anniehedgpeth/main.tf Secret

## main.tf
resource "random_string" "friendly_name" {
  length  = 4
  upper   = false # Some AWS resources do not accept uppercase characters.
  number  = false
  special = false
}

module "kms_bastion" {
  source    = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/kms?ref=aaa-with-ssh"
  key_alias = "${random_string.friendly_name.result}-key"
}

module "secrets" {
  source    = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/secrets?ref=aaa-with-ssh"

  tfe_license = {
    name = "${random_string.friendly_name.result}-tfe-license"
    path = "${path.module}/files/licenses/Release_Candidate.rli"
  }
}

module "bastion_host" {
  source    = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/bastion_host?ref=aaa-with-ssh"
  subnet_id = module.public_active_active_bastion.private_subnet_ids[0]
  name      = random_string.friendly_name.result
  key_name  = "annie"
  vpc_id    = module.public_active_active_bastion.network_id
}

module "public_active_active_bastion" {
  source = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise?ref=aaa-with-ssh"

  is_dev = true

  acm_certificate_arn   = local.aws.domain.acm_certificate.arn
  domain_name           = replace(local.aws.domain.acm_certificate.domain_name, "*.", "")
  friendly_name_prefix  = random_string.friendly_name.result
  distribution          = "ubuntu"
  tfe_license_secret_id = module.secrets.tfe_license_secret_id

  ami_id                      = data.aws_ami.ubuntu.id
  iam_role_policy_arns        = ["arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"]
  instance_type               = "m5.xlarge"
  key_name                    = "annie"
  kms_key_arn                 = module.kms_bastion.key
  load_balancing_scheme       = "PUBLIC"
  node_count                  = 2
  redis_encryption_at_rest    = false
  redis_encryption_in_transit = false
  redis_use_password_auth     = false
  tfe_subdomain               = random_string.friendly_name.result

  asg_tags = local.tags
}

output "public_active_active_bastion" {
  value = module.public_active_active_bastion
  sensitive = true
}

output "public_active_active_bastion_tfe" {
  description = "TFE app info."
  value = {
    tfe_url            = module.public_active_active_bastion.tfe_url
    health_check       = "${module.public_active_active_bastion.tfe_url}/_health_check"
    iact_url           = "${module.public_active_active_bastion.tfe_url}/admin/retrieve-iact"
    initial_admin_user = "${module.public_active_active_bastion.tfe_url}/admin/initial-admin-user"
    # bastion_ip         = module.bastion_host.bastion_ip NOT VALIDATED
    # tfe_ip_addresses   = [module.public_active_active_bastion......] NEED OUTPUT FOR THIS
  }
}
	resource "random_string" "friendly_name" {
	length = 4
	upper = false # Some AWS resources do not accept uppercase characters.
	number = false
	special = false
	}

	module "kms_bastion" {
	source = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/kms?ref=aaa-with-ssh"
	key_alias = "${random_string.friendly_name.result}-key"
	}

	module "secrets" {
	source = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/secrets?ref=aaa-with-ssh"

	tfe_license = {
	name = "${random_string.friendly_name.result}-tfe-license"
	path = "${path.module}/files/licenses/Release_Candidate.rli"
	}
	}

	module "bastion_host" {
	source = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise//fixtures/bastion_host?ref=aaa-with-ssh"
	subnet_id = module.public_active_active_bastion.private_subnet_ids[0]
	name = random_string.friendly_name.result
	key_name = "annie"
	vpc_id = module.public_active_active_bastion.network_id
	}

	module "public_active_active_bastion" {
	source = "git::https://github.com/hashicorp/terraform-aws-terraform-enterprise?ref=aaa-with-ssh"

	is_dev = true

	acm_certificate_arn = local.aws.domain.acm_certificate.arn
	domain_name = replace(local.aws.domain.acm_certificate.domain_name, "*.", "")
	friendly_name_prefix = random_string.friendly_name.result
	distribution = "ubuntu"
	tfe_license_secret_id = module.secrets.tfe_license_secret_id

	ami_id = data.aws_ami.ubuntu.id
	iam_role_policy_arns = ["arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"]
	instance_type = "m5.xlarge"
	key_name = "annie"
	kms_key_arn = module.kms_bastion.key
	load_balancing_scheme = "PUBLIC"
	node_count = 2
	redis_encryption_at_rest = false
	redis_encryption_in_transit = false
	redis_use_password_auth = false
	tfe_subdomain = random_string.friendly_name.result

	asg_tags = local.tags
	}

	output "public_active_active_bastion" {
	value = module.public_active_active_bastion
	sensitive = true
	}

	output "public_active_active_bastion_tfe" {
	description = "TFE app info."
	value = {
	tfe_url = module.public_active_active_bastion.tfe_url
	health_check = "${module.public_active_active_bastion.tfe_url}/_health_check"
	iact_url = "${module.public_active_active_bastion.tfe_url}/admin/retrieve-iact"
	initial_admin_user = "${module.public_active_active_bastion.tfe_url}/admin/initial-admin-user"
	# bastion_ip = module.bastion_host.bastion_ip NOT VALIDATED
	# tfe_ip_addresses = [module.public_active_active_bastion......] NEED OUTPUT FOR THIS
	}
	}