elastic2ls-com
diff --git a/‎README.md
Lines changed: 4 additions & 113 deletions b/‎README.md
Lines changed: 4 additions & 113 deletions
diff --git a/‎backends/test.tfbackend
Lines changed: 6 additions & 0 deletions b/‎backends/test.tfbackend
Lines changed: 6 additions & 0 deletions
diff --git a/‎data.tf
Lines changed: 56 additions & 0 deletions b/‎data.tf
Lines changed: 56 additions & 0 deletions
diff --git a/‎examples/basic/main.tf
Lines changed: 2 additions & 2 deletions b/‎examples/basic/main.tf
Lines changed: 2 additions & 2 deletions
diff --git a/‎main.tf
Lines changed: 29 additions & 100 deletions b/‎main.tf
Lines changed: 29 additions & 100 deletions
@@ -1,114 +1,5 @@
-[![Terraform CI](https://github.com/elastic2ls-com/terraform-aws-finops-cur-grafana/actions/workflows/terraform.yml/badge.svg)](https://github.com/elastic2ls-com/terraform-aws-finops-cur-grafana/actions)
-![License](https://img.shields.io/badge/license-MIT-brightgreen?logo=mit)
-![Status](https://img.shields.io/badge/status-active-brightgreen.svg?logo=git)
-[![Sponsor](https://img.shields.io/badge/sponsors-AlexanderWiechert-blue.svg?logo=github-sponsors)](https://github.com/sponsors/AlexanderWiechert/)
-[![Contact](https://img.shields.io/badge/website-elastic2ls.com-blue.svg?logo=google-chrome)](https://www.elastic2ls.com/)
-[![Terraform Registry](https://img.shields.io/badge/download-blue.svg?logo=terraform&style=social)](https://registry.terraform.io/modules/elastic2ls-com/finops-cur-athena/aws/latest)
-![OpenTofu Compatible](https://img.shields.io/badge/OpenTofu-Compatible-4E9A06?logo=opentofu)
-
-# terraform-aws-finops-cur-grafana
-
-Terraform module to automate the setup of AWS Cost and Usage Reports (CUR) and make them queryable in Athena.
-
-Supports:
-- CUR report generation (Parquet format)
-- Storage in S3 with proper permissions
-- Glue Crawler to create Athena table
-- Named Athena queries for FinOps reporting
-
-This module is compatible with both Terraform (>=1.4) and OpenTofu (>=1.4).
-
----
-
-## Features
-
-- Provisions a secure S3 bucket for CUR reports
-- Enables daily Parquet-based AWS CUR reports with `RESOURCES` schema
-- Automatically registers CUR data via Glue Crawler
-- Makes CUR data queryable with Athena
-- Creates sample named Athena queries (e.g. EBS cost summary)
-- Works seamlessly with Grafana Athena integration
-- Example usage included
-
----
-
-## Usage
-
-### Example
-
-```hcl
-module "cur_athena" {
-  source = "github.com/elastic2ls-com/terraform-aws-finops-cur-grafana"
-
-  aws_region           = "eu-central-1"
-  s3_bucket_name       = "my-cur-report-bucket"
-  report_name          = "ebs-cost-usage-report"
-  report_prefix        = "cur/ebs-report/"
-  athena_database_name = "cur_database"
-  report_table_name    = "cur_table"
-  crawler_name         = "cur-crawler"
-}
 ```
-
-Then run:
-
-```bash
-terraform init
-terraform plan
-terraform apply
-```
-
----
-
-## Variables
-
-| Name                 | Description                                 | Type   | Default                |
-|----------------------|---------------------------------------------|--------|------------------------|
-| aws_region           | AWS region                                  | string | "eu-central-1"         |
-| s3_bucket_name       | Name of the S3 bucket for CUR data          | string | n/a (required)         |
-| report_name          | CUR report name                             | string | "ebs-cost-usage-report"|
-| report_prefix        | Prefix in S3 for CUR output                 | string | "cur/ebs-report/"      |
-| athena_database_name | Athena database name                        | string | "cur_database"         |
-| report_table_name    | Athena table name for CUR data              | string | "cur_table"            |
-| crawler_name         | Name of the Glue Crawler                    | string | "cur-crawler"          |
-
----
-
-## Outputs
-
-| Name                 | Description                             |
-|----------------------|-----------------------------------------|
-| s3_bucket_name       | Name of the created S3 bucket           |
-| athena_database_name | Name of the created Athena database     |
-| cur_report_name      | Name of the CUR report created          |
-| named_query_id       | ID of the predefined named Athena query |
-
----
-
-## Requirements
-
-- Terraform ≥ 1.4
-- AWS Provider ≥ 5.0
-
----
-
-## CI/CD
-
-This module includes GitHub Actions to perform:
-
-- `terraform fmt`
-- `terraform validate`
-- `terraform plan` on examples
-- `checkov` security scan
-
----
-
-## License
-
-MIT
-
----
-
-## Maintainers
-
-[elastic2ls](https://github.com/elastic2ls-com)
+aws sso login --profile staffing-tool-test 
+terraform init --backend-config=backend/test.tfbackend 
+terraform plan -var-file=test.tfvars 
+```
@@ -0,0 +1,6 @@
+region          = "eu-central-1"
+bucket          = "535159664206-terraform-state"
+dynamodb_table  = "535159664206-terraform-state"
+key             = "terraform.tfstate"
+encrypt         = "true"
+profile         = "staffing-tool-test"
@@ -0,0 +1,56 @@
+data "aws_caller_identity" "current" {}
+
+data "aws_vpc" "ciss" {
+  filter {
+    name   = "owner-id"
+    values = ["086523049501"]
+  }
+}
+
+data "aws_subnets" "ciss_public" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.ciss.id]
+  }
+  filter {
+    name   = "tag:Name"
+    values = ["public"]
+  }
+}
+
+data "aws_subnet" "ciss_public" {
+  for_each = toset(data.aws_subnets.ciss_public.ids)
+  id       = each.value
+}
+
+data "aws_subnets" "ciss_internal" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.ciss.id]
+  }
+  filter {
+    name   = "tag:Name"
+    values = ["internal"]
+  }
+}
+
+data "aws_subnet" "ciss_internal" {
+  for_each = toset(data.aws_subnets.ciss_internal.ids)
+  id       = each.value
+}
+
+data "aws_subnets" "ciss_isolated" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.ciss.id]
+  }
+  filter {
+    name   = "tag:Name"
+    values = ["isolated"]
+  }
+}
+
+data "aws_subnet" "ciss_isolated" {
+  for_each = toset(data.aws_subnets.ciss_isolated.ids)
+  id       = each.value
+}
@@ -5,8 +5,8 @@ module "cur_athena" {
   s3_bucket_name       = "my-cur-report-bucket"
   report_name          = "ebs-cost-usage-report"
   report_prefix        = "cur/ebs-report/"
-  athena_database_name = "cur_database"
+  athena_database_name = "cur_catalog"
   report_table_name    = "cur_table"
   crawler_name         = "cur-crawler"
-  vpc_id               = "vpc-1234567890abcdef0"
+  aws_vpc              = "vpc-1234567890abcdef0"
 }
@@ -1,109 +1,38 @@
 module "grafana" {
   source       = "./modules/grafana"
-  vpc_id       = var.vpc_id
+  aws_region   = var.aws_region
+  aws_vpc      = var.aws_vpc
+  subnet_ids   = var.subnet_ids
   project_name = var.project_name
-}
-
-resource "aws_ecs_cluster" "this" {
-  name = var.project_name
-}
-
-# --- Load Balancer + Target Group ---
-resource "aws_lb" "grafana" {
-  name               = "${var.project_name}-alb"
-  internal           = false
-  load_balancer_type = "application"
-  security_groups    = [aws_security_group.grafana_sg.id]
-  subnets            = var.subnet_ids
-}
-
-resource "aws_lb_target_group" "grafana_tg" {
-  name        = "${var.project_name}-tg"
-  port        = 3000
-  protocol    = "HTTP"
-  target_type = "ip"
-  vpc_id      = var.vpc_id
-
-  health_check {
-    path                = "/"
-    port                = "3000"
-    protocol            = "HTTP"
-    matcher             = "200-399"
-    interval            = 30
-    timeout             = 5
-    healthy_threshold   = 2
-    unhealthy_threshold = 3
-  }
-}
 
-resource "aws_lb_listener" "https" {
-  load_balancer_arn = aws_lb.grafana.arn
-  port              = 3000
-  protocol          = "HTTP"
-
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.grafana_tg.arn
-  }
-}
-
-# --- ECS Service ---
-resource "aws_ecs_service" "grafana" {
-  name            = "${var.project_name}-service"
-  cluster         = aws_ecs_cluster.this.id
-  task_definition = module.grafana.task_definition_arn
-  launch_type     = "FARGATE"
-  desired_count   = 1
-
-  network_configuration {
-    subnets          = var.subnet_ids
-    security_groups  = [aws_security_group.grafana_sg.id]
-    assign_public_ip = true
-  }
-
-  load_balancer {
-    target_group_arn = aws_lb_target_group.grafana_tg.arn
-    container_name   = "grafana"
-    container_port   = 3000
-  }
+  grafana_image                   = var.grafana_image
+  grafana_admin_user              = var.grafana_admin_user
+  grafana_admin_password          = var.grafana_admin_password
+  grafana_ecs_network_mode        = var.grafana_ecs_network_mode
+  grafana_ecs_cpu                 = var.grafana_ecs_cpu
+  grafana_ecs_memory              = var.grafana_ecs_memory
+  grafana_ecs_container_port      = var.grafana_ecs_container_port
+  grafana_ecs_log_group_name      = var.grafana_ecs_log_group_name
+  grafana_ecs_execution_role_name = var.grafana_ecs_execution_role_name
+
+  cur_catalog            = module.cur.cur_catalog
+  athena_result_location = module.cur.athena_result_location
+  athena_workgroup       = module.cur.athena_workgroup
 }
 
-# --- DNS (optional) ---
-# resource "aws_route53_record" "grafana_dns" {
-#   zone_id = var.zone_id
-#   name    = var.domain_name
-#   type    = "A"
-#
-#   alias {
-#     name                   = aws_lb.grafana.dns_name
-#     zone_id                = aws_lb.grafana.zone_id
-#     evaluate_target_health = true
-#   }
-# }
-
-resource "aws_security_group" "grafana_sg" {
-  name        = "${var.project_name}-grafana-sg"
-  description = "Security Group for Grafana"
-  vpc_id      = var.vpc_id
-
-  ingress {
-    description = "Allow ALB to Grafana on port 3000"
-    from_port   = 3000
-    to_port     = 3000
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"] # Nur für Tests – später auf ALB Security Group einschränken!
-    # security_groups = [var.alb_security_group_id] # Besser: explizite SG, siehe oben
-  }
+module "cur" {
+  source       = "./modules/cur"
+  aws_region   = var.aws_region
+  aws_vpc      = var.aws_vpc
+  subnet_ids   = var.subnet_ids
+  project_name = var.project_name
 
-  egress {
-    description = "Allow all outbound traffic"
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
+  cur_report_compression = var.cur_report_compression
+  cur_report_format      = var.cur_report_format
+  cur_report_versioning  = var.cur_report_versioning
 
-  tags = {
-    Name = "${var.project_name}-grafana-sg"
-  }
+  cur_report_name      = var.cur_report_name
+  cur_s3_bucket_name   = var.cur_s3_bucket_name
+  cur_report_prefix    = var.cur_report_prefix
+  cur_report_time_unit = var.cur_report_time_unit
 }