Skip to content

Commit

Permalink
fix output and friendly name of main and dr in dsf deployment aws and…
Browse files Browse the repository at this point in the history
… azure
  • Loading branch information
sivan-hajbi-imperva committed Sep 13, 2023
1 parent c051014 commit f4cc357
Show file tree
Hide file tree
Showing 8 changed files with 69 additions and 69 deletions.
4 changes: 2 additions & 2 deletions examples/azure/dsf_deployment/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ output "generated_network" {

output "sonar" {
value = var.enable_sonar ? {
hub = {
hub_main = {
public_ip = try(module.hub_main[0].public_ip, null)
private_ip = try(module.hub_main[0].private_ip, null)
jsonar_uid = try(module.hub_main[0].jsonar_uid, null)
Expand All @@ -37,7 +37,7 @@ output "sonar" {
principal_id = try(module.hub_dr[0].principal_id, null)
ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_dr[0].ssh_user}@${module.hub_dr[0].public_ip}", null)
} : null
agentless_gw = [
agentless_gw_main = [
for idx, val in module.agentless_gw_main :
{
private_ip = try(val.private_ip, null)
Expand Down
6 changes: 3 additions & 3 deletions examples/azure/dsf_deployment/sonar.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ module "hub_main" {
# version = "1.3.5" # latest release tag
count = var.enable_sonar ? 1 : 0

friendly_name = join("-", [local.deployment_name_salted, "hub"])
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
resource_group = local.resource_group
subnet_id = module.network[0].vnet_subnets[0]
binaries_location = local.tarball_location
Expand Down Expand Up @@ -88,7 +88,7 @@ module "agentless_gw_main" {
# version = "1.3.5" # latest release tag
count = local.agentless_gw_count

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"])
resource_group = local.resource_group
subnet_id = module.network[0].vnet_subnets[0]
storage_details = var.agentless_gw_storage_details
Expand Down Expand Up @@ -119,7 +119,7 @@ module "agentless_gw_dr" {
# version = "1.3.5" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
resource_group = local.resource_group
subnet_id = module.network[0].vnet_subnets[1]
storage_details = var.agentless_gw_storage_details
Expand Down
4 changes: 2 additions & 2 deletions examples/installation/dsf_single_account_deployment/sonar.tf
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ module "agentless_gw_main" {
version = "1.5.4" # latest release tag
count = local.agentless_gw_count

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "main", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"])
instance_type = var.agentless_gw_instance_type
subnet_id = var.subnet_ids.agentless_gw_main_subnet_id
security_group_ids = var.security_group_ids_gw_main
Expand Down Expand Up @@ -167,7 +167,7 @@ module "agentless_gw_dr" {
version = "1.5.4" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
instance_type = var.agentless_gw_instance_type
subnet_id = var.subnet_ids.agentless_gw_dr_subnet_id
security_group_ids = var.security_group_ids_gw_dr
Expand Down
10 changes: 5 additions & 5 deletions examples/poc/dsf_deployment/agentless_sources.tf
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,15 @@ module "db_onboarding" {
for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val }

sonar_version = module.globals.tarball_location.version
usc_access_token = module.hub[0].access_tokens.usc.token
usc_access_token = module.hub_main[0].access_tokens.usc.token
hub_info = {
hub_ip_address = module.hub[0].public_ip
hub_ip_address = module.hub_main[0].public_ip
hub_private_ssh_key_path = module.key_pair.private_key_file_path
hub_ssh_user = module.hub[0].ssh_user
hub_ssh_user = module.hub_main[0].ssh_user
}

assignee_gw = module.agentless_gw[0].jsonar_uid
assignee_role = module.agentless_gw[0].iam_role
assignee_gw = module.agentless_gw_main[0].jsonar_uid
assignee_role = module.agentless_gw_main[0].iam_role
database_details = {
db_username = each.value.db_username
db_password = each.value.db_password
Expand Down
4 changes: 2 additions & 2 deletions examples/poc/dsf_deployment/dam.tf
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ module "mx" {
allowed_hub_cidrs = local.hub_cidr_list

hub_details = var.enable_sonar ? {
address = coalesce(module.hub[0].public_dns, module.hub[0].private_dns)
access_token = module.hub[0].access_tokens["dam-to-hub"].token
address = coalesce(module.hub_main[0].public_dns, module.hub_main[0].private_dns)
access_token = module.hub_main[0].access_tokens["dam-to-hub"].token
port = 8443
} : null
attach_persistent_public_ip = true
Expand Down
34 changes: 17 additions & 17 deletions examples/poc/dsf_deployment/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,16 +21,16 @@ output "generated_network" {

output "sonar" {
value = var.enable_sonar ? {
hub = {
public_ip = try(module.hub[0].public_ip, null)
public_dns = try(module.hub[0].public_dns, null)
private_ip = try(module.hub[0].private_ip, null)
private_dns = try(module.hub[0].private_dns, null)
jsonar_uid = try(module.hub[0].jsonar_uid, null)
display_name = try(module.hub[0].display_name, null)
role_arn = try(module.hub[0].iam_role, null)
ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub[0].ssh_user}@${module.hub[0].public_dns}", null)
tokens = nonsensitive(module.hub[0].access_tokens)
hub_main = {
public_ip = try(module.hub_main[0].public_ip, null)
public_dns = try(module.hub_main[0].public_dns, null)
private_ip = try(module.hub_main[0].private_ip, null)
private_dns = try(module.hub_main[0].private_dns, null)
jsonar_uid = try(module.hub_main[0].jsonar_uid, null)
display_name = try(module.hub_main[0].display_name, null)
role_arn = try(module.hub_main[0].iam_role, null)
ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_dns}", null)
tokens = nonsensitive(module.hub_main[0].access_tokens)
}
hub_dr = var.hub_hadr ? {
public_ip = try(module.hub_dr[0].public_ip, null)
Expand All @@ -42,15 +42,15 @@ output "sonar" {
role_arn = try(module.hub_dr[0].iam_role, null)
ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_dr[0].ssh_user}@${module.hub_dr[0].public_dns}", null)
} : null
agentless_gw = [
for idx, val in module.agentless_gw :
agentless_gw_main = [
for idx, val in module.agentless_gw_main :
{
private_ip = try(val.private_ip, null)
private_dns = try(val.private_dns, null)
jsonar_uid = try(val.jsonar_uid, null)
display_name = try(val.display_name, null)
role_arn = try(val.iam_role, null)
ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
}
]
agentless_gw_dr = var.agentless_gw_hadr ? [
Expand All @@ -61,7 +61,7 @@ output "sonar" {
jsonar_uid = try(val.jsonar_uid, null)
display_name = try(val.display_name, null)
role_arn = try(val.iam_role, null)
ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null)
}
] : []
} : null
Expand Down Expand Up @@ -142,10 +142,10 @@ output "audit_sources" {

output "web_console_dsf_hub" {
value = try({
user = module.hub[0].web_console_user
user = module.hub_main[0].web_console_user
password = nonsensitive(local.password)
public_url = join("", ["https://", module.hub[0].public_dns, ":8443/"])
private_url = join("", ["https://", module.hub[0].private_dns, ":8443/"])
public_url = join("", ["https://", module.hub_main[0].public_dns, ":8443/"])
private_url = join("", ["https://", module.hub_main[0].private_dns, ":8443/"])
}, null)
}

Expand Down
60 changes: 30 additions & 30 deletions examples/poc/dsf_deployment/sonar.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,18 +3,18 @@ locals {
tarball_location = var.tarball_location != null ? var.tarball_location : module.globals.tarball_location
agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0

hub_public_ip = var.enable_sonar ? (length(module.hub[0].public_ip) > 0 ? format("%s/32", module.hub[0].public_ip) : null) : null
hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null
hub_dr_public_ip = var.enable_sonar && var.hub_hadr ? (length(module.hub_dr[0].public_ip) > 0 ? format("%s/32", module.hub_dr[0].public_ip) : null) : null
hub_cidr_list = compact([data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block, local.hub_public_ip, local.hub_dr_public_ip])
agentless_gw_cidr_list = [data.aws_subnet.agentless_gw.cidr_block, data.aws_subnet.agentless_gw_dr.cidr_block]
}

module "hub" {
module "hub_main" {
source = "imperva/dsf-hub/aws"
version = "1.5.4" # latest release tag
count = var.enable_sonar ? 1 : 0

friendly_name = join("-", [local.deployment_name_salted, "hub"])
friendly_name = join("-", [local.deployment_name_salted, "hub", "main"])
subnet_id = local.hub_subnet_id
binaries_location = local.tarball_location
password = local.password
Expand Down Expand Up @@ -58,8 +58,8 @@ module "hub_dr" {
attach_persistent_public_ip = true
use_public_ip = true
hadr_dr_node = true
main_node_sonarw_public_key = module.hub[0].sonarw_public_key
main_node_sonarw_private_key = module.hub[0].sonarw_private_key
main_node_sonarw_public_key = module.hub_main[0].sonarw_public_key
main_node_sonarw_private_key = module.hub_main[0].sonarw_private_key
generate_access_tokens = true
ssh_key_pair = {
ssh_private_key_file_path = module.key_pair.private_key_file_path
Expand All @@ -82,30 +82,30 @@ module "hub_hadr" {
count = length(module.hub_dr) > 0 ? 1 : 0

sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.hub[0].public_ip
dsf_main_private_ip = module.hub[0].private_ip
dsf_main_ip = module.hub_main[0].public_ip
dsf_main_private_ip = module.hub_main[0].private_ip
dsf_dr_ip = module.hub_dr[0].public_ip
dsf_dr_private_ip = module.hub_dr[0].private_ip
ssh_key_path = module.key_pair.private_key_file_path
ssh_user = module.hub[0].ssh_user
ssh_user = module.hub_main[0].ssh_user
depends_on = [
module.hub,
module.hub_main,
module.hub_dr
]
}

module "agentless_gw" {
module "agentless_gw_main" {
source = "imperva/dsf-agentless-gw/aws"
version = "1.5.4" # latest release tag
count = local.agentless_gw_count

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"])
subnet_id = local.agentless_gw_subnet_id
ebs = var.agentless_gw_ebs_details
instance_type = var.agentless_gw_instance_type
binaries_location = local.tarball_location
password = local.password
hub_sonarw_public_key = module.hub[0].sonarw_public_key
hub_sonarw_public_key = module.hub_main[0].sonarw_public_key
ssh_key_pair = {
ssh_private_key_file_path = module.key_pair.private_key_file_path
ssh_public_key_name = module.key_pair.key_pair.key_pair_name
Expand All @@ -114,9 +114,9 @@ module "agentless_gw" {
allowed_hub_cidrs = [data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block]
allowed_all_cidrs = local.workstation_cidr
ingress_communication_via_proxy = {
proxy_address = module.hub[0].public_ip
proxy_address = module.hub_main[0].public_ip
proxy_private_ssh_key_path = module.key_pair.private_key_file_path
proxy_ssh_user = module.hub[0].ssh_user
proxy_ssh_user = module.hub_main[0].ssh_user
}
tags = local.tags
depends_on = [
Expand All @@ -129,16 +129,16 @@ module "agentless_gw_dr" {
version = "1.5.4" # latest release tag
count = var.agentless_gw_hadr ? local.agentless_gw_count : 0

friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index])
friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"])
subnet_id = local.agentless_gw_dr_subnet_id
ebs = var.agentless_gw_ebs_details
instance_type = var.agentless_gw_instance_type
binaries_location = local.tarball_location
password = local.password
hub_sonarw_public_key = module.hub[0].sonarw_public_key
hub_sonarw_public_key = module.hub_main[0].sonarw_public_key
hadr_dr_node = true
main_node_sonarw_public_key = module.agentless_gw[count.index].sonarw_public_key
main_node_sonarw_private_key = module.agentless_gw[count.index].sonarw_private_key
main_node_sonarw_public_key = module.agentless_gw_main[count.index].sonarw_public_key
main_node_sonarw_private_key = module.agentless_gw_main[count.index].sonarw_private_key
ssh_key_pair = {
ssh_private_key_file_path = module.key_pair.private_key_file_path
ssh_public_key_name = module.key_pair.key_pair.key_pair_name
Expand All @@ -147,9 +147,9 @@ module "agentless_gw_dr" {
allowed_hub_cidrs = [data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block]
allowed_all_cidrs = local.workstation_cidr
ingress_communication_via_proxy = {
proxy_address = module.hub[0].public_ip
proxy_address = module.hub_main[0].public_ip
proxy_private_ssh_key_path = module.key_pair.private_key_file_path
proxy_ssh_user = module.hub[0].ssh_user
proxy_ssh_user = module.hub_main[0].ssh_user
}
tags = local.tags
depends_on = [
Expand All @@ -163,31 +163,31 @@ module "agentless_gw_hadr" {
count = length(module.agentless_gw_dr)

sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.agentless_gw[count.index].private_ip
dsf_main_private_ip = module.agentless_gw[count.index].private_ip
dsf_main_ip = module.agentless_gw_main[count.index].private_ip
dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip
dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip
dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip
ssh_key_path = module.key_pair.private_key_file_path
ssh_user = module.agentless_gw[count.index].ssh_user
ssh_user = module.agentless_gw_main[count.index].ssh_user
proxy_info = {
proxy_address = module.hub[0].public_ip
proxy_address = module.hub_main[0].public_ip
proxy_private_ssh_key_path = module.key_pair.private_key_file_path
proxy_ssh_user = module.hub[0].ssh_user
proxy_ssh_user = module.hub_main[0].ssh_user
}
depends_on = [
module.agentless_gw,
module.agentless_gw_main,
module.agentless_gw_dr
]
}

locals {
gws = merge(
{ for idx, val in module.agentless_gw : "agentless-gw-${idx}" => val },
{ for idx, val in module.agentless_gw_main : "agentless-gw-${idx}" => val },
{ for idx, val in module.agentless_gw_dr : "agentless-gw-dr-${idx}" => val },
)
gws_set = values(local.gws)
hubs_set = concat(
var.enable_sonar ? [module.hub[0]] : [],
var.enable_sonar ? [module.hub_main[0]] : [],
var.enable_sonar && var.hub_hadr ? [module.hub_dr[0]] : []
)
hubs_keys = compact([
Expand Down Expand Up @@ -217,9 +217,9 @@ module "federation" {
gw_ssh_user = each.value[1].ssh_user
}
gw_proxy_info = {
proxy_address = module.hub[0].public_ip
proxy_address = module.hub_main[0].public_ip
proxy_private_ssh_key_path = module.key_pair.private_key_file_path
proxy_ssh_user = module.hub[0].ssh_user
proxy_ssh_user = module.hub_main[0].ssh_user
}
depends_on = [
module.hub_hadr,
Expand Down
16 changes: 8 additions & 8 deletions examples/poc/sonar_hadr_deployment/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -209,10 +209,10 @@ module "hub_hadr" {
version = "1.5.4" # latest release tag

sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.hub_main.public_ip
dsf_main_private_ip = module.hub_main.private_ip
dsf_dr_ip = module.hub_dr.public_ip
dsf_dr_private_ip = module.hub_dr.private_ip
dsf_main_ip = module.hub_main.public_ip
dsf_main_private_ip = module.hub_main.private_ip
dsf_dr_ip = module.hub_dr.public_ip
dsf_dr_private_ip = module.hub_dr.private_ip
ssh_key_path = module.key_pair.private_key_file_path
ssh_user = module.hub_main.ssh_user
depends_on = [
Expand All @@ -227,10 +227,10 @@ module "agentless_gw_hadr" {
count = var.gw_count

sonar_version = module.globals.tarball_location.version
dsf_main_ip = module.agentless_gw_main[count.index].private_ip
dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip
dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip
dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip
dsf_main_ip = module.agentless_gw_main[count.index].private_ip
dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip
dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip
dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip
ssh_key_path = module.key_pair.private_key_file_path
ssh_user = module.agentless_gw_main[count.index].ssh_user
proxy_info = {
Expand Down

0 comments on commit f4cc357

Please sign in to comment.