after count 40 | string | true | yes 
 | aws_region | region into which the resource will be created | string | eu-west-2 | no 
-|
+| providers | provider creating resources | arrays of string | default provider | no
+
 
 ## Outputs
 

diff --git a/examples/ecr.tf b/examples/ecr.tf
@@ -5,10 +5,15 @@
  *
  */
 module "example_team_ecr_credentials" {
-  source     = "github.com/ministryofjustice/cloud-platform-terraform-ecr-credentials?ref=3.1"
-  repo_name  = "example-module"
-  team_name  = "example-team"
-  aws_region = "eu-west-2"                                                                     # this overwrite the region from the provider defined above.
+  source    = "github.com/ministryofjustice/cloud-platform-terraform-ecr-credentials?ref=3.2"
+  repo_name = "example-module"
+  team_name = "example-team"
+
+  # aws_region = "eu-west-2"     # This input is deprecated from version 3.2 of this module
+
+  providers = {
+    aws = "aws.london"
+  }
 }
 
 resource "kubernetes_secret" "example_team_ecr_credentials" {

diff --git a/examples/main.tf b/examples/main.tf
@@ -1,7 +1,19 @@
-terraform {
-  backend "s3" {}
+# terraform {
+#   backend "s3" {}
+# }
+
+provider "aws" {
+  region = "eu-west-1"
+}
+
+# To be use in case the resources need to be created in London
+provider "aws" {
+  alias  = "london"
+  region = "eu-west-2"
 }
 
+# To be use in case the resources need to be created in Ireland
 provider "aws" {
+  alias  = "ireland"
   region = "eu-west-1"
 }
diff --git a/main.tf b/main.tf
@@ -1,18 +1,11 @@
 data "aws_caller_identity" "current" {}
 data "aws_region" "current" {}
 
-provider "aws" {
-  alias  = "destination"
-  region = "${var.aws_region}"
-}
-
 resource "aws_ecr_repository" "repo" {
-  provider = "aws.destination"
-  name     = "${var.team_name}/${var.repo_name}"
+  name = "${var.team_name}/${var.repo_name}"
 }
 
 resource "aws_ecr_lifecycle_policy" "lifecycle_policy" {
-  provider   = "aws.destination"
   count      = "${var.enable_policy ? 1 : 0}"
   repository = "${aws_ecr_repository.repo.name}"
 
@@ -76,7 +69,7 @@ data "aws_iam_policy_document" "policy" {
     ]
 
     resources = [
-      "arn:aws:ecr:${var.aws_region}:${data.aws_caller_identity.current.account_id}:repository/${var.team_name}/*",
+      "arn:aws:ecr:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:repository/${var.team_name}/*",
     ]
   }
 }