The terraform-local-context Terraform module helps you capture the context your team needs to
manage, operate, and secure resources in the Cloud. This module
helps you adopt the tagging model defined in the k9 Security
Cloud Deployment Tagging Guide
in whole or in part.
Use this module to model context about your resources across these dimensions:
- Identity & Ownership: Organization, Name, Owner, Environment, App, Role, Business Unit, Business Process, Cost Center, Compliance Scheme
- Security: Confidentiality, Integrity, Availability
- Risk (coming soon)
- Custom dimensions using additional tags
See the (module API) for the full set of variables and outputs.
The module acts like a data source. Describe context you know about your resource to the
module and it will output that as a map of key-value pairs. You can provide this
well-modeled map to the resource's tags or as an input to another function.
First, instantiate the module. Here is a minimal definition:
module "context" {
source = "[email protected]:k9securityio/terraform-local-context.git"
owner = "someowner"
env = "dev"
app = "someapi"
}
The full_context example in the test suite demonstrates
complete usage of the module.
Now use the module's tags output in a resource definition. For example, when creating an S3 bucket:
resource "aws_s3_bucket" "bucket" {
bucket = "a-new-bucket"
region = "us-east-1"
tags = "${module.context.tags}"
}
The bucket will be tagged with:
{
"Application": "someapi",
"Environment": "dev",
"ManagedBy": "Terraform",
"Owner": "someowner"
}