From f4cc357f1807364ceeaab9ae72807a7c981b8211 Mon Sep 17 00:00:00 2001 From: "sivan.hajbi" Date: Wed, 13 Sep 2023 20:23:29 +0300 Subject: [PATCH] fix output and friendly name of main and dr in dsf deployment aws and azure --- examples/azure/dsf_deployment/outputs.tf | 4 +- examples/azure/dsf_deployment/sonar.tf | 6 +- .../dsf_single_account_deployment/sonar.tf | 4 +- .../poc/dsf_deployment/agentless_sources.tf | 10 ++-- examples/poc/dsf_deployment/dam.tf | 4 +- examples/poc/dsf_deployment/outputs.tf | 34 +++++------ examples/poc/dsf_deployment/sonar.tf | 60 +++++++++---------- examples/poc/sonar_hadr_deployment/main.tf | 16 ++--- 8 files changed, 69 insertions(+), 69 deletions(-) diff --git a/examples/azure/dsf_deployment/outputs.tf b/examples/azure/dsf_deployment/outputs.tf index b4c331b09..ffd6f3435 100644 --- a/examples/azure/dsf_deployment/outputs.tf +++ b/examples/azure/dsf_deployment/outputs.tf @@ -20,7 +20,7 @@ output "generated_network" { output "sonar" { value = var.enable_sonar ? { - hub = { + hub_main = { public_ip = try(module.hub_main[0].public_ip, null) private_ip = try(module.hub_main[0].private_ip, null) jsonar_uid = try(module.hub_main[0].jsonar_uid, null) @@ -37,7 +37,7 @@ output "sonar" { principal_id = try(module.hub_dr[0].principal_id, null) ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_dr[0].ssh_user}@${module.hub_dr[0].public_ip}", null) } : null - agentless_gw = [ + agentless_gw_main = [ for idx, val in module.agentless_gw_main : { private_ip = try(val.private_ip, null) diff --git a/examples/azure/dsf_deployment/sonar.tf b/examples/azure/dsf_deployment/sonar.tf index 4ca363250..44719b5ee 100644 --- a/examples/azure/dsf_deployment/sonar.tf +++ b/examples/azure/dsf_deployment/sonar.tf @@ -8,7 +8,7 @@ module "hub_main" { # version = "1.3.5" # latest release tag count = var.enable_sonar ? 1 : 0 - friendly_name = join("-", [local.deployment_name_salted, "hub"]) + friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) resource_group = local.resource_group subnet_id = module.network[0].vnet_subnets[0] binaries_location = local.tarball_location @@ -88,7 +88,7 @@ module "agentless_gw_main" { # version = "1.3.5" # latest release tag count = local.agentless_gw_count - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) resource_group = local.resource_group subnet_id = module.network[0].vnet_subnets[0] storage_details = var.agentless_gw_storage_details @@ -119,7 +119,7 @@ module "agentless_gw_dr" { # version = "1.3.5" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) resource_group = local.resource_group subnet_id = module.network[0].vnet_subnets[1] storage_details = var.agentless_gw_storage_details diff --git a/examples/installation/dsf_single_account_deployment/sonar.tf b/examples/installation/dsf_single_account_deployment/sonar.tf index 4df0cb728..1a705998c 100644 --- a/examples/installation/dsf_single_account_deployment/sonar.tf +++ b/examples/installation/dsf_single_account_deployment/sonar.tf @@ -129,7 +129,7 @@ module "agentless_gw_main" { version = "1.5.4" # latest release tag count = local.agentless_gw_count - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "main", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) instance_type = var.agentless_gw_instance_type subnet_id = var.subnet_ids.agentless_gw_main_subnet_id security_group_ids = var.security_group_ids_gw_main @@ -167,7 +167,7 @@ module "agentless_gw_dr" { version = "1.5.4" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) instance_type = var.agentless_gw_instance_type subnet_id = var.subnet_ids.agentless_gw_dr_subnet_id security_group_ids = var.security_group_ids_gw_dr diff --git a/examples/poc/dsf_deployment/agentless_sources.tf b/examples/poc/dsf_deployment/agentless_sources.tf index 277d5ccbf..37a5e60fc 100644 --- a/examples/poc/dsf_deployment/agentless_sources.tf +++ b/examples/poc/dsf_deployment/agentless_sources.tf @@ -33,15 +33,15 @@ module "db_onboarding" { for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } sonar_version = module.globals.tarball_location.version - usc_access_token = module.hub[0].access_tokens.usc.token + usc_access_token = module.hub_main[0].access_tokens.usc.token hub_info = { - hub_ip_address = module.hub[0].public_ip + hub_ip_address = module.hub_main[0].public_ip hub_private_ssh_key_path = module.key_pair.private_key_file_path - hub_ssh_user = module.hub[0].ssh_user + hub_ssh_user = module.hub_main[0].ssh_user } - assignee_gw = module.agentless_gw[0].jsonar_uid - assignee_role = module.agentless_gw[0].iam_role + assignee_gw = module.agentless_gw_main[0].jsonar_uid + assignee_role = module.agentless_gw_main[0].iam_role database_details = { db_username = each.value.db_username db_password = each.value.db_password diff --git a/examples/poc/dsf_deployment/dam.tf b/examples/poc/dsf_deployment/dam.tf index 4b56e7347..a4a896ca1 100644 --- a/examples/poc/dsf_deployment/dam.tf +++ b/examples/poc/dsf_deployment/dam.tf @@ -25,8 +25,8 @@ module "mx" { allowed_hub_cidrs = local.hub_cidr_list hub_details = var.enable_sonar ? { - address = coalesce(module.hub[0].public_dns, module.hub[0].private_dns) - access_token = module.hub[0].access_tokens["dam-to-hub"].token + address = coalesce(module.hub_main[0].public_dns, module.hub_main[0].private_dns) + access_token = module.hub_main[0].access_tokens["dam-to-hub"].token port = 8443 } : null attach_persistent_public_ip = true diff --git a/examples/poc/dsf_deployment/outputs.tf b/examples/poc/dsf_deployment/outputs.tf index 030b3c095..71521b25b 100644 --- a/examples/poc/dsf_deployment/outputs.tf +++ b/examples/poc/dsf_deployment/outputs.tf @@ -21,16 +21,16 @@ output "generated_network" { output "sonar" { value = var.enable_sonar ? { - hub = { - public_ip = try(module.hub[0].public_ip, null) - public_dns = try(module.hub[0].public_dns, null) - private_ip = try(module.hub[0].private_ip, null) - private_dns = try(module.hub[0].private_dns, null) - jsonar_uid = try(module.hub[0].jsonar_uid, null) - display_name = try(module.hub[0].display_name, null) - role_arn = try(module.hub[0].iam_role, null) - ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub[0].ssh_user}@${module.hub[0].public_dns}", null) - tokens = nonsensitive(module.hub[0].access_tokens) + hub_main = { + public_ip = try(module.hub_main[0].public_ip, null) + public_dns = try(module.hub_main[0].public_dns, null) + private_ip = try(module.hub_main[0].private_ip, null) + private_dns = try(module.hub_main[0].private_dns, null) + jsonar_uid = try(module.hub_main[0].jsonar_uid, null) + display_name = try(module.hub_main[0].display_name, null) + role_arn = try(module.hub_main[0].iam_role, null) + ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_dns}", null) + tokens = nonsensitive(module.hub_main[0].access_tokens) } hub_dr = var.hub_hadr ? { public_ip = try(module.hub_dr[0].public_ip, null) @@ -42,15 +42,15 @@ output "sonar" { role_arn = try(module.hub_dr[0].iam_role, null) ssh_command = try("ssh -i ${local.private_key_file_path} ${module.hub_dr[0].ssh_user}@${module.hub_dr[0].public_dns}", null) } : null - agentless_gw = [ - for idx, val in module.agentless_gw : + agentless_gw_main = [ + for idx, val in module.agentless_gw_main : { private_ip = try(val.private_ip, null) private_dns = try(val.private_dns, null) jsonar_uid = try(val.jsonar_uid, null) display_name = try(val.display_name, null) role_arn = try(val.iam_role, null) - ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) + ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) } ] agentless_gw_dr = var.agentless_gw_hadr ? [ @@ -61,7 +61,7 @@ output "sonar" { jsonar_uid = try(val.jsonar_uid, null) display_name = try(val.display_name, null) role_arn = try(val.iam_role, null) - ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub[0].ssh_user}@${module.hub[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) + ssh_command = try("ssh -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.hub_main[0].ssh_user}@${module.hub_main[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) } ] : [] } : null @@ -142,10 +142,10 @@ output "audit_sources" { output "web_console_dsf_hub" { value = try({ - user = module.hub[0].web_console_user + user = module.hub_main[0].web_console_user password = nonsensitive(local.password) - public_url = join("", ["https://", module.hub[0].public_dns, ":8443/"]) - private_url = join("", ["https://", module.hub[0].private_dns, ":8443/"]) + public_url = join("", ["https://", module.hub_main[0].public_dns, ":8443/"]) + private_url = join("", ["https://", module.hub_main[0].private_dns, ":8443/"]) }, null) } diff --git a/examples/poc/dsf_deployment/sonar.tf b/examples/poc/dsf_deployment/sonar.tf index f87166157..60c0ffff4 100644 --- a/examples/poc/dsf_deployment/sonar.tf +++ b/examples/poc/dsf_deployment/sonar.tf @@ -3,18 +3,18 @@ locals { tarball_location = var.tarball_location != null ? var.tarball_location : module.globals.tarball_location agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0 - hub_public_ip = var.enable_sonar ? (length(module.hub[0].public_ip) > 0 ? format("%s/32", module.hub[0].public_ip) : null) : null + hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null hub_dr_public_ip = var.enable_sonar && var.hub_hadr ? (length(module.hub_dr[0].public_ip) > 0 ? format("%s/32", module.hub_dr[0].public_ip) : null) : null hub_cidr_list = compact([data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block, local.hub_public_ip, local.hub_dr_public_ip]) agentless_gw_cidr_list = [data.aws_subnet.agentless_gw.cidr_block, data.aws_subnet.agentless_gw_dr.cidr_block] } -module "hub" { +module "hub_main" { source = "imperva/dsf-hub/aws" version = "1.5.4" # latest release tag count = var.enable_sonar ? 1 : 0 - friendly_name = join("-", [local.deployment_name_salted, "hub"]) + friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = local.hub_subnet_id binaries_location = local.tarball_location password = local.password @@ -58,8 +58,8 @@ module "hub_dr" { attach_persistent_public_ip = true use_public_ip = true hadr_dr_node = true - main_node_sonarw_public_key = module.hub[0].sonarw_public_key - main_node_sonarw_private_key = module.hub[0].sonarw_private_key + main_node_sonarw_public_key = module.hub_main[0].sonarw_public_key + main_node_sonarw_private_key = module.hub_main[0].sonarw_private_key generate_access_tokens = true ssh_key_pair = { ssh_private_key_file_path = module.key_pair.private_key_file_path @@ -82,30 +82,30 @@ module "hub_hadr" { count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version - dsf_main_ip = module.hub[0].public_ip - dsf_main_private_ip = module.hub[0].private_ip + dsf_main_ip = module.hub_main[0].public_ip + dsf_main_private_ip = module.hub_main[0].private_ip dsf_dr_ip = module.hub_dr[0].public_ip dsf_dr_private_ip = module.hub_dr[0].private_ip ssh_key_path = module.key_pair.private_key_file_path - ssh_user = module.hub[0].ssh_user + ssh_user = module.hub_main[0].ssh_user depends_on = [ - module.hub, + module.hub_main, module.hub_dr ] } -module "agentless_gw" { +module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" version = "1.5.4" # latest release tag count = local.agentless_gw_count - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) subnet_id = local.agentless_gw_subnet_id ebs = var.agentless_gw_ebs_details instance_type = var.agentless_gw_instance_type binaries_location = local.tarball_location password = local.password - hub_sonarw_public_key = module.hub[0].sonarw_public_key + hub_sonarw_public_key = module.hub_main[0].sonarw_public_key ssh_key_pair = { ssh_private_key_file_path = module.key_pair.private_key_file_path ssh_public_key_name = module.key_pair.key_pair.key_pair_name @@ -114,9 +114,9 @@ module "agentless_gw" { allowed_hub_cidrs = [data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block] allowed_all_cidrs = local.workstation_cidr ingress_communication_via_proxy = { - proxy_address = module.hub[0].public_ip + proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = module.key_pair.private_key_file_path - proxy_ssh_user = module.hub[0].ssh_user + proxy_ssh_user = module.hub_main[0].ssh_user } tags = local.tags depends_on = [ @@ -129,16 +129,16 @@ module "agentless_gw_dr" { version = "1.5.4" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 - friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", "DR", count.index]) + friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) subnet_id = local.agentless_gw_dr_subnet_id ebs = var.agentless_gw_ebs_details instance_type = var.agentless_gw_instance_type binaries_location = local.tarball_location password = local.password - hub_sonarw_public_key = module.hub[0].sonarw_public_key + hub_sonarw_public_key = module.hub_main[0].sonarw_public_key hadr_dr_node = true - main_node_sonarw_public_key = module.agentless_gw[count.index].sonarw_public_key - main_node_sonarw_private_key = module.agentless_gw[count.index].sonarw_private_key + main_node_sonarw_public_key = module.agentless_gw_main[count.index].sonarw_public_key + main_node_sonarw_private_key = module.agentless_gw_main[count.index].sonarw_private_key ssh_key_pair = { ssh_private_key_file_path = module.key_pair.private_key_file_path ssh_public_key_name = module.key_pair.key_pair.key_pair_name @@ -147,9 +147,9 @@ module "agentless_gw_dr" { allowed_hub_cidrs = [data.aws_subnet.hub.cidr_block, data.aws_subnet.hub_dr.cidr_block] allowed_all_cidrs = local.workstation_cidr ingress_communication_via_proxy = { - proxy_address = module.hub[0].public_ip + proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = module.key_pair.private_key_file_path - proxy_ssh_user = module.hub[0].ssh_user + proxy_ssh_user = module.hub_main[0].ssh_user } tags = local.tags depends_on = [ @@ -163,31 +163,31 @@ module "agentless_gw_hadr" { count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version - dsf_main_ip = module.agentless_gw[count.index].private_ip - dsf_main_private_ip = module.agentless_gw[count.index].private_ip + dsf_main_ip = module.agentless_gw_main[count.index].private_ip + dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip ssh_key_path = module.key_pair.private_key_file_path - ssh_user = module.agentless_gw[count.index].ssh_user + ssh_user = module.agentless_gw_main[count.index].ssh_user proxy_info = { - proxy_address = module.hub[0].public_ip + proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = module.key_pair.private_key_file_path - proxy_ssh_user = module.hub[0].ssh_user + proxy_ssh_user = module.hub_main[0].ssh_user } depends_on = [ - module.agentless_gw, + module.agentless_gw_main, module.agentless_gw_dr ] } locals { gws = merge( - { for idx, val in module.agentless_gw : "agentless-gw-${idx}" => val }, + { for idx, val in module.agentless_gw_main : "agentless-gw-${idx}" => val }, { for idx, val in module.agentless_gw_dr : "agentless-gw-dr-${idx}" => val }, ) gws_set = values(local.gws) hubs_set = concat( - var.enable_sonar ? [module.hub[0]] : [], + var.enable_sonar ? [module.hub_main[0]] : [], var.enable_sonar && var.hub_hadr ? [module.hub_dr[0]] : [] ) hubs_keys = compact([ @@ -217,9 +217,9 @@ module "federation" { gw_ssh_user = each.value[1].ssh_user } gw_proxy_info = { - proxy_address = module.hub[0].public_ip + proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = module.key_pair.private_key_file_path - proxy_ssh_user = module.hub[0].ssh_user + proxy_ssh_user = module.hub_main[0].ssh_user } depends_on = [ module.hub_hadr, diff --git a/examples/poc/sonar_hadr_deployment/main.tf b/examples/poc/sonar_hadr_deployment/main.tf index 4685e5065..1ee34cdea 100644 --- a/examples/poc/sonar_hadr_deployment/main.tf +++ b/examples/poc/sonar_hadr_deployment/main.tf @@ -209,10 +209,10 @@ module "hub_hadr" { version = "1.5.4" # latest release tag sonar_version = module.globals.tarball_location.version - dsf_main_ip = module.hub_main.public_ip - dsf_main_private_ip = module.hub_main.private_ip - dsf_dr_ip = module.hub_dr.public_ip - dsf_dr_private_ip = module.hub_dr.private_ip + dsf_main_ip = module.hub_main.public_ip + dsf_main_private_ip = module.hub_main.private_ip + dsf_dr_ip = module.hub_dr.public_ip + dsf_dr_private_ip = module.hub_dr.private_ip ssh_key_path = module.key_pair.private_key_file_path ssh_user = module.hub_main.ssh_user depends_on = [ @@ -227,10 +227,10 @@ module "agentless_gw_hadr" { count = var.gw_count sonar_version = module.globals.tarball_location.version - dsf_main_ip = module.agentless_gw_main[count.index].private_ip - dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip - dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip - dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip + dsf_main_ip = module.agentless_gw_main[count.index].private_ip + dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip + dsf_dr_ip = module.agentless_gw_dr[count.index].private_ip + dsf_dr_private_ip = module.agentless_gw_dr[count.index].private_ip ssh_key_path = module.key_pair.private_key_file_path ssh_user = module.agentless_gw_main[count.index].ssh_user proxy_info = {