From fabebd23982eb2e041d571096becce28cac204b6 Mon Sep 17 00:00:00 2001 From: Kevon Mayers Date: Sun, 9 Nov 2025 22:12:41 -0500 Subject: [PATCH 1/5] fix(pre-commit): resolve terraform-docs version mismatches and validation issues - Add --lockfile=false to terraform_docs to use versions.tf instead of stale lock files - Add --tf-init-args=-upgrade to terraform_validate to handle provider version mismatches - Add --retry-once-with-cleanup to handle corrupted .terraform directories - Add --quiet to checkov to suppress verbose parsing warnings - Add comprehensive comments explaining each configuration option - Update terraform-docs config to show both Requirements and Providers sections --- .config/.terraform-docs.yml | 7 +------ .pre-commit-config.yaml | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/.config/.terraform-docs.yml b/.config/.terraform-docs.yml index 6e9f5513..e3147a42 100644 --- a/.config/.terraform-docs.yml +++ b/.config/.terraform-docs.yml @@ -2,6 +2,7 @@ formatter: markdown table sections: show: - header + - requirements - inputs - providers - modules @@ -17,9 +18,3 @@ output: sort: enabled: true by: required -settings: - indent: 4 - escape: false - default: false - required: false - type: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a03a7ead..4effd854 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -17,14 +17,23 @@ repos: rev: "3.2.457" hooks: - id: checkov - args: ["--config-file", ".config/.checkov.yml"] + args: ["--config-file", ".config/.checkov.yml", "--quiet"] - repo: https://github.com/antonbabenko/pre-commit-terraform rev: "v1.99.5" hooks: - id: terraform_docs args: - - --hook-config=--add-to-existing-file=true - - --hook-config=--create-file-if-not-exist=false + # Uses antonbabenko/pre-commit-terraform (supports monorepo with multiple modules) + # --hook-config: antonbabenko wrapper settings for file handling + - --hook-config=--add-to-existing-file=true # Update existing README.md files (requires BOTH and markers) + - --hook-config=--create-file-if-not-exist=false # Don't create new README.md files + # --args: terraform-docs binary arguments + - --args=--config=.config/.terraform-docs.yml # Use our terraform-docs config file + - --args=--lockfile=false # Ignore .terraform.lock.hcl, use versions.tf instead (fixes version mismatches) - id: terraform_validate + args: + - --tf-init-args=-upgrade # Always upgrade to match versions.tf (source of truth) + - --hook-config=--retry-once-with-cleanup=true # If validation fails, delete corrupted .terraform dirs and retry + - --args=-no-color # Cleaner output - id: terraform_fmt - id: terraform_tflint From 52efa43ca9c012d775767c2d5267d0f34ac3e782 Mon Sep 17 00:00:00 2001 From: Kevon Mayers Date: Sun, 9 Nov 2025 22:13:03 -0500 Subject: [PATCH 2/5] docs: update module documentation with consistent provider versions - Update all README files to show consistent provider versions from versions.tf - Fix terraform-docs generated content with proper Requirements and Providers sections - Apply formatting fixes from terraform_fmt and other pre-commit hooks - Ensure all modules show accurate version information for dependencies --- modules/jenkins/README.md | 31 ++------------ modules/perforce/README.md | 33 ++------------- .../create-resources-complete/README.md | 12 ------ modules/perforce/modules/p4-auth/README.md | 29 +++---------- .../perforce/modules/p4-code-review/README.md | 34 ++++----------- modules/perforce/modules/p4-server/README.md | 25 ++--------- modules/teamcity/README.md | 24 ++--------- modules/unity/accelerator/README.md | 30 ++----------- .../unity/floating-license-server/README.md | 42 ++++--------------- modules/unreal/horde/README.md | 31 ++------------ .../unreal-cloud-ddc-infra/README.md | 31 ++------------ .../unreal-cloud-ddc-intra-cluster/README.md | 20 ++------- modules/vdi/README.md | 31 ++++---------- .../examples/private-connectivity/README.md | 12 +----- .../examples/public-connectivity/README.md | 15 +------ samples/simple-build-pipeline/README.md | 13 ------ .../unreal-cloud-ddc-single-region/README.md | 17 +------- test-vdi-components.ps1 | 14 +++---- 18 files changed, 67 insertions(+), 377 deletions(-) diff --git a/modules/jenkins/README.md b/modules/jenkins/README.md index e4e1a02f..645556e5 100644 --- a/modules/jenkins/README.md +++ b/modules/jenkins/README.md @@ -79,27 +79,18 @@ No modules. | [random_string.fsxz](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.jenkins](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.jenkins_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/caller_identity) | data source | -| [aws_ecs_cluster.jenkins_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.build_farm_fsxz_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.build_farm_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ec2_fleet_plugin_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.jenkins_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | -| [aws_vpc.build_farm_vpc](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/vpc) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [build\_farm\_subnets](#input\_build\_farm\_subnets) | The subnets to deploy the build farms into. | `list(string)` | n/a | yes | +| [jenkins\_alb\_subnets](#input\_jenkins\_alb\_subnets) | A list of subnet ids to deploy the Jenkins load balancer into. Public subnets are recommended. | `list(string)` | n/a | yes | +| [jenkins\_service\_subnets](#input\_jenkins\_service\_subnets) | A list of subnets to deploy the Jenkins service into. Private subnets are recommended. | `list(string)` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy the Jenkins service and build farms into. | `string` | n/a | yes | | [artifact\_buckets](#input\_artifact\_buckets) | List of Amazon S3 buckets you wish to create to store build farm artifacts. | 
map(
    object({
      name                 = string
      enable_force_destroy = optional(bool, true)
      enable_versioning    = optional(bool, true)
      tags                 = optional(map(string), {})
    })
  )
| `null` | no | | [build\_farm\_compute](#input\_build\_farm\_compute) | Each object in this map corresponds to an ASG used by Jenkins as build agents. | 
map(object(
    {
      ami = string
      #TODO: Support mixed instances / spot with custom policies
      instance_type     = string
      ebs_optimized     = optional(bool, true)
      enable_monitoring = optional(bool, true)
    }
  ))
| `{}` | no | | [build\_farm\_fsx\_openzfs\_storage](#input\_build\_farm\_fsx\_openzfs\_storage) | Each object in this map corresponds to an FSx OpenZFS file system used by the Jenkins build agents. | 
map(object(
    {
      storage_capacity    = number
      throughput_capacity = number
      storage_type        = optional(string, "SSD") # "SSD", "HDD"
      deployment_type     = optional(string, "SINGLE_AZ_1")
      route_table_ids     = optional(list(string), null)
      tags                = optional(map(string), null)
    }
  ))
| `{}` | no | -| [build\_farm\_subnets](#input\_build\_farm\_subnets) | The subnets to deploy the build farms into. | `list(string)` | n/a | yes | | [certificate\_arn](#input\_certificate\_arn) | The TLS certificate ARN for the Jenkins service load balancer. | `string` | `null` | no | | [cluster\_name](#input\_cluster\_name) | The ARN of the cluster to deploy the Jenkins service into. Defaults to null and a cluster will be created. | `string` | `null` | no | | [container\_cpu](#input\_container\_cpu) | The CPU allotment for the Jenkins container. | `number` | `1024` | no | @@ -122,25 +113,11 @@ No modules. | [jenkins\_agent\_secret\_arns](#input\_jenkins\_agent\_secret\_arns) | A list of secretmanager ARNs (wildcards allowed) that contain any secrets which need to be accessed by the Jenkins service. | `list(string)` | `null` | no | | [jenkins\_alb\_access\_logs\_bucket](#input\_jenkins\_alb\_access\_logs\_bucket) | ID of the S3 bucket for Jenkins ALB access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [jenkins\_alb\_access\_logs\_prefix](#input\_jenkins\_alb\_access\_logs\_prefix) | Log prefix for Jenkins ALB access logs. If null the project prefix and module name are used. | `string` | `null` | no | -| [jenkins\_alb\_subnets](#input\_jenkins\_alb\_subnets) | A list of subnet ids to deploy the Jenkins load balancer into. Public subnets are recommended. | `list(string)` | n/a | yes | | [jenkins\_cloudwatch\_log\_retention\_in\_days](#input\_jenkins\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for Jenkins. | `string` | `365` | no | | [jenkins\_efs\_performance\_mode](#input\_jenkins\_efs\_performance\_mode) | The performance mode of the EFS file system used by the Jenkins service. Defaults to general purpose. | `string` | `"generalPurpose"` | no | | [jenkins\_efs\_throughput\_mode](#input\_jenkins\_efs\_throughput\_mode) | The throughput mode of the EFS file system used by the Jenkins service. Defaults to bursting. | `string` | `"bursting"` | no | | [jenkins\_service\_desired\_container\_count](#input\_jenkins\_service\_desired\_container\_count) | The desired number of containers running the Jenkins service. | `number` | `1` | no | -| [jenkins\_service\_subnets](#input\_jenkins\_service\_subnets) | A list of subnets to deploy the Jenkins service into. Private subnets are recommended. | `list(string)` | n/a | yes | | [name](#input\_name) | The name attached to Jenkins module resources. | `string` | `"jenkins"` | no | | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appeneded to the beginning of most resource names. | `string` | `"cgd"` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "iac-management": "CGD-Toolkit",
  "iac-module": "Jenkins",
  "iac-provider": "Terraform"
}
| no | -| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy the Jenkins service and build farms into. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the Jenkins load balancer | -| [build\_farm\_security\_group\_id](#output\_build\_farm\_security\_group\_id) | Security group associated with the build farm autoscaling groups | -| [jenkins\_alb\_dns\_name](#output\_jenkins\_alb\_dns\_name) | The DNS name of the Jenkins application load balancer. | -| [jenkins\_alb\_zone\_id](#output\_jenkins\_alb\_zone\_id) | The zone ID of the Jenkins ALB. | -| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service hosting jenkins | -| [service\_target\_group\_arn](#output\_service\_target\_group\_arn) | The ARN of the Jenkins service target group | diff --git a/modules/perforce/README.md b/modules/perforce/README.md index 3f69ea3e..f9a7611c 100644 --- a/modules/perforce/README.md +++ b/modules/perforce/README.md @@ -176,7 +176,9 @@ packer build perforce_x86.pkr.hcl | [aws_lb_listener.perforce_web_services](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener) | resource | | [aws_lb_listener.perforce_web_services_http_listener](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener) | resource | | [aws_lb_listener_rule.p4_code_review](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener_rule) | resource | +| [aws_lb_listener_rule.p4_code_review_http](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener_rule) | resource | | [aws_lb_listener_rule.perforce_p4_auth](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener_rule) | resource | +| [aws_lb_listener_rule.perforce_p4_auth_http](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_listener_rule) | resource | | [aws_lb_target_group.perforce](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_target_group) | resource | | [aws_lb_target_group_attachment.perforce](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/lb_target_group_attachment) | resource | | [aws_route53_record.internal_p4_server](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/route53_record) | resource | @@ -198,13 +200,12 @@ packer build perforce_x86.pkr.hcl | [aws_vpc_security_group_ingress_rule.perforce_web_services_inbound_from_perforce_nlb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [null_resource.parent_module_certificate](https://registry.terraform.io/providers/hashicorp/null/3.2.4/docs/resources/resource) | resource | | [random_string.shared_lb_access_logs_bucket](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.shared_lb_access_logs_bucket_lb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [vpc\_id](#input\_vpc\_id) | The VPC ID where the Perforce resources will be deployed. | `string` | n/a | yes | | [certificate\_arn](#input\_certificate\_arn) | The ARN of the ACM certificate to be used with the HTTPS listener for the NLB. | `string` | `null` | no | | [create\_default\_sgs](#input\_create\_default\_sgs) | Whether to create default security groups for the Perforce resources. | `bool` | `true` | no | | [create\_route53\_private\_hosted\_zone](#input\_create\_route53\_private\_hosted\_zone) | Whether to create a private Route53 Hosted Zone for the Perforce resources. This private hosted zone is used for internal communication between the P4 Server, P4 Auth Service, and P4 Code Review Service. | `bool` | `true` | no | @@ -229,32 +230,4 @@ packer build perforce_x86.pkr.hcl | [shared\_nlb\_access\_logs\_prefix](#input\_shared\_nlb\_access\_logs\_prefix) | Log prefix for shared NLB access logs. | `string` | `"perforce-nlb-"` | no | | [shared\_nlb\_subnets](#input\_shared\_nlb\_subnets) | A list of subnets to attach to the shared network load balancer. | `list(string)` | `null` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "terraform-aws-perforce",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "-"
}
| no | -| [vpc\_id](#input\_vpc\_id) | The VPC ID where the Perforce resources will be deployed. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [p4\_auth\_alb\_dns\_name](#output\_p4\_auth\_alb\_dns\_name) | The DNS name of the P4Auth ALB. | -| [p4\_auth\_alb\_security\_group\_id](#output\_p4\_auth\_alb\_security\_group\_id) | Security group associated with the P4Auth load balancer. | -| [p4\_auth\_alb\_zone\_id](#output\_p4\_auth\_alb\_zone\_id) | The hosted zone ID of the P4Auth ALB. | -| [p4\_auth\_perforce\_cluster\_name](#output\_p4\_auth\_perforce\_cluster\_name) | Name of the ECS cluster hosting P4Auth. | -| [p4\_auth\_service\_security\_group\_id](#output\_p4\_auth\_service\_security\_group\_id) | Security group associated with the ECS service running P4Auth. | -| [p4\_auth\_target\_group\_arn](#output\_p4\_auth\_target\_group\_arn) | The service target group for the P4Auth. | -| [p4\_code\_review\_alb\_dns\_name](#output\_p4\_code\_review\_alb\_dns\_name) | The DNS name of the P4 Code Review ALB. | -| [p4\_code\_review\_alb\_security\_group\_id](#output\_p4\_code\_review\_alb\_security\_group\_id) | Security group associated with the P4 Code Review load balancer. | -| [p4\_code\_review\_alb\_zone\_id](#output\_p4\_code\_review\_alb\_zone\_id) | The hosted zone ID of the P4 Code Review ALB. | -| [p4\_code\_review\_perforce\_cluster\_name](#output\_p4\_code\_review\_perforce\_cluster\_name) | Name of the ECS cluster hosting P4 Code Review. | -| [p4\_code\_review\_service\_security\_group\_id](#output\_p4\_code\_review\_service\_security\_group\_id) | Security group associated with the ECS service running P4 Code Review. | -| [p4\_code\_review\_target\_group\_arn](#output\_p4\_code\_review\_target\_group\_arn) | The service target group for the P4 Code Review. | -| [p4\_server\_eip\_id](#output\_p4\_server\_eip\_id) | The ID of the Elastic IP associated with your P4 Server instance. | -| [p4\_server\_eip\_public\_ip](#output\_p4\_server\_eip\_public\_ip) | The public IP of your P4 Server instance. | -| [p4\_server\_instance\_id](#output\_p4\_server\_instance\_id) | Instance ID for the P4 Server instance | -| [p4\_server\_lambda\_link\_name](#output\_p4\_server\_lambda\_link\_name) | The name of the Lambda link for the P4 Server instance to use with FSxN. | -| [p4\_server\_private\_ip](#output\_p4\_server\_private\_ip) | Private IP for the P4 Server instance | -| [p4\_server\_security\_group\_id](#output\_p4\_server\_security\_group\_id) | The default security group of your P4 Server instance. | -| [p4\_server\_super\_user\_password\_secret\_arn](#output\_p4\_server\_super\_user\_password\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's username. | -| [p4\_server\_super\_user\_username\_secret\_arn](#output\_p4\_server\_super\_user\_username\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's password. | -| [shared\_application\_load\_balancer\_arn](#output\_shared\_application\_load\_balancer\_arn) | The ARN of the shared application load balancer. | -| [shared\_network\_load\_balancer\_arn](#output\_shared\_network\_load\_balancer\_arn) | The ARN of the shared network load balancer. | diff --git a/modules/perforce/examples/create-resources-complete/README.md b/modules/perforce/examples/create-resources-complete/README.md index 26145ff9..874cc027 100644 --- a/modules/perforce/examples/create-resources-complete/README.md +++ b/modules/perforce/examples/create-resources-complete/README.md @@ -80,22 +80,10 @@ finished validation. Wait a few minutes and retry `terraform apply`. | [aws_vpc_security_group_ingress_rule.allow_https](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.allow_icmp](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.allow_perforce](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | -| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/availability_zones) | data source | -| [aws_lb.shared_services_nlb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/lb) | data source | -| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/route53_zone) | data source | -| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/3.5.0/docs/data-sources/http) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The name of your existing Route53 Public Hosted Zone. This is required to create the ACM certificate and Route53 records. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [p4\_auth\_admin\_url](#output\_p4\_auth\_admin\_url) | The URL for the P4Auth service admin page. | -| [p4\_code\_review\_url](#output\_p4\_code\_review\_url) | The URL for the P4 Code Review service. | -| [p4\_server\_connection\_string](#output\_p4\_server\_connection\_string) | The connection string for the P4 Server. Set your P4PORT environment variable to this value. | diff --git a/modules/perforce/modules/p4-auth/README.md b/modules/perforce/modules/p4-auth/README.md index ff133594..0a121b46 100644 --- a/modules/perforce/modules/p4-auth/README.md +++ b/modules/perforce/modules/p4-auth/README.md @@ -80,9 +80,9 @@ curl -X POST -H 'Authorization: Bearer ' \ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.97.0 | -| [awscc](#provider\_awscc) | 1.34.0 | -| [random](#provider\_random) | 3.7.1 | +| [aws](#provider\_aws) | 6.6.0 | +| [awscc](#provider\_awscc) | 1.50.0 | +| [random](#provider\_random) | 3.7.2 | ## Modules @@ -123,19 +123,13 @@ No modules. | [awscc_secretsmanager_secret.admin_username](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.p4_auth](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ecs_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.helix_authentication_service_scim_secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [subnets](#input\_subnets) | A list of subnets to deploy the P4Auth ECS Service into. Private subnets are recommended. | `list(string)` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy P4Auth into. | `string` | n/a | yes | | [admin\_password\_secret\_arn](#input\_admin\_password\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the P4Auth Administrator password. | `string` | `null` | no | | [admin\_username\_secret\_arn](#input\_admin\_username\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the P4Auth Administrator username. | `string` | `null` | no | | [alb\_access\_logs\_bucket](#input\_alb\_access\_logs\_bucket) | ID of the S3 bucket for P4Auth ALB access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | @@ -168,18 +162,5 @@ No modules. | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appended to the beginning of most resource names. | `string` | `"cgd"` | no | | [s3\_enable\_force\_destroy](#input\_s3\_enable\_force\_destroy) | Enables force destroy for the S3 bucket for P4Auth access log storage. Defaults to true. | `bool` | `true` | no | | [scim\_bearer\_token\_arn](#input\_scim\_bearer\_token\_arn) | If you would like to use SCIM to provision users and groups, you need to set this variable to the ARN of an AWS Secrets Manager secret containing the bearer token. | `string` | `null` | no | -| [subnets](#input\_subnets) | A list of subnets to deploy the P4Auth ECS Service into. Private subnets are recommended. | `list(string)` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-auth",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | -| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy P4Auth into. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [alb\_dns\_name](#output\_alb\_dns\_name) | The DNS name of the P4Auth ALB | -| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the P4Auth load balancer | -| [alb\_zone\_id](#output\_alb\_zone\_id) | The hosted zone ID of the P4Auth ALB | -| [cluster\_name](#output\_cluster\_name) | Name of the ECS cluster hosting P4Auth | -| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service running P4Auth | -| [target\_group\_arn](#output\_target\_group\_arn) | The service target group for P4Auth | diff --git a/modules/perforce/modules/p4-code-review/README.md b/modules/perforce/modules/p4-code-review/README.md index b1fd78e7..d6a24d16 100644 --- a/modules/perforce/modules/p4-code-review/README.md +++ b/modules/perforce/modules/p4-code-review/README.md @@ -54,8 +54,8 @@ module "p4_code_review" { | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.97.0 | -| [random](#provider\_random) | 3.7.1 | +| [aws](#provider\_aws) | 6.6.0 | +| [random](#provider\_random) | 3.7.2 | ## Modules @@ -97,18 +97,17 @@ No modules. | [aws_vpc_security_group_ingress_rule.elasticache_inbound_from_ecs_service](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.p4_code_review](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ecs_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [p4\_code\_review\_user\_password\_secret\_arn](#input\_p4\_code\_review\_user\_password\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d P4 Code Review password. | `string` | n/a | yes | +| [p4\_code\_review\_user\_username\_secret\_arn](#input\_p4\_code\_review\_user\_username\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d P4 Code Review username. | `string` | n/a | yes | +| [subnets](#input\_subnets) | A list of subnets to deploy the P4 Code Review ECS Service into. Private subnets are recommended. | `list(string)` | n/a | yes | +| [super\_user\_password\_secret\_arn](#input\_super\_user\_password\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d super user password. | `string` | n/a | yes | +| [super\_user\_username\_secret\_arn](#input\_super\_user\_username\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d super user username. | `string` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy P4 Code Review into. | `string` | n/a | yes | | [alb\_access\_logs\_bucket](#input\_alb\_access\_logs\_bucket) | ID of the S3 bucket for P4 Code Review ALB access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [alb\_access\_logs\_prefix](#input\_alb\_access\_logs\_prefix) | Log prefix for P4 Code Review ALB access logs. If null the project prefix and module name are used. | `string` | `null` | no | | [alb\_subnets](#input\_alb\_subnets) | A list of subnets to deploy the load balancer into. Public subnets are recommended. | `list(string)` | `[]` | no | @@ -135,26 +134,9 @@ No modules. | [fully\_qualified\_domain\_name](#input\_fully\_qualified\_domain\_name) | The fully qualified domain name that P4 Code Review should use for internal URLs. | `string` | `null` | no | | [internal](#input\_internal) | Set this flag to true if you do not want the P4 Code Review service load balancer to have a public IP. | `bool` | `false` | no | | [name](#input\_name) | The name attached to P4 Code Review module resources. | `string` | `"p4-code-review"` | no | -| [p4\_code\_review\_user\_password\_secret\_arn](#input\_p4\_code\_review\_user\_password\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d P4 Code Review password. | `string` | n/a | yes | -| [p4\_code\_review\_user\_username\_secret\_arn](#input\_p4\_code\_review\_user\_username\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d P4 Code Review username. | `string` | n/a | yes | | [p4charset](#input\_p4charset) | The P4CHARSET environment variable to set in the P4 Code Review container. | `string` | `"none"` | no | | [p4d\_port](#input\_p4d\_port) | The P4D\_PORT environment variable where P4 Code Review should look for P4 Code Review. Defaults to 'ssl:perforce:1666' | `string` | `"ssl:perforce:1666"` | no | | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appended to the beginning of most resource names. | `string` | `"cgd"` | no | | [s3\_enable\_force\_destroy](#input\_s3\_enable\_force\_destroy) | Enables force destroy for the S3 bucket for P4 Code Review access log storage. Defaults to true. | `bool` | `true` | no | -| [subnets](#input\_subnets) | A list of subnets to deploy the P4 Code Review ECS Service into. Private subnets are recommended. | `list(string)` | n/a | yes | -| [super\_user\_password\_secret\_arn](#input\_super\_user\_password\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d super user password. | `string` | n/a | yes | -| [super\_user\_username\_secret\_arn](#input\_super\_user\_username\_secret\_arn) | Optionally provide the ARN of an AWS Secret for the p4d super user username. | `string` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-code-review",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | -| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy P4 Code Review into. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [alb\_dns\_name](#output\_alb\_dns\_name) | The DNS name of the P4 Code Review ALB | -| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the P4 Code Review load balancer | -| [alb\_zone\_id](#output\_alb\_zone\_id) | The hosted zone ID of the P4 Code Review ALB | -| [cluster\_name](#output\_cluster\_name) | Name of the ECS cluster hosting P4 Code Review | -| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service running P4 Code Review | -| [target\_group\_arn](#output\_target\_group\_arn) | The service target group for P4 Code Review | diff --git a/modules/perforce/modules/p4-server/README.md b/modules/perforce/modules/p4-server/README.md index 34feb430..d11ff6cb 100644 --- a/modules/perforce/modules/p4-server/README.md +++ b/modules/perforce/modules/p4-server/README.md @@ -102,15 +102,15 @@ No modules. | [netapp-ontap_san_lun-map.logs_lun_map](https://registry.terraform.io/providers/NetApp/netapp-ontap/2.3.0/docs/resources/san_lun-map) | resource | | [netapp-ontap_san_lun-map.metadata_lun_map](https://registry.terraform.io/providers/NetApp/netapp-ontap/2.3.0/docs/resources/san_lun-map) | resource | | [random_string.p4_server](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ami.existing_server_ami](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ami) | data source | -| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_subnet.instance_subnet](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/subnet) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [instance\_subnet\_id](#input\_instance\_subnet\_id) | The subnet where the P4 Server instance will be deployed. | `string` | n/a | yes | +| [p4\_server\_type](#input\_p4\_server\_type) | The Perforce P4 Server type. | `string` | n/a | yes | +| [storage\_type](#input\_storage\_type) | The type of backing store [EBS, FSxN] | `string` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The VPC where P4 Server should be deployed | `string` | n/a | yes | | [amazon\_fsxn\_filesystem\_id](#input\_amazon\_fsxn\_filesystem\_id) | The ID of the existing FSx ONTAP file system to use if storage type is FSxN. | `string` | `null` | no | | [amazon\_fsxn\_svm\_id](#input\_amazon\_fsxn\_svm\_id) | The ID of the Storage Virtual Machine (SVM) for the FSx ONTAP filesystem. | `string` | `null` | no | | [auth\_service\_url](#input\_auth\_service\_url) | The URL for the P4Auth Service. | `string` | `null` | no | @@ -129,34 +129,17 @@ No modules. | [fully\_qualified\_domain\_name](#input\_fully\_qualified\_domain\_name) | The fully qualified domain name where P4 Server will be available. This is used to generate self-signed certificates on the P4 Server. | `string` | `null` | no | | [instance\_architecture](#input\_instance\_architecture) | The architecture of the P4 Server instance. Allowed values are 'arm64' or 'x86\_64'. | `string` | `"x86_64"` | no | | [instance\_private\_ip](#input\_instance\_private\_ip) | The private IP address to assign to the P4 Server. | `string` | `null` | no | -| [instance\_subnet\_id](#input\_instance\_subnet\_id) | The subnet where the P4 Server instance will be deployed. | `string` | n/a | yes | | [instance\_type](#input\_instance\_type) | The instance type for Perforce P4 Server. Defaults to c6g.large. | `string` | `"c6i.large"` | no | | [internal](#input\_internal) | Set this flag to true if you do not want the P4 Server instance to have a public IP. | `bool` | `false` | no | | [logs\_volume\_size](#input\_logs\_volume\_size) | The size of the logs volume in GiB. Defaults to 32 GiB. | `number` | `32` | no | | [metadata\_volume\_size](#input\_metadata\_volume\_size) | The size of the metadata volume in GiB. Defaults to 32 GiB. | `number` | `32` | no | | [name](#input\_name) | The name attached to P4 Server module resources. | `string` | `"p4-server"` | no | -| [p4\_server\_type](#input\_p4\_server\_type) | The Perforce P4 Server type. | `string` | n/a | yes | | [plaintext](#input\_plaintext) | Whether to enable plaintext authentication for P4 Server. This is not recommended for production environments unless you are using a load balancer for TLS termination. | `bool` | `false` | no | | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appended to the beginning of most resource names. | `string` | `"cgd"` | no | | [protocol](#input\_protocol) | Specify the protocol (NFS or ISCSI) | `string` | `null` | no | | [selinux](#input\_selinux) | Whether to apply SELinux label updates for P4 Server. Don't enable this if SELinux is disabled on your target operating system. | `bool` | `false` | no | -| [storage\_type](#input\_storage\_type) | The type of backing store [EBS, FSxN] | `string` | n/a | yes | | [super\_user\_password\_secret\_arn](#input\_super\_user\_password\_secret\_arn) | If you would like to manage your own super user credentials through AWS Secrets Manager provide the ARN for the super user's password here. | `string` | `null` | no | | [super\_user\_username\_secret\_arn](#input\_super\_user\_username\_secret\_arn) | If you would like to manage your own super user credentials through AWS Secrets Manager provide the ARN for the super user's username here. Otherwise, the default of 'perforce' will be used. | `string` | `null` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-server",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | | [unicode](#input\_unicode) | Whether to enable Unicode configuration for P4 Server the -xi flag for p4d. Set to true to enable Unicode support. | `bool` | `false` | no | -| [vpc\_id](#input\_vpc\_id) | The VPC where P4 Server should be deployed | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [eip\_id](#output\_eip\_id) | The ID of the Elastic IP associated with your P4 Server instance. | -| [eip\_public\_ip](#output\_eip\_public\_ip) | The public IP of your P4 Server instance. | -| [instance\_id](#output\_instance\_id) | Instance ID for the P4 Server instance | -| [lambda\_link\_name](#output\_lambda\_link\_name) | Lambda function name for the FSxN Link | -| [private\_ip](#output\_private\_ip) | Private IP for the P4 Server instance | -| [security\_group\_id](#output\_security\_group\_id) | The default security group of your P4 Server instance. | -| [super\_user\_password\_secret\_arn](#output\_super\_user\_password\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's password. | -| [super\_user\_username\_secret\_arn](#output\_super\_user\_username\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's username. | diff --git a/modules/teamcity/README.md b/modules/teamcity/README.md index 783cd097..379a0fe1 100644 --- a/modules/teamcity/README.md +++ b/modules/teamcity/README.md @@ -85,26 +85,19 @@ No modules. | [aws_vpc_security_group_ingress_rule.service_inbound_alb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.teamcity_agent_inbound](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.teamcity_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ecs_cluster.teamcity_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_efs_file_system.efs_file_system](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/efs_file_system) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.teamcity_agent_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.teamcity_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.teamcity_execution_database_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [service\_subnets](#input\_service\_subnets) | The subnets in which the TeamCity server service will be deployed | `list(string)` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the service will be deployed | `string` | n/a | yes | | [agent\_log\_group\_retention\_in\_days](#input\_agent\_log\_group\_retention\_in\_days) | n/a | `number` | `7` | no | | [alb\_certificate\_arn](#input\_alb\_certificate\_arn) | The ARN of the SSL certificate to use for the ALB | `string` | `null` | no | | [alb\_subnets](#input\_alb\_subnets) | The subnets in which the ALB will be deployed | `list(string)` | `[]` | no | | [aurora\_instance\_count](#input\_aurora\_instance\_count) | Number of instances to provision for the Aurora cluster | `number` | `2` | no | | [aurora\_skip\_final\_snapshot](#input\_aurora\_skip\_final\_snapshot) | Flag for whether a final snapshot should be created when the cluster is destroyed. | `bool` | `true` | no | -| [build\_farm\_config](#input\_build\_farm\_config) | n/a | 
map(object({
    image         = string
    desired_count = number
    cpu           = number
    memory        = number
  }))
| `{}` | no | +| [build\_farm\_config](#input\_build\_farm\_config) | Map of build agent configurations where each key is the agent name and the value defines:
- image: Container image for the build agent
- desired\_count: Number of agent instances to run
- cpu: CPU units to allocate (1024 = 1 vCPU)
- memory: Memory in MiB to allocate
- environment: Optional map of custom environment variables for non-sensitive configuration
- ephemeral\_storage\_gib: Optional ephemeral storage size in GiB (defaults to 20 GiB) | 
map(object({
    image                 = string
    desired_count         = number
    cpu                   = number
    memory                = number
    environment           = optional(map(string), {})
    ephemeral_storage_gib = optional(number, 20)
  }))
| `{}` | no | | [cluster\_name](#input\_cluster\_name) | The name of the ECS cluster to deploy TeamCity to. | `string` | `null` | no | | [container\_cpu](#input\_container\_cpu) | The number of CPU units to allocate to the TeamCity server container | `number` | `1024` | no | | [container\_memory](#input\_container\_memory) | The number of MB of memory to allocate to the TeamCity server container | `number` | `4096` | no | @@ -123,21 +116,10 @@ No modules. | [enable\_teamcity\_alb\_deletion\_protection](#input\_enable\_teamcity\_alb\_deletion\_protection) | Enables deletion protection for the TeamCity ALB. Defaults to true. | `bool` | `false` | no | | [environment](#input\_environment) | The current environment (e.g. dev, prod, etc.) | `string` | `"dev"` | no | | [name](#input\_name) | The name applied to resources in the TeamCity module | `string` | `"teamcity"` | no | -| [service\_subnets](#input\_service\_subnets) | The subnets in which the TeamCity server service will be deployed | `list(string)` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "iac-management": "CGD-Toolkit",
  "iac-module": "TeamCity",
  "iac-provider": "Terraform"
}
| no | | [teamcity\_alb\_access\_logs\_bucket](#input\_teamcity\_alb\_access\_logs\_bucket) | ID of the S3 bucket for TeamCity ALB access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [teamcity\_alb\_access\_logs\_prefix](#input\_teamcity\_alb\_access\_logs\_prefix) | Log prefix for TeamCity ALB access logs. If null the project prefix and module name are used. | `string` | `null` | no | | [teamcity\_cloudwatch\_log\_retention\_in\_days](#input\_teamcity\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for TeamCity. | `string` | `365` | no | | [teamcity\_efs\_performance\_mode](#input\_teamcity\_efs\_performance\_mode) | The performance mode of the EFS file system used by the TeamCity service. Defaults to general purpose. | `string` | `"generalPurpose"` | no | | [teamcity\_efs\_throughput\_mode](#input\_teamcity\_efs\_throughput\_mode) | The throughput mode of the EFS file system used by the TeamCity service. Defaults to bursting. | `string` | `"bursting"` | no | -| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the service will be deployed | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | -| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | Zone ID for internet facing load balancer | -| [security\_group\_id](#output\_security\_group\_id) | The default security group of your Teamcity service. | -| [teamcity\_cluster\_id](#output\_teamcity\_cluster\_id) | The ID of the ECS cluster | diff --git a/modules/unity/accelerator/README.md b/modules/unity/accelerator/README.md index 92cd44d0..a299a494 100644 --- a/modules/unity/accelerator/README.md +++ b/modules/unity/accelerator/README.md @@ -25,9 +25,9 @@ For example configurations, please see the [examples](https://github.com/aws-gam | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.89.0 | +| [aws](#provider\_aws) | 6.6.0 | | [awscc](#provider\_awscc) | 1.50.0 | -| [random](#provider\_random) | 3.5.1 | +| [random](#provider\_random) | 3.7.2 | ## Modules @@ -82,21 +82,13 @@ No modules. | [awscc_secretsmanager_secret.dashboard_password_arn](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [awscc_secretsmanager_secret.dashboard_username_arn](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [random_string.unity_accelerator_lb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/caller_identity) | data source | -| [aws_ecs_cluster.unity_accelerator_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_efs_file_system.efs_file_system](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/efs_file_system) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_lb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.cloudwatch_logs_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.unity_accelerator_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | -| [aws_subnet.nlb_subnets](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/subnet) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [service\_subnets](#input\_service\_subnets) | The subnets in which the Unity Accelerator service will be deployed. | `list(string)` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the service will be deployed. | `string` | n/a | yes | | [alb\_certificate\_arn](#input\_alb\_certificate\_arn) | The ARN of the SSL certificate to use for the Application Load Balancer. | `string` | `null` | no | | [alb\_is\_internal](#input\_alb\_is\_internal) | Set this flag to determine whether the Application Load Balancer to create is internal (true) or external (false). Value is ignored if no ALB is created. | `bool` | `false` | no | | [cloudwatch\_log\_retention\_in\_days](#input\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for Unity Accelerator. | `string` | `365` | no | @@ -118,7 +110,6 @@ No modules. | [lb\_subnets](#input\_lb\_subnets) | The subnets in which the Application Load Balancer and Network Load Balancer will be deployed. | `list(string)` | `[]` | no | | [name](#input\_name) | The name applied to resources in the Unity Accelerator module. | `string` | `"unity-accelerator"` | no | | [nlb\_is\_internal](#input\_nlb\_is\_internal) | Set this flag to determine whether the Network Load Balancer to create is internal (true) or external (false). Value is ignored if no NLB is created. | `bool` | `false` | no | -| [service\_subnets](#input\_service\_subnets) | The subnets in which the Unity Accelerator service will be deployed. | `list(string)` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "iac-management": "CGD-Toolkit",
  "iac-module": "UnityAccelerator",
  "iac-provider": "Terraform"
}
| no | | [unity\_accelerator\_alb\_access\_logs\_prefix](#input\_unity\_accelerator\_alb\_access\_logs\_prefix) | Log prefix for Unity Accelerator Application Load Balancer access logs. If null the project prefix and module name are used. | `string` | `null` | no | | [unity\_accelerator\_dashboard\_password\_arn](#input\_unity\_accelerator\_dashboard\_password\_arn) | ARN of the AWS Secrets Manager secret containing the Unity Accelerator web dashboard password. Password must be the only value and stored as text, not as key/value JSON. If not passed, one will be created randomly. | `string` | `null` | no | @@ -128,17 +119,4 @@ No modules. | [unity\_accelerator\_lb\_access\_logs\_bucket](#input\_unity\_accelerator\_lb\_access\_logs\_bucket) | ID of the S3 bucket for Unity Accelerator Application Load Balancer and Network Load Balancer access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [unity\_accelerator\_log\_stdout](#input\_unity\_accelerator\_log\_stdout) | When true, outputs logs to stdout only. When false, writes logs to the persist directory. | `string` | `"true"` | no | | [unity\_accelerator\_nlb\_access\_logs\_prefix](#input\_unity\_accelerator\_nlb\_access\_logs\_prefix) | Log prefix for Unity Accelerator Network Load Balancer access logs. If null the project prefix and module name are used. | `string` | `null` | no | -| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the service will be deployed. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [alb\_dns\_name](#output\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | -| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | ID of the Application Load Balancer's (ALB) security group | -| [alb\_zone\_id](#output\_alb\_zone\_id) | Zone ID for Application Load Balancer (ALB) | -| [nlb\_dns\_name](#output\_nlb\_dns\_name) | DNS endpoint of Network Load Balancer (NLB) | -| [nlb\_zone\_id](#output\_nlb\_zone\_id) | Zone ID for Network Load Balancer (NLB) | -| [unity\_accelerator\_dashboard\_password\_arn](#output\_unity\_accelerator\_dashboard\_password\_arn) | AWS Secrets Manager secret's ARN containing the Unity Accelerator web dashboard's username. | -| [unity\_accelerator\_dashboard\_username\_arn](#output\_unity\_accelerator\_dashboard\_username\_arn) | AWS Secrets Manager secret's ARN containing the Unity Accelerator web dashboard's password. | diff --git a/modules/unity/floating-license-server/README.md b/modules/unity/floating-license-server/README.md index fc75241d..60d7a74e 100644 --- a/modules/unity/floating-license-server/README.md +++ b/modules/unity/floating-license-server/README.md @@ -57,11 +57,11 @@ For example configurations, please see the [examples](https://github.com/aws-gam | Name | Version | |------|---------| -| [aws](#provider\_aws) | 6.0.0 | -| [awscc](#provider\_awscc) | 1.51.0 | -| [local](#provider\_local) | 2.4.1 | -| [null](#provider\_null) | 3.2.4 | -| [random](#provider\_random) | 3.7.2 | +| [aws](#provider\_aws) | ~> 6.0 | +| [awscc](#provider\_awscc) | ~> 1.51 | +| [local](#provider\_local) | ~> 2.4 | +| [null](#provider\_null) | ~> 3.2 | +| [random](#provider\_random) | ~> 3.7 | ## Modules @@ -100,18 +100,14 @@ No modules. | [null_resource.generate_presigned_urls](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.wait_for_user_data](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource | -| [aws_ami.ubuntu_latest](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_instance.unity_license_server](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/instance) | data source | -| [aws_network_interface.existing_eni](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/network_interface) | data source | -| [local_file.config_url](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | -| [local_file.registration_url](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [unity\_license\_server\_file\_path](#input\_unity\_license\_server\_file\_path) | Local path to the Linux version of the Unity Floating License Server zip file. | `string` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the Unity Floating License Server will be deployed. | `string` | n/a | yes | +| [vpc\_subnet](#input\_vpc\_subnet) | The subnet where the EC2 instance running the Unity Floating License Server will be deployed. | `string` | n/a | yes | | [add\_eni\_public\_ip](#input\_add\_eni\_public\_ip) | If true and "existing\_eni\_id" is not provided, an Elastic IP (EIP) will be created and associated with the newly created Elastic Network Interface (ENI) to be used with the Unity Floating License Server. If "existing\_eni\_id" is provided, this variable is ignored and no new EIP will be added to the provided ENI. | `bool` | `true` | no | | [alb\_access\_logs\_bucket](#input\_alb\_access\_logs\_bucket) | ID of the S3 bucket for Application Load Balancer access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [alb\_access\_logs\_prefix](#input\_alb\_access\_logs\_prefix) | Log prefix for Unity License Server Application Load Balancer access logs. If null the project prefix and module name are used. | `string` | `null` | no | @@ -128,31 +124,9 @@ No modules. | [tags](#input\_tags) | Tags to apply to resources created by this module. | `map(any)` | 
{
  "environment": "Dev",
  "iac-management": "CGD-Toolkit",
  "iac-module": "UnityFloatingLicenseServer",
  "iac-provider": "Terraform"
}
| no | | [unity\_license\_server\_admin\_password\_arn](#input\_unity\_license\_server\_admin\_password\_arn) | ARN of the AWS Secrets Manager secret containing the Unity Floating License Server admin dashboard password. Password must be the only value and stored as text, not as key/value JSON. If not passed, one will be created randomly. Password must be between 8-12 characters. | `string` | `null` | no | | [unity\_license\_server\_bucket\_name](#input\_unity\_license\_server\_bucket\_name) | Name of the Unity Floating License Server-specific S3 bucket to create. | `string` | `"unity-license-server-"` | no | -| [unity\_license\_server\_file\_path](#input\_unity\_license\_server\_file\_path) | Local path to the Linux version of the Unity Floating License Server zip file. | `string` | n/a | yes | | [unity\_license\_server\_instance\_ami\_id](#input\_unity\_license\_server\_instance\_ami\_id) | The Ubuntu-based AMI ID to use in the EC2 instance running the Unity Floating License Server. Defaults to the latest Ubuntu Server 24.04 LTS AMI. | `string` | `null` | no | | [unity\_license\_server\_instance\_ebs\_size](#input\_unity\_license\_server\_instance\_ebs\_size) | The size of the EBS volume in GB. | `string` | `"20"` | no | | [unity\_license\_server\_instance\_type](#input\_unity\_license\_server\_instance\_type) | The instance type to use for the Unity Floating License Server. Defaults to t3.small. | `string` | `"t3.small"` | no | | [unity\_license\_server\_name](#input\_unity\_license\_server\_name) | Name of the Unity Floating License Server. | `string` | `"UnityLicenseServer"` | no | | [unity\_license\_server\_port](#input\_unity\_license\_server\_port) | Port the Unity Floating License Server will listen on (between 1025 and 65535). Defaults to 8080. | `string` | `"8080"` | no | -| [vpc\_id](#input\_vpc\_id) | The ID of the VPC in which the Unity Floating License Server will be deployed. | `string` | n/a | yes | -| [vpc\_subnet](#input\_vpc\_subnet) | The subnet where the EC2 instance running the Unity Floating License Server will be deployed. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [alb\_dns\_name](#output\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB). | -| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | ID of the Application Load Balancer's (ALB) security group. | -| [alb\_zone\_id](#output\_alb\_zone\_id) | Zone ID for Application Load Balancer (ALB). | -| [created\_unity\_license\_server\_security\_group\_id](#output\_created\_unity\_license\_server\_security\_group\_id) | Id of the security group created by the script, for the Unity License Server instance. Null if an ENI was provided externally instead of created through the script. | -| [dashboard\_password\_secret\_arn](#output\_dashboard\_password\_secret\_arn) | ARN of the secret containing the dashboard password. | -| [eni\_id](#output\_eni\_id) | Elastic Network ID (ENI) used when binding the Unity Floating License Server. | -| [instance\_private\_ip](#output\_instance\_private\_ip) | The EC2 instance's private IP address. | -| [instance\_public\_ip](#output\_instance\_public\_ip) | The resulting EC2 instance's public IP, if configured. | -| [registration\_request\_filename](#output\_registration\_request\_filename) | Filename for the server registration request file. | -| [registration\_request\_presigned\_url](#output\_registration\_request\_presigned\_url) | Presigned URL for downloading the server registration request file (valid for 1 hour). | -| [services\_config\_filename](#output\_services\_config\_filename) | Filename for the services config file. | -| [services\_config\_presigned\_url](#output\_services\_config\_presigned\_url) | Presigned URL for downloading the services configuration file (valid for 1 hour). | -| [unity\_license\_server\_port](#output\_unity\_license\_server\_port) | Port the Unity Floating License Server will listen on. | -| [unity\_license\_server\_s3\_bucket](#output\_unity\_license\_server\_s3\_bucket) | S3 bucket name used by the Unity License Server service. | diff --git a/modules/unreal/horde/README.md b/modules/unreal/horde/README.md index b98b5472..59f4a766 100644 --- a/modules/unreal/horde/README.md +++ b/modules/unreal/horde/README.md @@ -117,27 +117,20 @@ No modules. | [random_string.unreal_horde](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.unreal_horde_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.unreal_horde_ansible_playbooks_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ecs_cluster.unreal_horde_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.horde_agents_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.unreal_horde_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.unreal_horde_elasticache_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.unreal_horde_secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [certificate\_arn](#input\_certificate\_arn) | The TLS certificate ARN for the Unreal Horde load balancer. | `string` | n/a | yes | +| [fully\_qualified\_domain\_name](#input\_fully\_qualified\_domain\_name) | The fully qualified domain name where your Unreal Engine Horde server will be available. This agents will use this to enroll. | `string` | n/a | yes | +| [unreal\_horde\_service\_subnets](#input\_unreal\_horde\_service\_subnets) | A list of subnets to deploy the Unreal Horde service into. Private subnets are recommended. | `list(string)` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy Unreal Horde into. | `string` | n/a | yes | | [admin\_claim\_type](#input\_admin\_claim\_type) | The claim type for administrators. | `string` | `null` | no | | [admin\_claim\_value](#input\_admin\_claim\_value) | The claim value for administrators. | `string` | `null` | no | | [agent\_dotnet\_runtime\_version](#input\_agent\_dotnet\_runtime\_version) | The dotnet-runtime-{} package to install (see your engine version's release notes for supported version) | `string` | `"6.0"` | no | | [agents](#input\_agents) | Configures autoscaling groups to be used as build agents by Unreal Engine Horde. | 
map(object({
    ami           = string
    instance_type = string
    block_device_mappings = list(
      object({
        device_name = string
        ebs = object({
          volume_size = number
        })
      })
    )
    min_size = optional(number, 0)
    max_size = optional(number, 1)
  }))
| `{}` | no | | [auth\_method](#input\_auth\_method) | The authentication method for the Horde server. | `string` | `null` | no | -| [certificate\_arn](#input\_certificate\_arn) | The TLS certificate ARN for the Unreal Horde load balancer. | `string` | n/a | yes | | [cluster\_name](#input\_cluster\_name) | The name of the cluster to deploy the Unreal Horde into. Defaults to null and a cluster will be created. | `string` | `null` | no | | [container\_api\_port](#input\_container\_api\_port) | The container port for the Unreal Horde web server. | `number` | `5000` | no | | [container\_cpu](#input\_container\_cpu) | The CPU allotment for the Unreal Horde container. | `number` | `1024` | no | @@ -176,7 +169,6 @@ No modules. | [enable\_unreal\_horde\_alb\_deletion\_protection](#input\_enable\_unreal\_horde\_alb\_deletion\_protection) | Enables deletion protection for the Unreal Horde ALB. Defaults to true. | `bool` | `false` | no | | [environment](#input\_environment) | The current environment (e.g. Development, Staging, Production, etc.). This will tag ressources and set ASPNETCORE\_ENVIRONMENT variable. | `string` | `"Development"` | no | | [existing\_security\_groups](#input\_existing\_security\_groups) | A list of existing security group IDs to attach to the Unreal Horde load balancer. | `list(string)` | `[]` | no | -| [fully\_qualified\_domain\_name](#input\_fully\_qualified\_domain\_name) | The fully qualified domain name where your Unreal Engine Horde server will be available. This agents will use this to enroll. | `string` | n/a | yes | | [github\_credentials\_secret\_arn](#input\_github\_credentials\_secret\_arn) | A secret containing the Github username and password with permissions to the EpicGames organization. | `string` | `null` | no | | [image](#input\_image) | The Horde Server image to use in the ECS service. | `string` | `"ghcr.io/epicgames/horde-server:latest-bundled"` | no | | [name](#input\_name) | The name attached to Unreal Engine Horde module resources. | `string` | `"unreal-horde"` | no | @@ -195,19 +187,4 @@ No modules. | [unreal\_horde\_cloudwatch\_log\_retention\_in\_days](#input\_unreal\_horde\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for Unreal Horde. | `string` | `365` | no | | [unreal\_horde\_external\_alb\_subnets](#input\_unreal\_horde\_external\_alb\_subnets) | A list of subnets to deploy the Unreal Horde load balancer into. Public subnets are recommended. | `list(string)` | `[]` | no | | [unreal\_horde\_internal\_alb\_subnets](#input\_unreal\_horde\_internal\_alb\_subnets) | A list of subnets to deploy the Unreal Horde internal load balancer into. Private subnets are recommended. | `list(string)` | `[]` | no | -| [unreal\_horde\_service\_subnets](#input\_unreal\_horde\_service\_subnets) | A list of subnets to deploy the Unreal Horde service into. Private subnets are recommended. | `list(string)` | n/a | yes | -| [vpc\_id](#input\_vpc\_id) | The ID of the existing VPC you would like to deploy Unreal Horde into. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [agent\_security\_group\_id](#output\_agent\_security\_group\_id) | n/a | -| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | n/a | -| [external\_alb\_sg\_id](#output\_external\_alb\_sg\_id) | n/a | -| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | n/a | -| [internal\_alb\_dns\_name](#output\_internal\_alb\_dns\_name) | n/a | -| [internal\_alb\_sg\_id](#output\_internal\_alb\_sg\_id) | n/a | -| [internal\_alb\_zone\_id](#output\_internal\_alb\_zone\_id) | n/a | -| [service\_security\_group\_id](#output\_service\_security\_group\_id) | n/a | diff --git a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md index dcdc4f18..bcaf0e71 100644 --- a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md +++ b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md @@ -90,9 +90,9 @@ The `scylla_subnets` variable determines the deployment topology of your ScyllaD | Name | Version | |------|---------| -| [aws](#provider\_aws) | 6.13.0 | +| [aws](#provider\_aws) | >=5.89.0 | | [random](#provider\_random) | 3.7.2 | -| [tls](#provider\_tls) | 4.1.0 | +| [tls](#provider\_tls) | >= 4.0.6 | ## Modules @@ -160,18 +160,12 @@ No modules. | [aws_vpc_security_group_ingress_rule.self_ingress_cluster_sg_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.self_ingress_sg_rules](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.scylla_monitoring_lb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | -| [aws_ami.amazon_linux](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_ami.scylla_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source | -| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.scylla_monitoring_assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.scylla_monitoring_policy_doc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [tls_certificate.eks_tls_certificate](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/data-sources/certificate) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [vpc\_id](#input\_vpc\_id) | String for VPC ID | `string` | n/a | yes | | [alb\_certificate\_arn](#input\_alb\_certificate\_arn) | The ARN of the certificate to use on the ALB | `string` | `null` | no | | [create\_application\_load\_balancer](#input\_create\_application\_load\_balancer) | Whether to create an application load balancer for the Scylla monitoring dashboard. | `bool` | `true` | no | | [create\_scylla\_monitoring\_stack](#input\_create\_scylla\_monitoring\_stack) | Whether to create the Scylla monitoring stack | `bool` | `true` | no | @@ -213,30 +207,11 @@ No modules. | [system\_managed\_node\_min\_size](#input\_system\_managed\_node\_min\_size) | Min number of system managed node group instances. | `number` | `1` | no | | [system\_node\_group\_label](#input\_system\_node\_group\_label) | Label applied to system node group | `map(string)` | 
{
  "pool": "system-pool"
}
| no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "Unreal DDC"
}
| no | -| [vpc\_id](#input\_vpc\_id) | String for VPC ID | `string` | n/a | yes | | [worker\_managed\_node\_desired\_size](#input\_worker\_managed\_node\_desired\_size) | Desired number of worker managed node group instances. | `number` | `1` | no | | [worker\_managed\_node\_instance\_type](#input\_worker\_managed\_node\_instance\_type) | Worker managed node group instance type. | `string` | `"c5.large"` | no | | [worker\_managed\_node\_max\_size](#input\_worker\_managed\_node\_max\_size) | Max number of worker managed node group instances. | `number` | `1` | no | | [worker\_managed\_node\_min\_size](#input\_worker\_managed\_node\_min\_size) | Min number of worker managed node group instances. | `number` | `0` | no | | [worker\_node\_group\_label](#input\_worker\_node\_group\_label) | Label applied to worker node group. These will need to be matched in values for taints and tolerations for the worker pod definition. | `map(string)` | 
{
  "unreal-cloud-ddc/node-type": "worker"
}
| no | - -## Outputs - -| Name | Description | -|------|-------------| -| [cluster\_arn](#output\_cluster\_arn) | ARN of the EKS Cluster | -| [cluster\_certificate\_authority\_data](#output\_cluster\_certificate\_authority\_data) | Public key for the EKS Cluster | -| [cluster\_endpoint](#output\_cluster\_endpoint) | EKS Cluster Endpoint | -| [cluster\_name](#output\_cluster\_name) | Name of the EKS Cluster | -| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | -| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | Zone ID for internet facing load balancer | -| [nvme\_node\_group\_label](#output\_nvme\_node\_group\_label) | Label for the NVME node group | -| [oidc\_provider\_arn](#output\_oidc\_provider\_arn) | OIDC provider for the EKS Cluster | -| [peer\_security\_group\_id](#output\_peer\_security\_group\_id) | ID of the Peer Security Group | -| [s3\_bucket\_id](#output\_s3\_bucket\_id) | Bucket to be used for the Unreal Cloud DDC assets | -| [scylla\_ips](#output\_scylla\_ips) | IPs of the Scylla EC2 instances | -| [system\_node\_group\_label](#output\_system\_node\_group\_label) | Label for the System node group | -| [worker\_node\_group\_label](#output\_worker\_node\_group\_label) | Label for the Worker node group | ## Requirements diff --git a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md index 4450a6d2..b7feb56c 100644 --- a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md +++ b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md @@ -114,39 +114,25 @@ The `unreal_cloud_ddc_helm_values` variable provides an open-ended way to config | [helm_release.unreal_cloud_ddc](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | | [kubernetes_namespace.unreal_cloud_ddc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource | | [kubernetes_service_account.unreal_cloud_ddc_service_account](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_eks_cluster.unreal_cloud_ddc_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source | -| [aws_iam_openid_connect_provider.oidc_provider](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_openid_connect_provider) | data source | -| [aws_iam_policy_document.unreal_cloud_ddc_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_lb.unreal_cloud_ddc_load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_s3_bucket.unreal_cloud_ddc_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [certificate\_manager\_hosted\_zone\_arn](#input\_certificate\_manager\_hosted\_zone\_arn) | ARN of the Certificate Manager for Ingress. | `list(string)` | `[]` | no | | [cluster\_name](#input\_cluster\_name) | Name of the EKS Cluster | `string` | n/a | yes | | [cluster\_oidc\_provider\_arn](#input\_cluster\_oidc\_provider\_arn) | ARN of the OIDC Provider from EKS Cluster | `string` | n/a | yes | -| [enable\_certificate\_manager](#input\_enable\_certificate\_manager) | Enable Certificate Manager for Ingress. Required for TLS termination. | `bool` | `false` | no | | [ghcr\_credentials\_secret\_manager\_arn](#input\_ghcr\_credentials\_secret\_manager\_arn) | Arn for credentials stored in secret manager. Needs to be prefixed with 'ecr-pullthroughcache/' to be compatible with ECR pull through cache. | `string` | n/a | yes | +| [s3\_bucket\_id](#input\_s3\_bucket\_id) | ID of the S3 Bucket for Unreal Cloud DDC to use | `string` | n/a | yes | +| [certificate\_manager\_hosted\_zone\_arn](#input\_certificate\_manager\_hosted\_zone\_arn) | ARN of the Certificate Manager for Ingress. | `list(string)` | `[]` | no | +| [enable\_certificate\_manager](#input\_enable\_certificate\_manager) | Enable Certificate Manager for Ingress. Required for TLS termination. | `bool` | `false` | no | | [name](#input\_name) | Unreal Cloud DDC Workload Name | `string` | `"unreal-cloud-ddc"` | no | | [oidc\_credentials\_secret\_manager\_arn](#input\_oidc\_credentials\_secret\_manager\_arn) | Arn for oidc credentials stored in secret manager. | `string` | `null` | no | | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appended to the beginning of most resource names. | `string` | `"cgd"` | no | -| [s3\_bucket\_id](#input\_s3\_bucket\_id) | ID of the S3 Bucket for Unreal Cloud DDC to use | `string` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "Unreal DDC"
}
| no | | [unreal\_cloud\_ddc\_helm\_values](#input\_unreal\_cloud\_ddc\_helm\_values) | List of YAML files for Unreal Cloud DDC | `list(string)` | `[]` | no | | [unreal\_cloud\_ddc\_namespace](#input\_unreal\_cloud\_ddc\_namespace) | Namespace for Unreal Cloud DDC | `string` | `"unreal-cloud-ddc"` | no | | [unreal\_cloud\_ddc\_service\_account\_name](#input\_unreal\_cloud\_ddc\_service\_account\_name) | Name of Unreal Cloud DDC service account. | `string` | `"unreal-cloud-ddc-sa"` | no | | [unreal\_cloud\_ddc\_version](#input\_unreal\_cloud\_ddc\_version) | Version of the Unreal Cloud DDC Helm chart. | `string` | `"1.2.0"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [unreal\_cloud\_ddc\_load\_balancer\_name](#output\_unreal\_cloud\_ddc\_load\_balancer\_name) | n/a | -| [unreal\_cloud\_ddc\_load\_balancer\_zone\_id](#output\_unreal\_cloud\_ddc\_load\_balancer\_zone\_id) | n/a | ## Requirements diff --git a/modules/vdi/README.md b/modules/vdi/README.md index b34cc80d..35ea5f82 100644 --- a/modules/vdi/README.md +++ b/modules/vdi/README.md @@ -517,11 +517,11 @@ This project is licensed under the MIT-0 License. See the [LICENSE](../../../LIC | Name | Version | |------|---------| -| [aws](#provider\_aws) | 6.5.0 | -| [awscc](#provider\_awscc) | 1.60.0 | -| [random](#provider\_random) | 3.7.2 | -| [time](#provider\_time) | 0.13.1 | -| [tls](#provider\_tls) | 4.1.0 | +| [aws](#provider\_aws) | >= 6.0.0 | +| [awscc](#provider\_awscc) | >= 1.0.0 | +| [random](#provider\_random) | >= 3.0.0 | +| [time](#provider\_time) | >= 0.9.0 | +| [tls](#provider\_tls) | >= 4.0.0 | ## Modules @@ -595,15 +595,13 @@ No modules. | [tls_private_key.client_vpn_users](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource | | [tls_private_key.workstation_keys](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource | | [tls_self_signed_cert.client_vpn_ca](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource | -| [aws_iam_policy_document.vdi_instance_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_subnet.workstation_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source | -| [aws_vpc.selected](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [region](#input\_region) | AWS region for deployment | `string` | n/a | yes | +| [vpc\_id](#input\_vpc\_id) | VPC ID where VDI instances will be deployed | `string` | n/a | yes | | [capacity\_reservation\_preference](#input\_capacity\_reservation\_preference) | Capacity reservation preference for EC2 instances | `string` | `null` | no | | [client\_vpn\_config](#input\_client\_vpn\_config) | Client VPN configuration for private connectivity | 
object({
    client_cidr_block       = optional(string, "192.168.0.0/16")
    generate_client_configs = optional(bool, true)
    split_tunnel            = optional(bool, true)
  })
| `{}` | no | | [create\_client\_vpn](#input\_create\_client\_vpn) | Create AWS Client VPN endpoint infrastructure (VPN endpoint, certificates, S3 bucket for configs) | `bool` | `false` | no | @@ -614,24 +612,9 @@ No modules. | [log\_retention\_days](#input\_log\_retention\_days) | CloudWatch log retention period in days | `number` | `30` | no | | [presets](#input\_presets) | Configuration blueprints defining instance types and named volumes with Windows drive mapping.

**KEY BECOMES PRESET NAME**: The map key (e.g., "ue-developer") becomes the preset name referenced by workstations.

Presets provide reusable configurations that can be referenced by multiple workstations via preset\_key.

Example:
presets = {
"ue-developer" = { # ← This key becomes the preset name
instance\_type = "g4dn.2xlarge"
gpu\_enabled = true
volumes = {
Root = { capacity = 256, type = "gp3" } # Root volume automatically gets C:
Projects = { capacity = 1024, type = "gp3", windows\_drive = "Z:" } # Specify drive letter
Cache = { capacity = 500, type = "gp3" } # Auto-assigned high-alphabet letter (Y:, X:, etc.)
}
}
"basic-workstation" = { # ← Another preset name
instance\_type = "g4dn.xlarge"
gpu\_enabled = true
volumes = {
Root = { capacity = 200, type = "gp3" } # Root volume automatically gets C:
UserData = { capacity = 500, type = "gp3" } # Auto-assigned high-alphabet letter
}
}
}

# Referenced by workstations:
workstations = {
"alice-ws" = {
preset\_key = "ue-developer" # ← References preset by key
}
}

Valid volume types: "gp2", "gp3", "io1", "io2"
Drive letters are auto-assigned by Windows (typically C: for root, D:, E:, F:, etc. for additional volumes).

additional\_policy\_arns: List of additional IAM policy ARNs to attach to the VDI instance role.
Example: ["arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess", "arn:aws:iam::123456789012:policy/MyCustomPolicy"] | 
map(object({
    # Core compute configuration
    instance_type = string
    ami           = optional(string, null)

    # Hardware configuration
    gpu_enabled = optional(bool, true)

    # Named volumes with auto-assigned drive letters
    volumes = map(object({
      capacity   = number
      type       = string
      iops       = optional(number, 3000)
      throughput = optional(number, 125)
      encrypted  = optional(bool, true)
    }))

    # Optional configuration
    iam_instance_profile   = optional(string, null)
    additional_policy_arns = optional(list(string), []) # Additional IAM policy ARNs to attach to the VDI instance role
    software_packages      = optional(list(string), null)
    tags                   = optional(map(string), {})
  }))
| `{}` | no | | [project\_prefix](#input\_project\_prefix) | Prefix for resource names | `string` | `"cgd"` | no | -| [region](#input\_region) | AWS region for deployment | `string` | n/a | yes | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "terraform-aws-vdi",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/vdi",
  "RootModuleName": "-"
}
| no | | [users](#input\_users) | Local Windows user accounts with Windows group types and network connectivity (managed via Secrets Manager)

**KEY BECOMES WINDOWS USERNAME**: The map key (e.g., "john-doe") becomes the actual Windows username created on VDI instances.

type options (Windows groups):
- "fleet\_administrator": User added to Windows Administrators group, created on ALL workstations (fleet management)
- "administrator": User added to Windows Administrators group, created only on assigned workstation
- "user": User added to Windows Users group, created only on assigned workstation

use\_client\_vpn options (VPN access):
- false: User accesses VDI via public internet or external VPN (default)
- true: User accesses VDI via module's Client VPN (generates VPN config)

Example:
users = {
"vdiadmin" = { # ← This key becomes Windows username "vdiadmin"
given\_name = "VDI"
family\_name = "Administrator"
email = "admin@example.com"
type = "fleet\_administrator" # Windows Administrators group on ALL workstations
use\_client\_vpn = false # Accesses via public internet/external VPN
}
"alice" = { # ← Public connectivity user
given\_name = "Alice"
family\_name = "Smith"
email = "alice@example.com"
type = "user" # Windows Users group
use\_client\_vpn = false # Accesses via public internet (allowed\_cidr\_blocks)
}
"bob" = { # ← Private connectivity user
given\_name = "Bob"
family\_name = "Johnson"
email = "bob@example.com"
type = "user" # Windows Users group
use\_client\_vpn = true # Accesses via module's Client VPN
}
}

# User assignment is now direct:
# assigned\_user = "naruto-uzumaki" # References users{} key directly in workstation | 
map(object({
    given_name     = string
    family_name    = string
    email          = string
    type           = optional(string, "user") # "administrator" or "user" (Windows group)
    use_client_vpn = optional(bool, false)    # Whether this user connects via module's Client VPN
    tags           = optional(map(string), {})
  }))
| `{}` | no | -| [vpc\_id](#input\_vpc\_id) | VPC ID where VDI instances will be deployed | `string` | n/a | yes | | [workstations](#input\_workstations) | Physical infrastructure instances with template references and placement configuration.

**KEY BECOMES WORKSTATION NAME**: The map key (e.g., "alice-workstation") becomes the workstation identifier used throughout the module.

Workstations inherit configuration from templates via preset\_key reference.

Example:
workstations = {
# Public connectivity - user accesses via internet
"alice-workstation" = {
preset\_key = "ue-developer"
subnet\_id = "subnet-public-123" # Public subnet
security\_groups = ["sg-vdi-public"]
assigned\_user = "alice"
allowed\_cidr\_blocks = ["203.0.113.1/32"] # Alice's home IP
}
# Private connectivity - user accesses via VPN
"bob-workstation" = {
preset\_key = "basic-workstation"
subnet\_id = "subnet-private-456" # Private subnet
security\_groups = ["sg-vdi-private"]
assigned\_user = "bob"
# No allowed\_cidr\_blocks - accessed via Client VPN
}
# Additional volumes at workstation level
"dev-workstation" = {
preset\_key = "basic-workstation"
subnet\_id = "subnet-private-789"
security\_groups = ["sg-vdi-private"]
volumes = {
ExtraStorage = { capacity = 2000, type = "gp3", windows\_drive = "Y:" }
}
}
}

# User assignment is now direct:
# assigned\_user = "alice" # References users{} key directly in workstation

Drive letters are auto-assigned by Windows. Users can reassign them via Disk Management if needed.

additional\_policy\_arns: List of additional IAM policy ARNs to attach to the VDI instance role.
Example: ["arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess", "arn:aws:iam::123456789012:policy/MyCustomPolicy"] | 
map(object({
    # Preset reference (optional - can use direct config instead)
    preset_key = optional(string, null)

    # Infrastructure placement
    subnet_id       = string
    security_groups = list(string)
    assigned_user   = optional(string, null) # User assigned to this workstation (for administrator/user types only)

    # Direct configuration (used when preset_key is null or as overrides)
    ami           = optional(string, null)
    instance_type = optional(string, null)
    gpu_enabled   = optional(bool, null)
    volumes = optional(map(object({
      capacity   = number
      type       = string
      iops       = optional(number, 3000)
      throughput = optional(number, 125)
      encrypted  = optional(bool, true)
    })), null)
    iam_instance_profile   = optional(string, null)
    additional_policy_arns = optional(list(string), []) # Additional IAM policy ARNs to attach to the VDI instance role
    software_packages      = optional(list(string), null)

    # Optional overrides
    allowed_cidr_blocks             = optional(list(string), null)
    capacity_reservation_preference = optional(string, null)
    tags                            = optional(map(string), null)
  }))
| `{}` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [ami\_id](#output\_ami\_id) | AMI ID used for workstations | -| [connection\_info](#output\_connection\_info) | Complete connection information for VDI workstations | -| [emergency\_key\_paths](#output\_emergency\_key\_paths) | S3 paths for emergency private keys | -| [private\_keys](#output\_private\_keys) | Private keys for emergency access (sensitive) | -| [private\_zone\_id](#output\_private\_zone\_id) | Private hosted zone ID for creating additional VPC associations | -| [private\_zone\_name](#output\_private\_zone\_name) | Private hosted zone name | -| [public\_ips](#output\_public\_ips) | Map of workstation public IP addresses | -| [vpn\_configs\_bucket](#output\_vpn\_configs\_bucket) | S3 bucket name for VPN configuration files | ## Volume Management diff --git a/modules/vdi/examples/private-connectivity/README.md b/modules/vdi/examples/private-connectivity/README.md index 71e32032..9da3c44c 100644 --- a/modules/vdi/examples/private-connectivity/README.md +++ b/modules/vdi/examples/private-connectivity/README.md @@ -86,7 +86,7 @@ Check installation progress via CloudWatch logs or SSM status commands in output | Name | Version | |------|---------| -| [aws](#provider\_aws) | 6.17.0 | +| [aws](#provider\_aws) | >= 6.0.0 | ## Modules @@ -113,18 +113,8 @@ Check installation progress via CloudWatch logs or SSM status commands in output | [aws_vpc_security_group_ingress_rule.vdi_dcv](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_rdp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | -| [aws_ami.vdi_lightweight_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_ami.vdi_ue_gamedev_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | ## Inputs No inputs. - -## Outputs - -| Name | Description | -|------|-------------| -| [connection\_info](#output\_connection\_info) | VDI connection information | diff --git a/modules/vdi/examples/public-connectivity/README.md b/modules/vdi/examples/public-connectivity/README.md index a41a3a22..4e805972 100644 --- a/modules/vdi/examples/public-connectivity/README.md +++ b/modules/vdi/examples/public-connectivity/README.md @@ -196,8 +196,8 @@ If custom AMIs aren't built, Terraform will fail with data source error: | Name | Version | |------|---------| -| [aws](#provider\_aws) | 6.19.0 | -| [http](#provider\_http) | 3.5.0 | +| [aws](#provider\_aws) | >= 6.0.0 | +| [http](#provider\_http) | >= 3.0.0 | ## Modules @@ -220,19 +220,8 @@ If custom AMIs aren't built, Terraform will fail with data source error: | [aws_vpc_security_group_ingress_rule.vdi_http](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_rdp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | -| [aws_ami.vdi_lightweight_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_ami.vdi_ue_gamedev_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | -| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source | ## Inputs No inputs. - -## Outputs - -| Name | Description | -|------|-------------| -| [connection\_info](#output\_connection\_info) | VDI connection information | diff --git a/samples/simple-build-pipeline/README.md b/samples/simple-build-pipeline/README.md index 9569b2fc..e95584b1 100644 --- a/samples/simple-build-pipeline/README.md +++ b/samples/simple-build-pipeline/README.md @@ -370,23 +370,10 @@ Tearing down the resources created by the _Simple Build Pipeline_ is as easy as | [aws_vpc_security_group_ingress_rule.p4_code_review_http_from_internal_alb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.p4_server_from_jenkins_build_farm](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.p4_server_from_jenkins_service](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | -| [aws_ami.ubuntu_noble_amd](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ami) | data source | -| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/availability_zones) | data source | -| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/route53_zone) | data source | -| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/3.5.0/docs/data-sources/http) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The fully qualified domain name of your existing Route53 Hosted Zone. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [jenkins\_url](#output\_jenkins\_url) | The URL for the Jenkins service. | -| [p4\_auth\_admin\_url](#output\_p4\_auth\_admin\_url) | The URL for the P4Auth service admin page. | -| [p4\_code\_review\_url](#output\_p4\_code\_review\_url) | The URL for the P4 Code Review service. | -| [p4\_server\_connection\_string](#output\_p4\_server\_connection\_string) | The connection string for the P4 Server. Set your P4PORT environment variable to this value. | diff --git a/samples/unreal-cloud-ddc-single-region/README.md b/samples/unreal-cloud-ddc-single-region/README.md index 43340d17..74adf68c 100644 --- a/samples/unreal-cloud-ddc-single-region/README.md +++ b/samples/unreal-cloud-ddc-single-region/README.md @@ -126,29 +126,14 @@ This sample also deploys a ScyllaDB monitoring stack, enabling real-time insight | [aws_vpc_security_group_ingress_rule.unreal_ddc_load_balancer_http_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.unreal_ddc_load_balancer_https_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [awscc_secretsmanager_secret.unreal_cloud_ddc_token](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/secretsmanager_secret) | resource | -| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | -| [aws_secretsmanager_secret_version.unreal_cloud_ddc_token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret_version) | data source | -| [http_http.public_ip](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [allow\_my\_ip](#input\_allow\_my\_ip) | Automatically add your IP to the security groups allowing access to the Unreal DDC and SycllaDB Monitoring load balancers | `bool` | `true` | no | | [github\_credential\_arn](#input\_github\_credential\_arn) | Github Credential ARN | `string` | n/a | yes | | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The root domain name for the Hosted Zone where the ScyllaDB monitoring record should be created. | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [monitoring\_url](#output\_monitoring\_url) | n/a | -| [unreal\_cloud\_ddc\_bearer\_token\_arn](#output\_unreal\_cloud\_ddc\_bearer\_token\_arn) | n/a | -| [unreal\_ddc\_url](#output\_unreal\_ddc\_url) | n/a | +| [allow\_my\_ip](#input\_allow\_my\_ip) | Automatically add your IP to the security groups allowing access to the Unreal DDC and SycllaDB Monitoring load balancers | `bool` | `true` | no | ## Requirements diff --git a/test-vdi-components.ps1 b/test-vdi-components.ps1 index 6ed26488..cd532cc0 100644 --- a/test-vdi-components.ps1 +++ b/test-vdi-components.ps1 @@ -17,7 +17,7 @@ try { Write-Host "Downloading SSM Agent..." Invoke-WebRequest -Uri $ssmAgentUrl -OutFile $ssmAgentPath -TimeoutSec 300 - + Write-Host "Installing SSM Agent..." Start-Process -FilePath $ssmAgentPath -ArgumentList "/S" -Wait @@ -39,24 +39,24 @@ try { Write-Host "Downloading AWS CLI..." Invoke-WebRequest -Uri $awsCliUrl -OutFile $awsCliPath -TimeoutSec 300 - + Write-Host "Installing AWS CLI..." Start-Process -FilePath "msiexec.exe" -ArgumentList "/i", $awsCliPath, "/quiet", "/norestart" -Wait Write-Host "Verifying AWS CLI installation..." Start-Sleep -Seconds 10 # Wait for installation to complete - + # Check if AWS CLI executable exists $awsExePath = "${env:ProgramFiles}\Amazon\AWSCLIV2\aws.exe" if (Test-Path $awsExePath) { Write-Host "AWS CLI executable found at: $awsExePath" -ForegroundColor Green - + # Test AWS CLI functionality $awsVersion = & $awsExePath --version 2>&1 Write-Host "AWS CLI version: $awsVersion" -ForegroundColor Green } else { Write-Host "AWS CLI executable NOT found at expected location" -ForegroundColor Red - + # Check alternate locations $altPaths = @( "${env:ProgramFiles(x86)}\Amazon\AWSCLIV2\aws.exe", @@ -79,7 +79,7 @@ Write-Host "`n3. Testing PATH availability..." -ForegroundColor Yellow try { # Refresh PATH environment $env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") - + # Test if 'aws' command works from PATH $awsFromPath = aws --version 2>&1 Write-Host "AWS CLI from PATH: $awsFromPath" -ForegroundColor Green @@ -88,4 +88,4 @@ try { } Write-Host "`n=== Test Complete ===" -ForegroundColor Cyan -Write-Host "Run this script on a fresh Windows Server 2025 instance to see what fails" \ No newline at end of file +Write-Host "Run this script on a fresh Windows Server 2025 instance to see what fails" From 030c1ddc3199d184e606165f6b179e63254e7b98 Mon Sep 17 00:00:00 2001 From: Kevon Mayers Date: Sun, 9 Nov 2025 22:57:36 -0500 Subject: [PATCH 3/5] fix(ci): mount repository files in terraform-docs Docker container - Add volume mounting (-v) and working directory (-w) to Docker alias - Fixes 'config file not found' error in CI when terraform-docs tries to access .config/.terraform-docs.yml - Uses GITHUB_WORKSPACE for reliable path resolution in GitHub Actions - Allows Docker container to access repository files while keeping config in proper .config/ directory --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 252570a6..b6fbca9c 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -68,7 +68,7 @@ jobs: { echo "#!/usr/bin/bash" - echo "docker run --rm quay.io/terraform-docs/terraform-docs:0.20.0 \"\$@\"" + echo "docker run --rm -v \$GITHUB_WORKSPACE:\$GITHUB_WORKSPACE -w \$GITHUB_WORKSPACE quay.io/terraform-docs/terraform-docs:0.20.0 \"\$@\"" } >> $RUNNER_TEMP/docker-aliases/terraform-docs chmod +x $RUNNER_TEMP/docker-aliases/terraform-docs From 265c9b96b91159015c12dd9e25cbf56e84519cf8 Mon Sep 17 00:00:00 2001 From: Kevon Mayers Date: Sun, 9 Nov 2025 23:48:11 -0500 Subject: [PATCH 4/5] chore: add log level for Checkov and restructure tf docs yaml file --- .config/.terraform-docs.yml | 15 +++------------ .pre-commit-config.yaml | 2 ++ 2 files changed, 5 insertions(+), 12 deletions(-) diff --git a/.config/.terraform-docs.yml b/.config/.terraform-docs.yml index e3147a42..8d881767 100644 --- a/.config/.terraform-docs.yml +++ b/.config/.terraform-docs.yml @@ -1,13 +1,7 @@ formatter: markdown table -sections: - show: - - header - - requirements - - inputs - - providers - - modules - - resources - - footer +sort: + enabled: true + by: required output: file: README.md mode: inject @@ -15,6 +9,3 @@ output: {{ .Content }} -sort: - enabled: true - by: required diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4effd854..1f356264 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,6 +18,8 @@ repos: hooks: - id: checkov args: ["--config-file", ".config/.checkov.yml", "--quiet"] + env: + LOG_LEVEL: ERROR - repo: https://github.com/antonbabenko/pre-commit-terraform rev: "v1.99.5" hooks: From de7b51875effdb293bedac35689b69ce2ba12e24 Mon Sep 17 00:00:00 2001 From: Kevon Mayers Date: Sun, 9 Nov 2025 23:48:27 -0500 Subject: [PATCH 5/5] docs: re-run pre-commit --- modules/jenkins/README.md | 23 +++++++++++++++ modules/perforce/README.md | 29 +++++++++++++++++++ .../create-resources-complete/README.md | 12 ++++++++ modules/perforce/modules/p4-auth/README.md | 19 ++++++++++++ .../perforce/modules/p4-code-review/README.md | 18 ++++++++++++ modules/perforce/modules/p4-server/README.md | 17 +++++++++++ modules/teamcity/README.md | 18 ++++++++++++ modules/unity/accelerator/README.md | 22 ++++++++++++++ .../unity/floating-license-server/README.md | 26 +++++++++++++++++ modules/unreal/horde/README.md | 23 +++++++++++++++ .../unreal-cloud-ddc-infra/README.md | 25 ++++++++++++++++ .../unreal-cloud-ddc-intra-cluster/README.md | 14 +++++++++ modules/vdi/README.md | 17 +++++++++++ .../examples/private-connectivity/README.md | 10 +++++++ .../examples/public-connectivity/README.md | 11 +++++++ samples/simple-build-pipeline/README.md | 13 +++++++++ .../unreal-cloud-ddc-single-region/README.md | 15 ++++++++++ 17 files changed, 312 insertions(+) diff --git a/modules/jenkins/README.md b/modules/jenkins/README.md index 645556e5..13c8bb5d 100644 --- a/modules/jenkins/README.md +++ b/modules/jenkins/README.md @@ -79,6 +79,18 @@ No modules. | [random_string.fsxz](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.jenkins](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.jenkins_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/caller_identity) | data source | +| [aws_ecs_cluster.jenkins_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.build_farm_fsxz_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.build_farm_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ec2_fleet_plugin_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.jenkins_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | +| [aws_vpc.build_farm_vpc](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/vpc) | data source | ## Inputs @@ -120,4 +132,15 @@ No modules. | [name](#input\_name) | The name attached to Jenkins module resources. | `string` | `"jenkins"` | no | | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appeneded to the beginning of most resource names. | `string` | `"cgd"` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "iac-management": "CGD-Toolkit",
  "iac-module": "Jenkins",
  "iac-provider": "Terraform"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the Jenkins load balancer | +| [build\_farm\_security\_group\_id](#output\_build\_farm\_security\_group\_id) | Security group associated with the build farm autoscaling groups | +| [jenkins\_alb\_dns\_name](#output\_jenkins\_alb\_dns\_name) | The DNS name of the Jenkins application load balancer. | +| [jenkins\_alb\_zone\_id](#output\_jenkins\_alb\_zone\_id) | The zone ID of the Jenkins ALB. | +| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service hosting jenkins | +| [service\_target\_group\_arn](#output\_service\_target\_group\_arn) | The ARN of the Jenkins service target group | diff --git a/modules/perforce/README.md b/modules/perforce/README.md index f9a7611c..44198ae9 100644 --- a/modules/perforce/README.md +++ b/modules/perforce/README.md @@ -200,6 +200,8 @@ packer build perforce_x86.pkr.hcl | [aws_vpc_security_group_ingress_rule.perforce_web_services_inbound_from_perforce_nlb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [null_resource.parent_module_certificate](https://registry.terraform.io/providers/hashicorp/null/3.2.4/docs/resources/resource) | resource | | [random_string.shared_lb_access_logs_bucket](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.shared_lb_access_logs_bucket_lb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | ## Inputs @@ -230,4 +232,31 @@ packer build perforce_x86.pkr.hcl | [shared\_nlb\_access\_logs\_prefix](#input\_shared\_nlb\_access\_logs\_prefix) | Log prefix for shared NLB access logs. | `string` | `"perforce-nlb-"` | no | | [shared\_nlb\_subnets](#input\_shared\_nlb\_subnets) | A list of subnets to attach to the shared network load balancer. | `list(string)` | `null` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "terraform-aws-perforce",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "-"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [p4\_auth\_alb\_dns\_name](#output\_p4\_auth\_alb\_dns\_name) | The DNS name of the P4Auth ALB. | +| [p4\_auth\_alb\_security\_group\_id](#output\_p4\_auth\_alb\_security\_group\_id) | Security group associated with the P4Auth load balancer. | +| [p4\_auth\_alb\_zone\_id](#output\_p4\_auth\_alb\_zone\_id) | The hosted zone ID of the P4Auth ALB. | +| [p4\_auth\_perforce\_cluster\_name](#output\_p4\_auth\_perforce\_cluster\_name) | Name of the ECS cluster hosting P4Auth. | +| [p4\_auth\_service\_security\_group\_id](#output\_p4\_auth\_service\_security\_group\_id) | Security group associated with the ECS service running P4Auth. | +| [p4\_auth\_target\_group\_arn](#output\_p4\_auth\_target\_group\_arn) | The service target group for the P4Auth. | +| [p4\_code\_review\_alb\_dns\_name](#output\_p4\_code\_review\_alb\_dns\_name) | The DNS name of the P4 Code Review ALB. | +| [p4\_code\_review\_alb\_security\_group\_id](#output\_p4\_code\_review\_alb\_security\_group\_id) | Security group associated with the P4 Code Review load balancer. | +| [p4\_code\_review\_alb\_zone\_id](#output\_p4\_code\_review\_alb\_zone\_id) | The hosted zone ID of the P4 Code Review ALB. | +| [p4\_code\_review\_perforce\_cluster\_name](#output\_p4\_code\_review\_perforce\_cluster\_name) | Name of the ECS cluster hosting P4 Code Review. | +| [p4\_code\_review\_service\_security\_group\_id](#output\_p4\_code\_review\_service\_security\_group\_id) | Security group associated with the ECS service running P4 Code Review. | +| [p4\_code\_review\_target\_group\_arn](#output\_p4\_code\_review\_target\_group\_arn) | The service target group for the P4 Code Review. | +| [p4\_server\_eip\_id](#output\_p4\_server\_eip\_id) | The ID of the Elastic IP associated with your P4 Server instance. | +| [p4\_server\_eip\_public\_ip](#output\_p4\_server\_eip\_public\_ip) | The public IP of your P4 Server instance. | +| [p4\_server\_instance\_id](#output\_p4\_server\_instance\_id) | Instance ID for the P4 Server instance | +| [p4\_server\_lambda\_link\_name](#output\_p4\_server\_lambda\_link\_name) | The name of the Lambda link for the P4 Server instance to use with FSxN. | +| [p4\_server\_private\_ip](#output\_p4\_server\_private\_ip) | Private IP for the P4 Server instance | +| [p4\_server\_security\_group\_id](#output\_p4\_server\_security\_group\_id) | The default security group of your P4 Server instance. | +| [p4\_server\_super\_user\_password\_secret\_arn](#output\_p4\_server\_super\_user\_password\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's username. | +| [p4\_server\_super\_user\_username\_secret\_arn](#output\_p4\_server\_super\_user\_username\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's password. | +| [shared\_application\_load\_balancer\_arn](#output\_shared\_application\_load\_balancer\_arn) | The ARN of the shared application load balancer. | +| [shared\_network\_load\_balancer\_arn](#output\_shared\_network\_load\_balancer\_arn) | The ARN of the shared network load balancer. | diff --git a/modules/perforce/examples/create-resources-complete/README.md b/modules/perforce/examples/create-resources-complete/README.md index 874cc027..26145ff9 100644 --- a/modules/perforce/examples/create-resources-complete/README.md +++ b/modules/perforce/examples/create-resources-complete/README.md @@ -80,10 +80,22 @@ finished validation. Wait a few minutes and retry `terraform apply`. | [aws_vpc_security_group_ingress_rule.allow_https](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.allow_icmp](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.allow_perforce](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | +| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/availability_zones) | data source | +| [aws_lb.shared_services_nlb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/lb) | data source | +| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/route53_zone) | data source | +| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/3.5.0/docs/data-sources/http) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The name of your existing Route53 Public Hosted Zone. This is required to create the ACM certificate and Route53 records. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [p4\_auth\_admin\_url](#output\_p4\_auth\_admin\_url) | The URL for the P4Auth service admin page. | +| [p4\_code\_review\_url](#output\_p4\_code\_review\_url) | The URL for the P4 Code Review service. | +| [p4\_server\_connection\_string](#output\_p4\_server\_connection\_string) | The connection string for the P4 Server. Set your P4PORT environment variable to this value. | diff --git a/modules/perforce/modules/p4-auth/README.md b/modules/perforce/modules/p4-auth/README.md index 0a121b46..4c2e7842 100644 --- a/modules/perforce/modules/p4-auth/README.md +++ b/modules/perforce/modules/p4-auth/README.md @@ -123,6 +123,14 @@ No modules. | [awscc_secretsmanager_secret.admin_username](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.p4_auth](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ecs_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.helix_authentication_service_scim_secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs @@ -163,4 +171,15 @@ No modules. | [s3\_enable\_force\_destroy](#input\_s3\_enable\_force\_destroy) | Enables force destroy for the S3 bucket for P4Auth access log storage. Defaults to true. | `bool` | `true` | no | | [scim\_bearer\_token\_arn](#input\_scim\_bearer\_token\_arn) | If you would like to use SCIM to provision users and groups, you need to set this variable to the ARN of an AWS Secrets Manager secret containing the bearer token. | `string` | `null` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-auth",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_dns\_name](#output\_alb\_dns\_name) | The DNS name of the P4Auth ALB | +| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the P4Auth load balancer | +| [alb\_zone\_id](#output\_alb\_zone\_id) | The hosted zone ID of the P4Auth ALB | +| [cluster\_name](#output\_cluster\_name) | Name of the ECS cluster hosting P4Auth | +| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service running P4Auth | +| [target\_group\_arn](#output\_target\_group\_arn) | The service target group for P4Auth | diff --git a/modules/perforce/modules/p4-code-review/README.md b/modules/perforce/modules/p4-code-review/README.md index d6a24d16..9becf4d5 100644 --- a/modules/perforce/modules/p4-code-review/README.md +++ b/modules/perforce/modules/p4-code-review/README.md @@ -97,6 +97,13 @@ No modules. | [aws_vpc_security_group_ingress_rule.elasticache_inbound_from_ecs_service](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.p4_code_review](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ecs_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs @@ -139,4 +146,15 @@ No modules. | [project\_prefix](#input\_project\_prefix) | The project prefix for this workload. This is appended to the beginning of most resource names. | `string` | `"cgd"` | no | | [s3\_enable\_force\_destroy](#input\_s3\_enable\_force\_destroy) | Enables force destroy for the S3 bucket for P4 Code Review access log storage. Defaults to true. | `bool` | `true` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-code-review",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_dns\_name](#output\_alb\_dns\_name) | The DNS name of the P4 Code Review ALB | +| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | Security group associated with the P4 Code Review load balancer | +| [alb\_zone\_id](#output\_alb\_zone\_id) | The hosted zone ID of the P4 Code Review ALB | +| [cluster\_name](#output\_cluster\_name) | Name of the ECS cluster hosting P4 Code Review | +| [service\_security\_group\_id](#output\_service\_security\_group\_id) | Security group associated with the ECS service running P4 Code Review | +| [target\_group\_arn](#output\_target\_group\_arn) | The service target group for P4 Code Review | diff --git a/modules/perforce/modules/p4-server/README.md b/modules/perforce/modules/p4-server/README.md index d11ff6cb..de607459 100644 --- a/modules/perforce/modules/p4-server/README.md +++ b/modules/perforce/modules/p4-server/README.md @@ -102,6 +102,10 @@ No modules. | [netapp-ontap_san_lun-map.logs_lun_map](https://registry.terraform.io/providers/NetApp/netapp-ontap/2.3.0/docs/resources/san_lun-map) | resource | | [netapp-ontap_san_lun-map.metadata_lun_map](https://registry.terraform.io/providers/NetApp/netapp-ontap/2.3.0/docs/resources/san_lun-map) | resource | | [random_string.p4_server](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ami.existing_server_ami](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ami) | data source | +| [aws_iam_policy_document.default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_subnet.instance_subnet](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/subnet) | data source | ## Inputs @@ -142,4 +146,17 @@ No modules. | [super\_user\_username\_secret\_arn](#input\_super\_user\_username\_secret\_arn) | If you would like to manage your own super user credentials through AWS Secrets Manager provide the ARN for the super user's username here. Otherwise, the default of 'perforce' will be used. | `string` | `null` | no | | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "p4-server",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/perforce/terraform-aws-perforce",
  "RootModuleName": "terraform-aws-perforce"
}
| no | | [unicode](#input\_unicode) | Whether to enable Unicode configuration for P4 Server the -xi flag for p4d. Set to true to enable Unicode support. | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [eip\_id](#output\_eip\_id) | The ID of the Elastic IP associated with your P4 Server instance. | +| [eip\_public\_ip](#output\_eip\_public\_ip) | The public IP of your P4 Server instance. | +| [instance\_id](#output\_instance\_id) | Instance ID for the P4 Server instance | +| [lambda\_link\_name](#output\_lambda\_link\_name) | Lambda function name for the FSxN Link | +| [private\_ip](#output\_private\_ip) | Private IP for the P4 Server instance | +| [security\_group\_id](#output\_security\_group\_id) | The default security group of your P4 Server instance. | +| [super\_user\_password\_secret\_arn](#output\_super\_user\_password\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's password. | +| [super\_user\_username\_secret\_arn](#output\_super\_user\_username\_secret\_arn) | The ARN of the AWS Secrets Manager secret holding your P4 Server super user's username. | diff --git a/modules/teamcity/README.md b/modules/teamcity/README.md index 379a0fe1..4385db22 100644 --- a/modules/teamcity/README.md +++ b/modules/teamcity/README.md @@ -85,6 +85,15 @@ No modules. | [aws_vpc_security_group_ingress_rule.service_inbound_alb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.teamcity_agent_inbound](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.teamcity_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ecs_cluster.teamcity_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_efs_file_system.efs_file_system](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/efs_file_system) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.teamcity_agent_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.teamcity_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.teamcity_execution_database_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs @@ -122,4 +131,13 @@ No modules. | [teamcity\_cloudwatch\_log\_retention\_in\_days](#input\_teamcity\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for TeamCity. | `string` | `365` | no | | [teamcity\_efs\_performance\_mode](#input\_teamcity\_efs\_performance\_mode) | The performance mode of the EFS file system used by the TeamCity service. Defaults to general purpose. | `string` | `"generalPurpose"` | no | | [teamcity\_efs\_throughput\_mode](#input\_teamcity\_efs\_throughput\_mode) | The throughput mode of the EFS file system used by the TeamCity service. Defaults to bursting. | `string` | `"bursting"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | +| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | Zone ID for internet facing load balancer | +| [security\_group\_id](#output\_security\_group\_id) | The default security group of your Teamcity service. | +| [teamcity\_cluster\_id](#output\_teamcity\_cluster\_id) | The ID of the ECS cluster | diff --git a/modules/unity/accelerator/README.md b/modules/unity/accelerator/README.md index a299a494..ff11e855 100644 --- a/modules/unity/accelerator/README.md +++ b/modules/unity/accelerator/README.md @@ -82,6 +82,16 @@ No modules. | [awscc_secretsmanager_secret.dashboard_password_arn](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [awscc_secretsmanager_secret.dashboard_username_arn](https://registry.terraform.io/providers/hashicorp/awscc/1.50.0/docs/resources/secretsmanager_secret) | resource | | [random_string.unity_accelerator_lb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/caller_identity) | data source | +| [aws_ecs_cluster.unity_accelerator_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_efs_file_system.efs_file_system](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/efs_file_system) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_lb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.cloudwatch_logs_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.unity_accelerator_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | +| [aws_subnet.nlb_subnets](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/subnet) | data source | ## Inputs @@ -119,4 +129,16 @@ No modules. | [unity\_accelerator\_lb\_access\_logs\_bucket](#input\_unity\_accelerator\_lb\_access\_logs\_bucket) | ID of the S3 bucket for Unity Accelerator Application Load Balancer and Network Load Balancer access log storage. If access logging is enabled and this is null the module creates a bucket. | `string` | `null` | no | | [unity\_accelerator\_log\_stdout](#input\_unity\_accelerator\_log\_stdout) | When true, outputs logs to stdout only. When false, writes logs to the persist directory. | `string` | `"true"` | no | | [unity\_accelerator\_nlb\_access\_logs\_prefix](#input\_unity\_accelerator\_nlb\_access\_logs\_prefix) | Log prefix for Unity Accelerator Network Load Balancer access logs. If null the project prefix and module name are used. | `string` | `null` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_dns\_name](#output\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | +| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | ID of the Application Load Balancer's (ALB) security group | +| [alb\_zone\_id](#output\_alb\_zone\_id) | Zone ID for Application Load Balancer (ALB) | +| [nlb\_dns\_name](#output\_nlb\_dns\_name) | DNS endpoint of Network Load Balancer (NLB) | +| [nlb\_zone\_id](#output\_nlb\_zone\_id) | Zone ID for Network Load Balancer (NLB) | +| [unity\_accelerator\_dashboard\_password\_arn](#output\_unity\_accelerator\_dashboard\_password\_arn) | AWS Secrets Manager secret's ARN containing the Unity Accelerator web dashboard's username. | +| [unity\_accelerator\_dashboard\_username\_arn](#output\_unity\_accelerator\_dashboard\_username\_arn) | AWS Secrets Manager secret's ARN containing the Unity Accelerator web dashboard's password. | diff --git a/modules/unity/floating-license-server/README.md b/modules/unity/floating-license-server/README.md index 60d7a74e..8124fdaf 100644 --- a/modules/unity/floating-license-server/README.md +++ b/modules/unity/floating-license-server/README.md @@ -100,6 +100,13 @@ No modules. | [null_resource.generate_presigned_urls](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.wait_for_user_data](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [random_string.alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource | +| [aws_ami.ubuntu_latest](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_instance.unity_license_server](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/instance) | data source | +| [aws_network_interface.existing_eni](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/network_interface) | data source | +| [local_file.config_url](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | +| [local_file.registration_url](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | ## Inputs @@ -129,4 +136,23 @@ No modules. | [unity\_license\_server\_instance\_type](#input\_unity\_license\_server\_instance\_type) | The instance type to use for the Unity Floating License Server. Defaults to t3.small. | `string` | `"t3.small"` | no | | [unity\_license\_server\_name](#input\_unity\_license\_server\_name) | Name of the Unity Floating License Server. | `string` | `"UnityLicenseServer"` | no | | [unity\_license\_server\_port](#input\_unity\_license\_server\_port) | Port the Unity Floating License Server will listen on (between 1025 and 65535). Defaults to 8080. | `string` | `"8080"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_dns\_name](#output\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB). | +| [alb\_security\_group\_id](#output\_alb\_security\_group\_id) | ID of the Application Load Balancer's (ALB) security group. | +| [alb\_zone\_id](#output\_alb\_zone\_id) | Zone ID for Application Load Balancer (ALB). | +| [created\_unity\_license\_server\_security\_group\_id](#output\_created\_unity\_license\_server\_security\_group\_id) | Id of the security group created by the script, for the Unity License Server instance. Null if an ENI was provided externally instead of created through the script. | +| [dashboard\_password\_secret\_arn](#output\_dashboard\_password\_secret\_arn) | ARN of the secret containing the dashboard password. | +| [eni\_id](#output\_eni\_id) | Elastic Network ID (ENI) used when binding the Unity Floating License Server. | +| [instance\_private\_ip](#output\_instance\_private\_ip) | The EC2 instance's private IP address. | +| [instance\_public\_ip](#output\_instance\_public\_ip) | The resulting EC2 instance's public IP, if configured. | +| [registration\_request\_filename](#output\_registration\_request\_filename) | Filename for the server registration request file. | +| [registration\_request\_presigned\_url](#output\_registration\_request\_presigned\_url) | Presigned URL for downloading the server registration request file (valid for 1 hour). | +| [services\_config\_filename](#output\_services\_config\_filename) | Filename for the services config file. | +| [services\_config\_presigned\_url](#output\_services\_config\_presigned\_url) | Presigned URL for downloading the services configuration file (valid for 1 hour). | +| [unity\_license\_server\_port](#output\_unity\_license\_server\_port) | Port the Unity Floating License Server will listen on. | +| [unity\_license\_server\_s3\_bucket](#output\_unity\_license\_server\_s3\_bucket) | S3 bucket name used by the Unity License Server service. | diff --git a/modules/unreal/horde/README.md b/modules/unreal/horde/README.md index 59f4a766..e5f3f970 100644 --- a/modules/unreal/horde/README.md +++ b/modules/unreal/horde/README.md @@ -117,6 +117,16 @@ No modules. | [random_string.unreal_horde](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.unreal_horde_alb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | | [random_string.unreal_horde_ansible_playbooks_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ecs_cluster.unreal_horde_cluster](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ecs_cluster) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ec2_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.ecs_tasks_trust_relationship](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.horde_agents_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.unreal_horde_default_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.unreal_horde_elasticache_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.unreal_horde_secrets_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/region) | data source | ## Inputs @@ -187,4 +197,17 @@ No modules. | [unreal\_horde\_cloudwatch\_log\_retention\_in\_days](#input\_unreal\_horde\_cloudwatch\_log\_retention\_in\_days) | The log retention in days of the cloudwatch log group for Unreal Horde. | `string` | `365` | no | | [unreal\_horde\_external\_alb\_subnets](#input\_unreal\_horde\_external\_alb\_subnets) | A list of subnets to deploy the Unreal Horde load balancer into. Public subnets are recommended. | `list(string)` | `[]` | no | | [unreal\_horde\_internal\_alb\_subnets](#input\_unreal\_horde\_internal\_alb\_subnets) | A list of subnets to deploy the Unreal Horde internal load balancer into. Private subnets are recommended. | `list(string)` | `[]` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [agent\_security\_group\_id](#output\_agent\_security\_group\_id) | n/a | +| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | n/a | +| [external\_alb\_sg\_id](#output\_external\_alb\_sg\_id) | n/a | +| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | n/a | +| [internal\_alb\_dns\_name](#output\_internal\_alb\_dns\_name) | n/a | +| [internal\_alb\_sg\_id](#output\_internal\_alb\_sg\_id) | n/a | +| [internal\_alb\_zone\_id](#output\_internal\_alb\_zone\_id) | n/a | +| [service\_security\_group\_id](#output\_service\_security\_group\_id) | n/a | diff --git a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md index bcaf0e71..9a8b541c 100644 --- a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md +++ b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/README.md @@ -160,6 +160,13 @@ No modules. | [aws_vpc_security_group_ingress_rule.self_ingress_cluster_sg_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.self_ingress_sg_rules](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [random_string.scylla_monitoring_lb_access_logs_bucket_suffix](https://registry.terraform.io/providers/hashicorp/random/3.7.2/docs/resources/string) | resource | +| [aws_ami.amazon_linux](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_ami.scylla_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source | +| [aws_iam_policy_document.access_logs_bucket_alb_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.scylla_monitoring_assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.scylla_monitoring_policy_doc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [tls_certificate.eks_tls_certificate](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/data-sources/certificate) | data source | ## Inputs @@ -212,6 +219,24 @@ No modules. | [worker\_managed\_node\_max\_size](#input\_worker\_managed\_node\_max\_size) | Max number of worker managed node group instances. | `number` | `1` | no | | [worker\_managed\_node\_min\_size](#input\_worker\_managed\_node\_min\_size) | Min number of worker managed node group instances. | `number` | `0` | no | | [worker\_node\_group\_label](#input\_worker\_node\_group\_label) | Label applied to worker node group. These will need to be matched in values for taints and tolerations for the worker pod definition. | `map(string)` | 
{
  "unreal-cloud-ddc/node-type": "worker"
}
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [cluster\_arn](#output\_cluster\_arn) | ARN of the EKS Cluster | +| [cluster\_certificate\_authority\_data](#output\_cluster\_certificate\_authority\_data) | Public key for the EKS Cluster | +| [cluster\_endpoint](#output\_cluster\_endpoint) | EKS Cluster Endpoint | +| [cluster\_name](#output\_cluster\_name) | Name of the EKS Cluster | +| [external\_alb\_dns\_name](#output\_external\_alb\_dns\_name) | DNS endpoint of Application Load Balancer (ALB) | +| [external\_alb\_zone\_id](#output\_external\_alb\_zone\_id) | Zone ID for internet facing load balancer | +| [nvme\_node\_group\_label](#output\_nvme\_node\_group\_label) | Label for the NVME node group | +| [oidc\_provider\_arn](#output\_oidc\_provider\_arn) | OIDC provider for the EKS Cluster | +| [peer\_security\_group\_id](#output\_peer\_security\_group\_id) | ID of the Peer Security Group | +| [s3\_bucket\_id](#output\_s3\_bucket\_id) | Bucket to be used for the Unreal Cloud DDC assets | +| [scylla\_ips](#output\_scylla\_ips) | IPs of the Scylla EC2 instances | +| [system\_node\_group\_label](#output\_system\_node\_group\_label) | Label for the System node group | +| [worker\_node\_group\_label](#output\_worker\_node\_group\_label) | Label for the Worker node group | ## Requirements diff --git a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md index b7feb56c..e669ce07 100644 --- a/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md +++ b/modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/README.md @@ -114,6 +114,13 @@ The `unreal_cloud_ddc_helm_values` variable provides an open-ended way to config | [helm_release.unreal_cloud_ddc](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | | [kubernetes_namespace.unreal_cloud_ddc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource | | [kubernetes_service_account.unreal_cloud_ddc_service_account](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_eks_cluster.unreal_cloud_ddc_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source | +| [aws_iam_openid_connect_provider.oidc_provider](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_openid_connect_provider) | data source | +| [aws_iam_policy_document.unreal_cloud_ddc_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_lb.unreal_cloud_ddc_load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws_s3_bucket.unreal_cloud_ddc_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | ## Inputs @@ -133,6 +140,13 @@ The `unreal_cloud_ddc_helm_values` variable provides an open-ended way to config | [unreal\_cloud\_ddc\_namespace](#input\_unreal\_cloud\_ddc\_namespace) | Namespace for Unreal Cloud DDC | `string` | `"unreal-cloud-ddc"` | no | | [unreal\_cloud\_ddc\_service\_account\_name](#input\_unreal\_cloud\_ddc\_service\_account\_name) | Name of Unreal Cloud DDC service account. | `string` | `"unreal-cloud-ddc-sa"` | no | | [unreal\_cloud\_ddc\_version](#input\_unreal\_cloud\_ddc\_version) | Version of the Unreal Cloud DDC Helm chart. | `string` | `"1.2.0"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [unreal\_cloud\_ddc\_load\_balancer\_name](#output\_unreal\_cloud\_ddc\_load\_balancer\_name) | n/a | +| [unreal\_cloud\_ddc\_load\_balancer\_zone\_id](#output\_unreal\_cloud\_ddc\_load\_balancer\_zone\_id) | n/a | ## Requirements diff --git a/modules/vdi/README.md b/modules/vdi/README.md index 35ea5f82..03470c91 100644 --- a/modules/vdi/README.md +++ b/modules/vdi/README.md @@ -595,6 +595,10 @@ No modules. | [tls_private_key.client_vpn_users](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource | | [tls_private_key.workstation_keys](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource | | [tls_self_signed_cert.client_vpn_ca](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) | resource | +| [aws_iam_policy_document.vdi_instance_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws_subnet.workstation_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source | +| [aws_vpc.selected](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | ## Inputs @@ -615,6 +619,19 @@ No modules. | [tags](#input\_tags) | Tags to apply to resources. | `map(any)` | 
{
  "IaC": "Terraform",
  "ModuleBy": "CGD-Toolkit",
  "ModuleName": "terraform-aws-vdi",
  "ModuleSource": "https://github.com/aws-games/cloud-game-development-toolkit/tree/main/modules/vdi",
  "RootModuleName": "-"
}
| no | | [users](#input\_users) | Local Windows user accounts with Windows group types and network connectivity (managed via Secrets Manager)

**KEY BECOMES WINDOWS USERNAME**: The map key (e.g., "john-doe") becomes the actual Windows username created on VDI instances.

type options (Windows groups):
- "fleet\_administrator": User added to Windows Administrators group, created on ALL workstations (fleet management)
- "administrator": User added to Windows Administrators group, created only on assigned workstation
- "user": User added to Windows Users group, created only on assigned workstation

use\_client\_vpn options (VPN access):
- false: User accesses VDI via public internet or external VPN (default)
- true: User accesses VDI via module's Client VPN (generates VPN config)

Example:
users = {
"vdiadmin" = { # ← This key becomes Windows username "vdiadmin"
given\_name = "VDI"
family\_name = "Administrator"
email = "admin@example.com"
type = "fleet\_administrator" # Windows Administrators group on ALL workstations
use\_client\_vpn = false # Accesses via public internet/external VPN
}
"alice" = { # ← Public connectivity user
given\_name = "Alice"
family\_name = "Smith"
email = "alice@example.com"
type = "user" # Windows Users group
use\_client\_vpn = false # Accesses via public internet (allowed\_cidr\_blocks)
}
"bob" = { # ← Private connectivity user
given\_name = "Bob"
family\_name = "Johnson"
email = "bob@example.com"
type = "user" # Windows Users group
use\_client\_vpn = true # Accesses via module's Client VPN
}
}

# User assignment is now direct:
# assigned\_user = "naruto-uzumaki" # References users{} key directly in workstation | 
map(object({
    given_name     = string
    family_name    = string
    email          = string
    type           = optional(string, "user") # "administrator" or "user" (Windows group)
    use_client_vpn = optional(bool, false)    # Whether this user connects via module's Client VPN
    tags           = optional(map(string), {})
  }))
| `{}` | no | | [workstations](#input\_workstations) | Physical infrastructure instances with template references and placement configuration.

**KEY BECOMES WORKSTATION NAME**: The map key (e.g., "alice-workstation") becomes the workstation identifier used throughout the module.

Workstations inherit configuration from templates via preset\_key reference.

Example:
workstations = {
# Public connectivity - user accesses via internet
"alice-workstation" = {
preset\_key = "ue-developer"
subnet\_id = "subnet-public-123" # Public subnet
security\_groups = ["sg-vdi-public"]
assigned\_user = "alice"
allowed\_cidr\_blocks = ["203.0.113.1/32"] # Alice's home IP
}
# Private connectivity - user accesses via VPN
"bob-workstation" = {
preset\_key = "basic-workstation"
subnet\_id = "subnet-private-456" # Private subnet
security\_groups = ["sg-vdi-private"]
assigned\_user = "bob"
# No allowed\_cidr\_blocks - accessed via Client VPN
}
# Additional volumes at workstation level
"dev-workstation" = {
preset\_key = "basic-workstation"
subnet\_id = "subnet-private-789"
security\_groups = ["sg-vdi-private"]
volumes = {
ExtraStorage = { capacity = 2000, type = "gp3", windows\_drive = "Y:" }
}
}
}

# User assignment is now direct:
# assigned\_user = "alice" # References users{} key directly in workstation

Drive letters are auto-assigned by Windows. Users can reassign them via Disk Management if needed.

additional\_policy\_arns: List of additional IAM policy ARNs to attach to the VDI instance role.
Example: ["arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess", "arn:aws:iam::123456789012:policy/MyCustomPolicy"] | 
map(object({
    # Preset reference (optional - can use direct config instead)
    preset_key = optional(string, null)

    # Infrastructure placement
    subnet_id       = string
    security_groups = list(string)
    assigned_user   = optional(string, null) # User assigned to this workstation (for administrator/user types only)

    # Direct configuration (used when preset_key is null or as overrides)
    ami           = optional(string, null)
    instance_type = optional(string, null)
    gpu_enabled   = optional(bool, null)
    volumes = optional(map(object({
      capacity   = number
      type       = string
      iops       = optional(number, 3000)
      throughput = optional(number, 125)
      encrypted  = optional(bool, true)
    })), null)
    iam_instance_profile   = optional(string, null)
    additional_policy_arns = optional(list(string), []) # Additional IAM policy ARNs to attach to the VDI instance role
    software_packages      = optional(list(string), null)

    # Optional overrides
    allowed_cidr_blocks             = optional(list(string), null)
    capacity_reservation_preference = optional(string, null)
    tags                            = optional(map(string), null)
  }))
| `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [ami\_id](#output\_ami\_id) | AMI ID used for workstations | +| [connection\_info](#output\_connection\_info) | Complete connection information for VDI workstations | +| [emergency\_key\_paths](#output\_emergency\_key\_paths) | S3 paths for emergency private keys | +| [private\_keys](#output\_private\_keys) | Private keys for emergency access (sensitive) | +| [private\_zone\_id](#output\_private\_zone\_id) | Private hosted zone ID for creating additional VPC associations | +| [private\_zone\_name](#output\_private\_zone\_name) | Private hosted zone name | +| [public\_ips](#output\_public\_ips) | Map of workstation public IP addresses | +| [vpn\_configs\_bucket](#output\_vpn\_configs\_bucket) | S3 bucket name for VPN configuration files | ## Volume Management diff --git a/modules/vdi/examples/private-connectivity/README.md b/modules/vdi/examples/private-connectivity/README.md index 9da3c44c..6d8b7bd3 100644 --- a/modules/vdi/examples/private-connectivity/README.md +++ b/modules/vdi/examples/private-connectivity/README.md @@ -113,8 +113,18 @@ Check installation progress via CloudWatch logs or SSM status commands in output | [aws_vpc_security_group_ingress_rule.vdi_dcv](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_rdp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | +| [aws_ami.vdi_lightweight_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_ami.vdi_ue_gamedev_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | ## Inputs No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [connection\_info](#output\_connection\_info) | VDI connection information | diff --git a/modules/vdi/examples/public-connectivity/README.md b/modules/vdi/examples/public-connectivity/README.md index 4e805972..07c33585 100644 --- a/modules/vdi/examples/public-connectivity/README.md +++ b/modules/vdi/examples/public-connectivity/README.md @@ -220,8 +220,19 @@ If custom AMIs aren't built, Terraform will fail with data source error: | [aws_vpc_security_group_ingress_rule.vdi_http](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.vdi_rdp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | +| [aws_ami.vdi_lightweight_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_ami.vdi_ue_gamedev_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source | ## Inputs No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [connection\_info](#output\_connection\_info) | VDI connection information | diff --git a/samples/simple-build-pipeline/README.md b/samples/simple-build-pipeline/README.md index e95584b1..9569b2fc 100644 --- a/samples/simple-build-pipeline/README.md +++ b/samples/simple-build-pipeline/README.md @@ -370,10 +370,23 @@ Tearing down the resources created by the _Simple Build Pipeline_ is as easy as | [aws_vpc_security_group_ingress_rule.p4_code_review_http_from_internal_alb](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.p4_server_from_jenkins_build_farm](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.p4_server_from_jenkins_service](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/resources/vpc_security_group_ingress_rule) | resource | +| [aws_ami.ubuntu_noble_amd](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/ami) | data source | +| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/availability_zones) | data source | +| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/6.6.0/docs/data-sources/route53_zone) | data source | +| [http_http.my_ip](https://registry.terraform.io/providers/hashicorp/http/3.5.0/docs/data-sources/http) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The fully qualified domain name of your existing Route53 Hosted Zone. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [jenkins\_url](#output\_jenkins\_url) | The URL for the Jenkins service. | +| [p4\_auth\_admin\_url](#output\_p4\_auth\_admin\_url) | The URL for the P4Auth service admin page. | +| [p4\_code\_review\_url](#output\_p4\_code\_review\_url) | The URL for the P4 Code Review service. | +| [p4\_server\_connection\_string](#output\_p4\_server\_connection\_string) | The connection string for the P4 Server. Set your P4PORT environment variable to this value. | diff --git a/samples/unreal-cloud-ddc-single-region/README.md b/samples/unreal-cloud-ddc-single-region/README.md index 74adf68c..e9470b87 100644 --- a/samples/unreal-cloud-ddc-single-region/README.md +++ b/samples/unreal-cloud-ddc-single-region/README.md @@ -126,6 +126,13 @@ This sample also deploys a ScyllaDB monitoring stack, enabling real-time insight | [aws_vpc_security_group_ingress_rule.unreal_ddc_load_balancer_http_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [aws_vpc_security_group_ingress_rule.unreal_ddc_load_balancer_https_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource | | [awscc_secretsmanager_secret.unreal_cloud_ddc_token](https://registry.terraform.io/providers/hashicorp/awscc/latest/docs/resources/secretsmanager_secret) | resource | +| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws_route53_zone.root](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | +| [aws_secretsmanager_secret_version.unreal_cloud_ddc_token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret_version) | data source | +| [http_http.public_ip](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source | ## Inputs @@ -134,6 +141,14 @@ This sample also deploys a ScyllaDB monitoring stack, enabling real-time insight | [github\_credential\_arn](#input\_github\_credential\_arn) | Github Credential ARN | `string` | n/a | yes | | [route53\_public\_hosted\_zone\_name](#input\_route53\_public\_hosted\_zone\_name) | The root domain name for the Hosted Zone where the ScyllaDB monitoring record should be created. | `string` | n/a | yes | | [allow\_my\_ip](#input\_allow\_my\_ip) | Automatically add your IP to the security groups allowing access to the Unreal DDC and SycllaDB Monitoring load balancers | `bool` | `true` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [monitoring\_url](#output\_monitoring\_url) | n/a | +| [unreal\_cloud\_ddc\_bearer\_token\_arn](#output\_unreal\_cloud\_ddc\_bearer\_token\_arn) | n/a | +| [unreal\_ddc\_url](#output\_unreal\_ddc\_url) | n/a | ## Requirements