From d8cdc955738190043ab53cc9bae0568646f6e6e5 Mon Sep 17 00:00:00 2001
From: Curtis <wilsoncum@dil.es.northgrum.com>
Date: Mon, 13 Dec 2021 16:08:19 -0500
Subject: [PATCH] Branches k8s-nodes-updated and add_backend consolidted.

---
 k8s-nodes/modules/aws-nodes/main.tf |  1 +
 k8s-nodes/providers.tf              | 76 +++++++++++++++++++++++++++++
 2 files changed, 77 insertions(+)
 create mode 100644 k8s-nodes/providers.tf

diff --git a/k8s-nodes/modules/aws-nodes/main.tf b/k8s-nodes/modules/aws-nodes/main.tf
index 039fb20..282a488 100644
--- a/k8s-nodes/modules/aws-nodes/main.tf
+++ b/k8s-nodes/modules/aws-nodes/main.tf
@@ -1,6 +1,7 @@
 resource "aws_instance" "nodes" {
   ami                         = var.ami
   instance_type               = var.ec2-instance-type
+  # TODO REM double check this key.
   # key_name                    = aws_key_pair.debug1.key_name
   associate_public_ip_address = true
   subnet_id                   = var.subnet-id
diff --git a/k8s-nodes/providers.tf b/k8s-nodes/providers.tf
new file mode 100644
index 0000000..68b5fd1
--- /dev/null
+++ b/k8s-nodes/providers.tf
@@ -0,0 +1,76 @@
+
+provider "aws" {
+  region = "us-gov-west-1"
+}
+
+
+terraform {
+  required_version = ">= 1.0.8"
+
+    backend "s3" {
+      
+      bucket            = "mss-terraform-state"
+      key               = "global/s3/terraform.tfstate"
+      region            = "us-gov-west-1"
+      
+      dynamodb_table    = "mss-terraform-state-lock"
+      encrypt           = true
+
+  }
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.6.11"
+    }
+  }
+}
+
+
+
+
+
+##
+#S3 bucket create to hold our TFState file so we can all share env settings
+resource "aws_s3_bucket" "terraform_state" {
+    bucket = "mss-terraform-state"
+
+    # enable versioning for the state files 
+    versioning {
+        enabled = true
+    }
+
+    #enable server-side encryption
+    server_side_encryption_configuration {
+      
+      rule {
+          apply_server_side_encryption_by_default {
+              sse_algorithm = "AES256"
+              }
+          }
+        } 
+}
+
+##
+# no sql database used so that we can lock the TFstate file in the S3 bucket to ensure two people 
+# are not running a terraform command at the same time 
+resource "aws_dynamodb_table" "terraform_locks" {
+    name            = "mss-terraform-state-lock"
+    billing_mode    = "PAY_PER_REQUEST"
+    hash_key        = "LockID"
+
+    attribute {
+      name = "LockID"
+      type = "S"
+    }
+
+
+}
+
+
+##
+# output variable to give details on the s3 bucket created
+#TODO: move to output.tf
+output "s3_bucket_arn" {
+  value       = aws_s3_bucket.terraform_state.arn
+  description = "The ARN of the S3 bucket"
+}
\ No newline at end of file