From 55052f88227ec761dd0b965ec459dd4388c89626 Mon Sep 17 00:00:00 2001
From: Jeremy Cook <jeremy.cook@cloudacademy.com>
Date: Wed, 12 Jun 2024 21:13:27 +1200
Subject: [PATCH] updates to support mrap arn passing

---
 labfiles/main.tf | 24 ++++++++++++++++++++++++
 labfiles/vars.tf |  4 ++++
 2 files changed, 28 insertions(+)
 create mode 100644 labfiles/vars.tf

diff --git a/labfiles/main.tf b/labfiles/main.tf
index 53c3db5..23ea169 100644
--- a/labfiles/main.tf
+++ b/labfiles/main.tf
@@ -3,6 +3,8 @@ resource "aws_iam_instance_profile" "lab_instance" {
   role = "lab_instance_mrap"
 }
 
+data "aws_caller_identity" "current" {}
+
 # REGION1 VPC
 # ============================
 
@@ -118,9 +120,21 @@ resource "aws_instance" "region1" {
     cpu_credits = "standard"
   }
 
+  user_data = <<-EOFF
+#!/usr/bin/env bash
+set -x
+
+cat >> /home/ec2-user/.bash_profile << EOF
+export AWS_ACCOUNT_ID=${data.aws_caller_identity.current.account_id}
+export AWS_S3_MRAP_ARN=${var.s3_mrap_arn}
+EOF
+EOFF
+
   tags = {
     Name = "lab-instance-region1"
   }
+
+
 }
 
 resource "aws_vpc_endpoint" "ssm_region1" {
@@ -275,6 +289,16 @@ resource "aws_instance" "region2" {
     cpu_credits = "standard"
   }
 
+  user_data = <<-EOFF
+#!/usr/bin/env bash
+set -x
+
+cat >> /home/ec2-user/.bash_profile << EOF
+export AWS_ACCOUNT_ID=${data.aws_caller_identity.current.account_id}
+export AWS_S3_MRAP_ARN=${var.s3_mrap_arn}
+EOF
+EOFF
+
   tags = {
     Name = "lab-instance-region2"
   }
diff --git a/labfiles/vars.tf b/labfiles/vars.tf
new file mode 100644
index 0000000..b8af6bf
--- /dev/null
+++ b/labfiles/vars.tf
@@ -0,0 +1,4 @@
+variable "s3_mrap_arn" {
+  description = "S3 multi-region access point ARN"
+  type        = string
+}