Velocloud_sdwan_module (#63)

* initial copy of velocloud module

* updates for velocloud

* Continuous Integration - terraform fmt and terraform-docs

* updated readme with link

* renaming cato to velo

* Continuous Integration - terraform fmt and terraform-docs

* added new variables to ssh and snmp security groups

* Continuous Integration - terraform fmt and terraform-docs

* removed searching for the AMI in favor of data source

* Continuous Integration - terraform fmt and terraform-docs

* added new user_data script and license variables

* terraform fmt

* Continuous Integration - terraform fmt and terraform-docs

* updated readme with proper example

* added comment and tfsec exclusion

* renaming the subnet id to subnet ids

* Continuous Integration - terraform fmt and terraform-docs

* changed the default to not include IP addresses

* Continuous Integration - terraform fmt and terraform-docs

* changing key_name to optional

* changed description for key_name to include default

* Continuous Integration - terraform fmt and terraform-docs

* expanded validation to 19 characters

* corrected the activation key validation

* fixed cato named sg

* fixing ami lookup

* changing the ami filter

* Continuous Integration - terraform fmt and terraform-docs

* adding the owner filter

* Continuous Integration - terraform fmt and terraform-docs

* removed an unused argument in the data ami source

* reordering the nics

* reordering the nic order for velocloud

* switching the mgmt subnet to the public subnet

* moving mgmt nic

* going down to a single nic

* added a second EIP for the mgmt nic

* Continuous Integration - terraform fmt and terraform-docs

* removed unused variable and testing without private nic

* Continuous Integration - terraform fmt and terraform-docs

* commented out private output

* Continuous Integration - terraform fmt and terraform-docs

* updated outputs with correct order and new mgmt

* Continuous Integration - terraform fmt and terraform-docs

* fixes to user_data script

* testing base64 encoding

* matching with the AWS Marketplace

* Continuous Integration - terraform fmt and terraform-docs

* updated pr request template

* tweaks to improve and match the cloudformation template

* Continuous Integration - terraform fmt and terraform-docs

* modified to no longer encode user_data

* fixed user_data argument

* added hibernation argument

* Continuous Integration - terraform fmt and terraform-docs

* added source_dest_check argument to the instance

* removed source_dest_check from the instance

* transitioning to attachment of the nic

* cleanup

* added name to the eip

* Continuous Integration - terraform fmt and terraform-docs

* reconfiguring the nic order to match mettel

* Continuous Integration - terraform fmt and terraform-docs

* corrected the missing mgmt output

* Continuous Integration - terraform fmt and terraform-docs

* going back to the network_interface block

* expanding splat

* reverting back to the original cloudformation template

* Continuous Integration - terraform fmt and terraform-docs

* removed unused comment

* removed incorrect device attachment on mgmt

* removing mgmt ip address

* Continuous Integration - terraform fmt and terraform-docs

* removed outputs for mgmt EIPs

* Continuous Integration - terraform fmt and terraform-docs

* matching the network_interface attachment
- Cloudformation has the network interfaces added at the time of the instance creation

* Continuous Integration - terraform fmt and terraform-docs

* updated user_data.sh and main.tf for velocloud module

* removed extra space

* changing the user_data file extension to .tftpl

* added echo for validating whether the configuration worked

* added echo command to both user_data_manual.tftpl and user_data.tftpl

* removed user_data_manual.tftpl added var.user_data

* Continuous Integration - terraform fmt and terraform-docs

* converting user_data to base64 for velocloud module

* back to utf-8

---------

Co-authored-by: zachreborn <[email protected]>

.github/pull_request_template.md

@@ -1,12 +1,20 @@
 # Description
+<!-- Description of the changes introduced by this Pull Request (PR). Link to an issue or ticket where possible for more context.-->
+A brief description of the changes introduced by this Pull Request.
 
-<!-- Description of the changes introduced by this PR. -->
-<!-- Example:
-Fixes #123
-This module improves route53 scalability. -->
+## Issue or Ticket
+<!-- Link to the issue or ticket this PR addresses.-->
+Fixes #000
 
-# TODOs
+## Type of change
+<!-- What type of change does your code introduce? -->
+- [ ] Bugfix
+- [ ] New feature
+- [ ] Version update
 
+## TODOs
+<!-- Complete these tasks prior to requesting a review.-->
+- [ ] Validate your code matches the style of the project.
 - [ ] Update the docs.
-- [ ] All tests run successfull, including pre-commit checks.
-- [ ] Include release notes and description.
+- [ ] Validate all tests run successfull, including pre-commit checks.
+- [ ] Include release notes and description. This should include both a summary of the changes and any necessary context.

modules/aws/ebs_volume/README.md

@@ -133,7 +133,7 @@ No modules.
 | <a name="input_skip_destroy"></a> [skip\_destroy](#input\_skip\_destroy) | (Optional, Boolean) Set this to true if you do not wish to detach the volume from the instance to which it is attached at destroy time, and instead just remove the attachment from Terraform state. This is useful when destroying an instance which has volumes created by some other means attached. | `bool` | `false` | no |
 | <a name="input_snapshot_id"></a> [snapshot\_id](#input\_snapshot\_id) | (Optional) A snapshot to base the EBS volume off of. | `string` | `null` | no |
 | <a name="input_stop_instance_before_detaching"></a> [stop\_instance\_before\_detaching](#input\_stop\_instance\_before\_detaching) | (Optional, Boolean) Set this to true to ensure that the target instance is stopped before trying to detach the volume. Stops the instance, if it is not already stopped. | `bool` | `false` | no |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the resource. If configured with a provider default\_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(any)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the resource. If configured with a provider default\_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(any)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 | <a name="input_throughput"></a> [throughput](#input\_throughput) | (Optional) The throughput that the volume supports, in MiB/s. Only valid for type of gp3. | `number` | `null` | no |
 | <a name="input_type"></a> [type](#input\_type) | (Optional) The type of EBS volume. Can be standard, gp2, gp3, io1, io2, sc1 or st1 (Default: gp3). | `string` | `"gp3"` | no |
 

modules/aws/ec2_domain_controller/README.md

@@ -209,7 +209,7 @@ No modules.
 | <a name="input_root_volume_type"></a> [root\_volume\_type](#input\_root\_volume\_type) | (Optional) The type of volume. Can be standard, gp2, gp3 or io1. (Default: standard) | `string` | `"gp3"` | no |
 | <a name="input_source_dest_check"></a> [source\_dest\_check](#input\_source\_dest\_check) | (Optional) Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true. | `bool` | `true` | no |
 | <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | (Required) The VPC subnet(s) the instance(s) will be assigned and launched in. | `list(string)` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider default\_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Map of tags to assign to the resource. Note that these tags apply to the instance and not block storage devices. If configured with a provider default\_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(string)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 | <a name="input_tenancy"></a> [tenancy](#input\_tenancy) | (Optional) Tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command. Valid values are default, dedicated, and host. | `string` | `"default"` | no |
 | <a name="input_user_data"></a> [user\_data](#input\_user\_data) | (Optional) User data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user\_data\_base64 instead. Updates to this field will trigger a stop/start of the EC2 instance by default. If the user\_data\_replace\_on\_change is set then updates to this field will trigger a destroy and recreate. | `string` | `null` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | (Required) The ID of the VPC to which we would like to associate a DHCP Options Set. | `string` | n/a | yes |

modules/aws/flow_logs/README.md

@@ -135,7 +135,7 @@ No modules.
 | <a name="input_key_is_enabled"></a> [key\_is\_enabled](#input\_key\_is\_enabled) | (Optional) Specifies whether the key is enabled. Defaults to true. | `string` | `true` | no |
 | <a name="input_key_name_prefix"></a> [key\_name\_prefix](#input\_key\_name\_prefix) | (Optional) Creates an unique alias beginning with the specified prefix. The name must start with the word alias followed by a forward slash (alias/). | `string` | `"alias/flow_logs_key_"` | no |
 | <a name="input_key_usage"></a> [key\_usage](#input\_key\_usage) | (Optional) Specifies the intended use of the key. Defaults to ENCRYPT\_DECRYPT, and only symmetric encryption and decryption are supported. | `string` | `"ENCRYPT_DECRYPT"` | no |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the object. | `map(any)` | <pre>{<br>  "created_by": "<YOUR_NAME>",<br>  "environment": "prod",<br>  "priority": "high",<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the object. | `map(any)` | <pre>{<br/>  "created_by": "<YOUR_NAME>",<br/>  "environment": "prod",<br/>  "priority": "high",<br/>  "terraform": "true"<br/>}</pre> | no |
 
 ## Outputs
 

modules/aws/fsx/README.md

@@ -121,7 +121,7 @@ No modules.
 | <a name="input_daily_automatic_backup_start_time"></a> [daily\_automatic\_backup\_start\_time](#input\_daily\_automatic\_backup\_start\_time) | (Optional) The preferred time (in HH:MM format) to take daily automatic backups, in the UTC time zone. | `string` | `"23:59"` | no |
 | <a name="input_deletion_window_in_days"></a> [deletion\_window\_in\_days](#input\_deletion\_window\_in\_days) | (Optional) Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | `30` | no |
 | <a name="input_deployment_type"></a> [deployment\_type](#input\_deployment\_type) | (Optional) Specifies the file system deployment type, valid values are MULTI\_AZ\_1, SINGLE\_AZ\_1 and SINGLE\_AZ\_2. Default value is SINGLE\_AZ\_1. | `string` | `"SINGLE_AZ_1"` | no |
-| <a name="input_dns_ips"></a> [dns\_ips](#input\_dns\_ips) | (Required) A list of up to two IP addresses of DNS servers or domain controllers in the self-managed AD directory. The IP addresses need to be either in the same VPC CIDR range as the file system or in the private IP version 4 (IPv4) address ranges as specified in RFC 1918. | `list(string)` | <pre>[<br>  "10.11.1.100",<br>  "10.11.2.100"<br>]</pre> | no |
+| <a name="input_dns_ips"></a> [dns\_ips](#input\_dns\_ips) | (Required) A list of up to two IP addresses of DNS servers or domain controllers in the self-managed AD directory. The IP addresses need to be either in the same VPC CIDR range as the file system or in the private IP version 4 (IPv4) address ranges as specified in RFC 1918. | `list(string)` | <pre>[<br/>  "10.11.1.100",<br/>  "10.11.2.100"<br/>]</pre> | no |
 | <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | (Required) The fully qualified domain name of the self-managed AD directory. For example, corp.example.com. | `string` | n/a | yes |
 | <a name="input_enable_audit_logs"></a> [enable\_audit\_logs](#input\_enable\_audit\_logs) | Determines count for cloudwatch log group, IAM policy, and IAM role. Defaults to true and enters a count of 1 to create resources. | `bool` | `true` | no |
 | <a name="input_enable_key_rotation"></a> [enable\_key\_rotation](#input\_enable\_key\_rotation) | (Optional) Specifies whether key rotation is enabled. Defaults to false. | `bool` | `true` | no |
@@ -143,7 +143,7 @@ No modules.
 | <a name="input_storage_capacity"></a> [storage\_capacity](#input\_storage\_capacity) | (Optional) Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536. If the storage type is set to HDD the minimum value is 2000. Required when not creating filesystem for a backup. | `number` | `2000` | no |
 | <a name="input_storage_type"></a> [storage\_type](#input\_storage\_type) | (Optional) Specifies the storage type, Valid values are SSD and HDD. HDD is supported on SINGLE\_AZ\_2 and MULTI\_AZ\_1 Windows file system deployment types. Default value is SSD. | `string` | `"SSD"` | no |
 | <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | (Required) A list of IDs for the subnets that the file system will be accessible from. To specify more than a single subnet set deployment\_type to MULTI\_AZ\_1. | `list(any)` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the object. | `map(string)` | <pre>{<br>  "created_by": "<YOUR_NAME>",<br>  "environment": "prod",<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the object. | `map(string)` | <pre>{<br/>  "created_by": "<YOUR_NAME>",<br/>  "environment": "prod",<br/>  "terraform": "true"<br/>}</pre> | no |
 | <a name="input_throughput_capacity"></a> [throughput\_capacity](#input\_throughput\_capacity) | (Required) Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of 8 and maximum of 2048. | `number` | `64` | no |
 | <a name="input_username"></a> [username](#input\_username) | (Required) The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. | `string` | n/a | yes |
 | <a name="input_weekly_maintenance_start_time"></a> [weekly\_maintenance\_start\_time](#input\_weekly\_maintenance\_start\_time) | (Optional) The preferred start time (in d:HH:MM format) to perform weekly maintenance, in the UTC time zone. | `string` | `"1:01:00"` | no |

modules/aws/iam/group/README.md

@@ -113,7 +113,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_groups"></a> [groups](#input\_groups) | (Required) - A map of groups to create. The key is the name of the group, and the value is a map of the group configuration. | <pre>map(object({<br>    policy_arns = set(string)<br>  }))</pre> | n/a | yes |
+| <a name="input_groups"></a> [groups](#input\_groups) | (Required) - A map of groups to create. The key is the name of the group, and the value is a map of the group configuration. | <pre>map(object({<br/>    policy_arns = set(string)<br/>  }))</pre> | n/a | yes |
 
 ## Outputs
 

modules/aws/iam/policy/README.md

@@ -111,7 +111,7 @@ No modules.
 | <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | (Required) The prefix used to generate a unique name of the policy. If omitted, Terraform will assign a random, unique name. Changes to the name will force the creation of a new resource. | `string` | n/a | yes |
 | <a name="input_path"></a> [path](#input\_path) | (Optional) Path in which to create the policy. See IAM Identifiers for more information. Defaults to `/`. | `string` | `"/"` | no |
 | <a name="input_policy"></a> [policy](#input\_policy) | (Required) The policy document. This is a JSON formatted string. The heredoc syntax, file function, or the aws\_iam\_policy\_document data source are all helpful here. | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM policy. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM policy. | `map(string)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 
 ## Outputs
 

modules/aws/iam/role/README.md

@@ -120,7 +120,7 @@ No modules.
 | <a name="input_path"></a> [path](#input\_path) | (Optional) The path to the role. | `string` | `"/"` | no |
 | <a name="input_permissions_boundary"></a> [permissions\_boundary](#input\_permissions\_boundary) | (Optional) The ARN of the policy that is used to set the permissions boundary for the role. | `string` | `null` | no |
 | <a name="input_policy_arns"></a> [policy\_arns](#input\_policy\_arns) | (Required) - A list of ARNs of the policies which you want attached to the role. | `list(string)` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM role. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM role. | `map(string)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 
 ## Outputs
 

modules/aws/iam/saml_provider/README.md

@@ -108,7 +108,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_name"></a> [name](#input\_name) | (Required) The name of the provider to create. | `string` | n/a | yes |
 | <a name="input_saml_metadata_document"></a> [saml\_metadata\_document](#input\_saml\_metadata\_document) | (Required) An XML document generated by an identity provider that supports SAML 2.0. | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM SAML provider. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to assign to the IAM SAML provider. | `map(string)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 
 ## Outputs
 

modules/aws/identity_center/group/README.md

@@ -115,7 +115,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_groups"></a> [groups](#input\_groups) | (Required) The list of groups to create. | <pre>map(object({<br>    display_name = string # (Required) The friendly name to identify the group.<br>    description  = string # (Optional) The description of the group.<br>  }))</pre> | n/a | yes |
+| <a name="input_groups"></a> [groups](#input\_groups) | (Required) The list of groups to create. | <pre>map(object({<br/>    display_name = string # (Required) The friendly name to identify the group.<br/>    description  = string # (Optional) The description of the group.<br/>  }))</pre> | n/a | yes |
 
 ## Outputs
 

modules/aws/identity_center/user/README.md

@@ -117,7 +117,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_users"></a> [users](#input\_users) | (Required) The list of users to create. | <pre>map(object({<br>    display_name = string # (Required) The friendly name to identify the user.<br>    given_name   = string # (Required) The given name of the user.<br>    family_name  = string # (Required) The family name of the user.<br>    user_name    = string # (Required) The username of the user.<br><br>    honorific_prefix = optional(string) # (Optional) The honorific prefix of the user.<br>    honorific_suffix = optional(string) # (Optional) The honorific suffix of the user.<br>    middle_name      = optional(string) # (Optional) The middle name of the user.<br>    nickname         = optional(string) # (Optional) The nickname of the user.<br><br>    email                   = optional(string) # (Optional) The email address of the user.<br>    email_is_primary        = optional(bool)   # (Optional) Indicates whether the email address is the primary email address of the user.<br>    email_type              = optional(string) # (Optional) The type of the email address of the user.<br>    phone_number            = optional(string) # (Optional) The phone number of the user.<br>    phone_number_is_primary = optional(bool)   # (Optional) Indicates whether the phone number is the primary phone number of the user.<br>    phone_number_type       = optional(string) # (Optional) The type of the phone number of the user.<br><br>    preferred_language = optional(string) # (Optional) The user's preferred language.<br>    timezone           = optional(string) # (Optional) The user's time zone.<br>    title              = optional(string) # (Optional) The user's title.<br>    user_type          = optional(string) # (Optional) The type of the user.<br>  }))</pre> | n/a | yes |
+| <a name="input_users"></a> [users](#input\_users) | (Required) The list of users to create. | <pre>map(object({<br/>    display_name = string # (Required) The friendly name to identify the user.<br/>    given_name   = string # (Required) The given name of the user.<br/>    family_name  = string # (Required) The family name of the user.<br/>    user_name    = string # (Required) The username of the user.<br/><br/>    honorific_prefix = optional(string) # (Optional) The honorific prefix of the user.<br/>    honorific_suffix = optional(string) # (Optional) The honorific suffix of the user.<br/>    middle_name      = optional(string) # (Optional) The middle name of the user.<br/>    nickname         = optional(string) # (Optional) The nickname of the user.<br/><br/>    email                   = optional(string) # (Optional) The email address of the user.<br/>    email_is_primary        = optional(bool)   # (Optional) Indicates whether the email address is the primary email address of the user.<br/>    email_type              = optional(string) # (Optional) The type of the email address of the user.<br/>    phone_number            = optional(string) # (Optional) The phone number of the user.<br/>    phone_number_is_primary = optional(bool)   # (Optional) Indicates whether the phone number is the primary phone number of the user.<br/>    phone_number_type       = optional(string) # (Optional) The type of the phone number of the user.<br/><br/>    preferred_language = optional(string) # (Optional) The user's preferred language.<br/>    timezone           = optional(string) # (Optional) The user's time zone.<br/>    title              = optional(string) # (Optional) The user's title.<br/>    user_type          = optional(string) # (Optional) The type of the user.<br/>  }))</pre> | n/a | yes |
 
 ## Outputs
 

modules/aws/keypair/README.md

@@ -120,7 +120,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_key_name_prefix"></a> [key\_name\_prefix](#input\_key\_name\_prefix) | (Required) Name prefix, used to generate unique keypair name used with AWS services | `string` | n/a | yes |
 | <a name="input_public_key"></a> [public\_key](#input\_public\_key) | (Required) The public key material. | `string` | n/a | yes |
-| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the resource. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A mapping of tags to assign to the resource. | `map(string)` | <pre>{<br/>  "terraform": "true"<br/>}</pre> | no |
 
 ## Outputs