updates to support mrap arn passing

cloudacademy · Jun 12, 2024 · 55052f8 · 55052f8
1 parent a13e650
commit 55052f8
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 0 deletions.
diff --git a/labfiles/main.tf b/labfiles/main.tf
@@ -3,6 +3,8 @@ resource "aws_iam_instance_profile" "lab_instance" {
  role = "lab_instance_mrap"
 }
 
+data "aws_caller_identity" "current" {}
+
 # REGION1 VPC
 # ============================
 
@@ -118,9 +120,21 @@ resource "aws_instance" "region1" {
  cpu_credits = "standard"
  }
 
+ user_data = <<-EOFF
+#!/usr/bin/env bash
+set -x
+
+cat >> /home/ec2-user/.bash_profile << EOF
+export AWS_ACCOUNT_ID=${data.aws_caller_identity.current.account_id}
+export AWS_S3_MRAP_ARN=${var.s3_mrap_arn}
+EOF
+EOFF
+
  tags = {
  Name = "lab-instance-region1"
  }
+
+
 }
 
 resource "aws_vpc_endpoint" "ssm_region1" {
@@ -275,6 +289,16 @@ resource "aws_instance" "region2" {
  cpu_credits = "standard"
  }
 
+ user_data = <<-EOFF
+#!/usr/bin/env bash
+set -x
+
+cat >> /home/ec2-user/.bash_profile << EOF
+export AWS_ACCOUNT_ID=${data.aws_caller_identity.current.account_id}
+export AWS_S3_MRAP_ARN=${var.s3_mrap_arn}
+EOF
+EOFF
+
  tags = {
  Name = "lab-instance-region2"
  }

diff --git a/labfiles/vars.tf b/labfiles/vars.tf
@@ -0,0 +1,4 @@
+variable "s3_mrap_arn" {
+ description = "S3 multi-region access point ARN"
+ type = string
+}