aws-add-additional-tags-variable (#515)

giantswarm · Nov 24, 2021 · 8ac2e30 · 8ac2e30
1 parent 55788d7
commit 8ac2e30
Show file tree

Hide file tree

Showing 16 changed files with 158 additions and 69 deletions.
diff --git a/modules/aws/bastion/bastion-logs.tf b/modules/aws/bastion/bastion-logs.tf
@@ -2,10 +2,7 @@ resource "aws_cloudwatch_log_group" "bastion_log_group" {
   count = var.forward_logs_enabled ? 1 : 0
   name  = "${var.cluster_name}_bastion"
 
-  tags = {
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = local.common_tags
 }
 
 resource "aws_cloudwatch_log_stream" "bastion_logs" {

diff --git a/modules/aws/bastion/bastion.tf b/modules/aws/bastion/bastion.tf
@@ -7,10 +7,14 @@ locals {
   # In China there is no tags for s3 buckets
   s3_ignition_bastion_key = element(concat(aws_s3_bucket_object.ignition_bastion_with_tags.*.key, aws_s3_bucket_object.ignition_bastion_without_tags.*.key), 0)
 
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "giantswarm.io/cluster-type", "control-plane",
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
 }
 
@@ -34,11 +38,12 @@ resource "aws_instance" "bastion" {
 
   user_data = data.ignition_config.s3.rendered
 
-  tags = {
-    Name                         = "${var.cluster_name}-bastion${count.index}"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-bastion${count.index}"
+    )
+  )
 }
 
 resource "aws_security_group" "bastion" {
@@ -86,11 +91,12 @@ resource "aws_security_group" "bastion" {
     self        = true
   }
 
-  tags = {
-    Name                         = "${var.cluster_name}-bastion"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-bastion"
+    )
+  )
 }
 
 resource "aws_route53_record" "bastion" {

diff --git a/modules/aws/bastion/variables.tf b/modules/aws/bastion/variables.tf
@@ -88,3 +88,10 @@ variable "transit_vpc_cidr" {
   type        = string
 }
 
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map
+  default     = {}
+}
+
diff --git a/modules/aws/master/master.tf b/modules/aws/master/master.tf
@@ -1,9 +1,16 @@
 locals {
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "giantswarm.io/cluster-type", "control-plane",
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
+
+  common_tags_asg = join("",[for key, value in var.additional_tags : "{\"Key\":\"${key}\",\"Value\":\"${value}\",\"PropagateAtLaunch\": true},"])
+
   customer_vpn_public_subnets = var.customer_vpn_public_subnets != "" ? split(",", var.customer_vpn_public_subnets) : []
   customer_vpn_private_subnets = var.customer_vpn_private_subnets != "" ? split(",", var.customer_vpn_private_subnets) : []
   # k8s_api prefixed values represent access to public loadbalancer
@@ -39,6 +46,7 @@ resource "aws_cloudformation_stack" "master_asg" {
         "DesiredCapacity": "1",
         "MinSize": "1",
         "Tags": [
+          ${local.common_tags_asg}
           {
             "Key": "Name",
             "Value": "${var.cluster_name}-master-${count.index}",

diff --git a/modules/aws/master/variables.tf b/modules/aws/master/variables.tf
@@ -124,3 +124,10 @@ variable "vpc_id" {
 }
 
 variable "s3_bucket_tags" {}
+
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map(string)
+  default     = {}
+}
diff --git a/modules/aws/s3/s3.tf b/modules/aws/s3/s3.tf
@@ -1,8 +1,12 @@
 locals {
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "giantswarm.io/cluster-type", "control-plane",
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
 }
 

diff --git a/modules/aws/s3/variables.tf b/modules/aws/s3/variables.tf
@@ -13,3 +13,10 @@ variable "logs_expiration_days" {
 variable "s3_bucket_prefix" {
   type = string
 }
+
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map
+  default     = {}
+}
diff --git a/modules/aws/vault/variables.tf b/modules/aws/vault/variables.tf
@@ -106,3 +106,10 @@ variable "worker_subnet_count" {
 }
 
 variable "s3_bucket_tags" {}
+
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map
+  default     = {}
+}
diff --git a/modules/aws/vault/vault-elb.tf b/modules/aws/vault/vault-elb.tf
@@ -19,11 +19,12 @@ resource "aws_elb" "vault" {
     interval            = 5
   }
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-vault"
+    )
+  )
 }
 
 resource "aws_elb_attachment" "vault" {
@@ -57,11 +58,12 @@ resource "aws_security_group" "vault_elb" {
     cidr_blocks = [var.ipam_network_cidr]
   }
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault-elb"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-vault-elb"
+    )
+  )
 }
 
 resource "aws_route53_record" "vault-elb" {

diff --git a/modules/aws/vault/vault.tf b/modules/aws/vault/vault.tf
@@ -2,10 +2,14 @@ locals {
   # In China there is no tags for s3 buckets
   s3_ignition_vault_key = element(concat(aws_s3_bucket_object.ignition_vault_with_tags.*.key, aws_s3_bucket_object.ignition_vault_without_tags.*.key), 0)
 
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "giantswarm.io/cluster-type", "control-plane",
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
 }
 
@@ -43,23 +47,25 @@ resource "aws_instance" "vault" {
 
   user_data = data.ignition_config.s3.rendered
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault${count.index}"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map( 
+      "Name", "${var.cluster_name}-vault${count.index}"
+    )
+  )
 }
 
 resource "aws_ebs_volume" "vault_etcd" {
   availability_zone = element(data.aws_availability_zones.available.names, 0)
   size              = var.volume_size_etcd
   type              = var.volume_type
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-vault"
+    )
+  )
 }
 
 resource "aws_volume_attachment" "vault_etcd_ebs" {
@@ -77,11 +83,12 @@ resource "aws_ebs_volume" "vault_logs" {
   size              = var.volume_size_logs
   type              = var.volume_type
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name", "${var.cluster_name}-vault"
+    ),
+  )
 }
 
 resource "aws_volume_attachment" "vault_logs_ebs" {
@@ -148,11 +155,12 @@ resource "aws_security_group" "vault" {
     cidr_blocks = concat(data.aws_subnet.worker_subnets.*.cidr_block,[var.aws_cni_cidr_block])
   }
 
-  tags = {
-    Name                         = "${var.cluster_name}-vault"
-    "giantswarm.io/cluster"      = var.cluster_name
-    "giantswarm.io/installation" = var.cluster_name
-  }
+  tags = merge(
+    local.common_tags,
+    map(
+      "Name" , "${var.cluster_name}-vault"
+    )
+  )
 }
 
 resource "aws_route53_record" "vault" {

diff --git a/modules/aws/vpc/variables.tf b/modules/aws/vpc/variables.tf
@@ -61,3 +61,9 @@ variable "transit_vpc_cidr" {
   type = string
 }
 
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map
+  default     = {}
+}
diff --git a/modules/aws/vpc/vpc.tf b/modules/aws/vpc/vpc.tf
@@ -7,11 +7,14 @@
 #   * the private nat gateway is in the elb subnet as well (needs to be in a public subnet)
 
 locals {
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "giantswarm.io/cluster-type", "control-plane",
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "giantswarm.io/cluster-type", "control-plane",
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
 
   policy_allow = <<EOF

diff --git a/modules/aws/worker-asg/variables.tf b/modules/aws/worker-asg/variables.tf
@@ -91,3 +91,10 @@ variable "vpc_id" {
 }
 
 variable "s3_bucket_tags" {}
+
+### additional tags
+variable "additional_tags" {
+  description = "Additional tags that can be added to all resources"
+  type        = map
+  default     = {}
+}
diff --git a/modules/aws/worker-asg/worker-asg.tf b/modules/aws/worker-asg/worker-asg.tf
@@ -2,11 +2,17 @@ locals {
   # In China there is no tags for s3 buckets
   s3_ignition_worker_key = element(concat(aws_s3_bucket_object.ignition_worker_with_tags.*.key, aws_s3_bucket_object.ignition_worker_without_tags.*.key), 0)
 
-  common_tags = map(
-    "giantswarm.io/cluster", var.cluster_name,
-    "giantswarm.io/installation", var.cluster_name,
-    "kubernetes.io/cluster/${var.cluster_name}", "owned"
+  common_tags = merge(
+    var.additional_tags,
+    map(
+      "giantswarm.io/cluster", var.cluster_name,
+      "giantswarm.io/installation", var.cluster_name,
+      "kubernetes.io/cluster/${var.cluster_name}", "owned"
+    )
   )
+  common_tags_asg = join("",[for key, value in var.additional_tags : "{\"Key\":\"${key}\",\"Value\":\"${value}\",\"PropagateAtLaunch\": true},"])
+
+
 }
 
 resource "aws_cloudformation_stack" "worker_asg" {
@@ -28,6 +34,7 @@ resource "aws_cloudformation_stack" "worker_asg" {
         "MaxSize": "${var.worker_count * 2}",
         "MinSize": "${var.worker_count}",
         "Tags": [
+          ${local.common_tags_asg}
           {
             "Key": "Name",
             "Value": "${var.cluster_name}-worker",