From b7001c0965110d2b9a468647f828ca2418fc47f1 Mon Sep 17 00:00:00 2001 From: morgan Date: Wed, 12 Apr 2023 09:48:12 +0200 Subject: [PATCH] feat: do you really need backend replication pt 2 --- main.tf | 3 --- modules/aft-backend/variables.tf | 4 ---- modules/aft-backend/versions.tf | 2 +- modules/aft-ssm-parameters/ssm.tf | 6 ------ modules/aft-ssm-parameters/variables.tf | 4 ---- outputs.tf | 4 ---- providers.tf | 13 ------------- variables.tf | 9 --------- versions.tf | 2 +- 9 files changed, 2 insertions(+), 45 deletions(-) diff --git a/main.tf b/main.tf index 98d6a291..96c012fa 100644 --- a/main.tf +++ b/main.tf @@ -53,11 +53,9 @@ module "aft_account_request_framework" { module "aft_backend" { providers = { aws.primary_region = aws.aft_management - aws.secondary_region = aws.tf_backend_secondary_region } source = "./modules/aft-backend" primary_region = var.ct_home_region - secondary_region = var.tf_backend_secondary_region } module "aft_code_repositories" { @@ -235,7 +233,6 @@ module "aft_ssm_parameters" { account_request_repo_name = var.account_request_repo_name vcs_provider = var.vcs_provider aft_config_backend_primary_region = var.ct_home_region - aft_config_backend_secondary_region = var.tf_backend_secondary_region aft_framework_repo_url = var.aft_framework_repo_url aft_framework_repo_git_ref = local.aft_framework_repo_git_ref terraform_token = var.terraform_token diff --git a/modules/aft-backend/variables.tf b/modules/aft-backend/variables.tf index 80b28895..048bd621 100644 --- a/modules/aft-backend/variables.tf +++ b/modules/aft-backend/variables.tf @@ -4,7 +4,3 @@ variable "primary_region" { type = string } - -variable "secondary_region" { - type = string -} diff --git a/modules/aft-backend/versions.tf b/modules/aft-backend/versions.tf index ff49573b..4e2c5e68 100755 --- a/modules/aft-backend/versions.tf +++ b/modules/aft-backend/versions.tf @@ -8,7 +8,7 @@ terraform { aws = { source = "hashicorp/aws" version = ">= 4.9.0" - configuration_aliases = [aws.primary_region, aws.secondary_region] + configuration_aliases = [aws.primary_region] } } } diff --git a/modules/aft-ssm-parameters/ssm.tf b/modules/aft-ssm-parameters/ssm.tf index 2800f21c..040db827 100644 --- a/modules/aft-ssm-parameters/ssm.tf +++ b/modules/aft-ssm-parameters/ssm.tf @@ -241,12 +241,6 @@ resource "aws_ssm_parameter" "aft_config_backend_primary_region" { value = var.aft_config_backend_primary_region } -resource "aws_ssm_parameter" "aft_config_backend_secondary_region" { - name = "/aft/config/oss-backend/secondary-region" - type = "String" - value = var.aft_config_backend_secondary_region -} - resource "aws_ssm_parameter" "aft_config_backend_kms_key_id" { name = "/aft/config/oss-backend/kms-key-id" type = "String" diff --git a/modules/aft-ssm-parameters/variables.tf b/modules/aft-ssm-parameters/variables.tf index 3530b29b..4a155eae 100644 --- a/modules/aft-ssm-parameters/variables.tf +++ b/modules/aft-ssm-parameters/variables.tf @@ -174,10 +174,6 @@ variable "aft_config_backend_primary_region" { type = string } -variable "aft_config_backend_secondary_region" { - type = string -} - variable "aft_config_backend_kms_key_id" { type = string } diff --git a/outputs.tf b/outputs.tf index 2777e1a1..2f0ab0ce 100644 --- a/outputs.tf +++ b/outputs.tf @@ -110,10 +110,6 @@ output "terraform_distribution" { value = var.terraform_distribution } -output "tf_backend_secondary_region" { - value = var.tf_backend_secondary_region -} - output "terraform_org_name" { value = var.terraform_org_name } diff --git a/providers.tf b/providers.tf index 4d26a6c4..e0e2aac0 100644 --- a/providers.tf +++ b/providers.tf @@ -25,19 +25,6 @@ provider "aws" { } } } -provider "aws" { - alias = "tf_backend_secondary_region" - region = var.tf_backend_secondary_region - assume_role { - role_arn = "arn:${data.aws_partition.current.partition}:iam::${var.aft_management_account_id}:role/AWSControlTowerExecution" - session_name = local.aft_session_name - } - default_tags { - tags = { - managed_by = "AFT" - } - } -} provider "aws" { alias = "audit" region = var.ct_home_region diff --git a/variables.tf b/variables.tf index 28a17f5a..929a2c88 100644 --- a/variables.tf +++ b/variables.tf @@ -288,15 +288,6 @@ variable "terraform_distribution" { } } -variable "tf_backend_secondary_region" { - type = string - description = "AFT creates a backend for state tracking for its own state as well as OSS cases. The backend's primary region is the same as the AFT region, but this defines the secondary region to replicate to." - validation { - condition = can(regex("(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d", var.tf_backend_secondary_region)) - error_message = "Variable var: tf_backend_secondary_region is not valid." - } -} - # Non-OSS Variables variable "terraform_token" { type = string diff --git a/versions.tf b/versions.tf index e5b9b0cc..5256dacb 100644 --- a/versions.tf +++ b/versions.tf @@ -8,7 +8,7 @@ terraform { aws = { source = "hashicorp/aws" version = ">= 4.9.0, < 5.0.0" - configuration_aliases = [aws.ct_management, aws.log_archive, aws.audit, aws.aft_management, aws.tf_backend_secondary_region] + configuration_aliases = [aws.ct_management, aws.log_archive, aws.audit, aws.aft_management] } } }