Merge pull request hashicorp#12 from wpengine/SRE-1267_zabbix_peering

[SRE-1267] Peer Zabbix VPC to Vault for monitoring, etc.
jeffwecan · May 22, 2018 · 56b5690 · 56b5690
2 parents 802636e + 7b468e0
commit 56b5690
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 0 deletions.
diff --git a/terraform/aws/corporate/inputs.tf b/terraform/aws/corporate/inputs.tf
@@ -81,3 +81,9 @@ variable "jenkins_subnet_id" {
   description = "Subnet ID for the Jenkins master instance"
   default     = "subnet-e975a9c4"
 }
+
+variable "zabbix_subnet_id" {
+  type = "string"
+  description = "Subnet ID for the zabbix 'main' instance in the 'Zabbix' VPC."
+  default     = "subnet-eba99e9d"
+}
diff --git a/terraform/aws/corporate/main.tf b/terraform/aws/corporate/main.tf
@@ -86,6 +86,21 @@ module "jenkins_to_vault" {
   }
 }
 
+module "zabbix_to_vault" {
+  source = "git@github.com:wpengine/infraform.git//modules/aws-vpc-peering-to-vault-vpc?ref=v1.42"
+
+  peer_owner_id = "${var.peer_owner_id}"
+  vault_client_subnet_id = "${var.zabbix_subnet_id}"
+  vault_client_name = "zabbix"
+  vault_vpc_id = "${var.vault_vpc_id}"
+  vault_application_load_balancer_security_group_id = "${var.vault_load_balancer_security_group_id}"
+  vault_route_table_id = "${var.vault_route_table_id}"
+  providers = {
+    "aws.vault_client" = "aws.corporate"
+    "aws.vault_cluster" = "aws.corporate"
+  }
+}
+
 module "vault_elbv2_dns_record" {
   source = "git@github.com:wpengine/infraform.git//modules/dns-for-aws-elbv2?ref=v1.42"
 

diff --git a/terraform/aws/development/inputs.tf b/terraform/aws/development/inputs.tf
@@ -76,6 +76,12 @@ variable "metricsdb_security_group_id" {
   default = "sg-3d895142"
 }
 
+variable "zabbix_subnet_id" {
+  type = "string"
+  description = "Subnet ID for the zabbix 'main' instance in the 'Zabbix' VPC."
+  default     = "subnet-3fe7c015"
+}
+
 variable "gcp_project" {
   type = "string"
   description = "The GCP project to connect to for dev-cm."

diff --git a/terraform/aws/development/main.tf b/terraform/aws/development/main.tf
@@ -78,6 +78,21 @@ module "dev_cm_to_vault" {
   }
 }
 
+module "zabbix_to_vault" {
+  source = "git@github.com:wpengine/infraform.git//modules/aws-vpc-peering-to-vault-vpc?ref=v1.42"
+
+  peer_owner_id = "${var.peer_owner_id}"
+  vault_client_subnet_id = "${var.zabbix_subnet_id}"
+  vault_client_name = "zabbix"
+  vault_vpc_id = "${var.vault_vpc_id}"
+  vault_application_load_balancer_security_group_id = "${var.vault_load_balancer_security_group_id}"
+  vault_route_table_id = "${var.vault_route_table_id}"
+  providers = {
+    "aws.vault_client" = "aws.development"
+    "aws.vault_cluster" = "aws.development"
+  }
+}
+
 module "vault_elbv2_dns_record" {
   source = "git@github.com:wpengine/infraform.git//modules/dns-for-aws-elbv2?ref=v1.42"