Get enabled from module.this

Nuru · Nuru · commit 1cdbc5aa7673 · 2020-10-06T22:40:58.000-07:00
diff --git a/main.tf b/main.tf
@@ -73,6 +73,7 @@ data "aws_iam_policy_document" "default" {
 }
 
 locals {
+  enabled = module.this.enabled
   skip_index_re = var.skip_index_re == null ? "^\\.kibana*" : var.skip_index_re
 }
 
@@ -105,7 +106,7 @@ locals {
 # Resources
 #--------------------------------------------------------------
 resource "aws_lambda_function" "default" {
-  count            = var.enabled ? 1 : 0
+  count            = local.enabled ? 1 : 0
   filename         = module.artifact.file
   function_name    = local.function_name
   description      = local.function_name
@@ -134,15 +135,15 @@ resource "aws_lambda_function" "default" {
 }
 
 resource "aws_security_group" "default" {
-  count       = var.enabled ? 1 : 0
+  count       = local.enabled ? 1 : 0
   name        = local.function_name
   description = local.function_name
   vpc_id      = var.vpc_id
   tags        = module.label.tags
 }
 
 resource "aws_security_group_rule" "udp_dns_egress_from_lambda" {
-  count             = var.enabled ? 1 : 0
+  count             = local.enabled ? 1 : 0
   description       = "Allow outbound UDP traffic from Lambda Elasticsearch cleanup to DNS"
   type              = "egress"
   from_port         = 53
@@ -153,7 +154,7 @@ resource "aws_security_group_rule" "udp_dns_egress_from_lambda" {
 }
 
 resource "aws_security_group_rule" "tcp_dns_egress_from_lambda" {
-  count             = var.enabled ? 1 : 0
+  count             = local.enabled ? 1 : 0
   description       = "Allow outbound TCP traffic from Lambda Elasticsearch cleanup to DNS"
   type              = "egress"
   from_port         = 53
@@ -164,7 +165,7 @@ resource "aws_security_group_rule" "tcp_dns_egress_from_lambda" {
 }
 
 resource "aws_security_group_rule" "egress_from_lambda_to_es_cluster" {
-  count                    = var.enabled ? 1 : 0
+  count                    = local.enabled ? 1 : 0
   description              = "Allow outbound traffic from Lambda Elasticsearch cleanup SG to Elasticsearch SG"
   type                     = "egress"
   from_port                = 443
@@ -175,7 +176,7 @@ resource "aws_security_group_rule" "egress_from_lambda_to_es_cluster" {
 }
 
 resource "aws_security_group_rule" "ingress_to_es_cluster_from_lambda" {
-  count                    = var.enabled ? 1 : 0
+  count                    = local.enabled ? 1 : 0
   description              = "Allow inbound traffic to Elasticsearch domain from Lambda Elasticsearch cleanup SG"
   type                     = "ingress"
   from_port                = 443
@@ -186,34 +187,34 @@ resource "aws_security_group_rule" "ingress_to_es_cluster_from_lambda" {
 }
 
 resource "aws_iam_role" "default" {
-  count              = var.enabled ? 1 : 0
+  count              = local.enabled ? 1 : 0
   name               = local.function_name
   assume_role_policy = data.aws_iam_policy_document.assume_role.json
   tags               = module.label.tags
 }
 
 resource "aws_iam_role_policy" "default" {
-  count  = var.enabled ? 1 : 0
+  count  = local.enabled ? 1 : 0
   name   = local.function_name
   role   = join("", aws_iam_role.default.*.name)
   policy = data.aws_iam_policy_document.default.json
 }
 
 resource "aws_iam_role_policy_attachment" "default" {
-  count      = var.enabled ? 1 : 0
+  count      = local.enabled ? 1 : 0
   role       = join("", aws_iam_role.default.*.name)
   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
 }
 
 resource "aws_cloudwatch_event_rule" "default" {
-  count               = var.enabled ? 1 : 0
+  count               = local.enabled ? 1 : 0
   name                = local.function_name
   description         = local.function_name
   schedule_expression = var.schedule
 }
 
 resource "aws_lambda_permission" "default" {
-  count         = var.enabled ? 1 : 0
+  count         = local.enabled ? 1 : 0
   statement_id  = "AllowExecutionFromCloudWatch"
   action        = "lambda:InvokeFunction"
   function_name = join("", aws_lambda_function.default.*.arn)
@@ -222,7 +223,7 @@ resource "aws_lambda_permission" "default" {
 }
 
 resource "aws_cloudwatch_event_target" "default" {
-  count     = var.enabled ? 1 : 0
+  count     = local.enabled ? 1 : 0
   target_id = local.function_name
   rule      = join("", aws_cloudwatch_event_rule.default.*.name)
   arn       = join("", aws_lambda_function.default.*.arn)
