# MSR2 Infrastructure Project

# Managed Services Evaluation Round 2

# Requirements

Name	Version
terraform	>=1.1.0
aws	~> 5.29.0

# Providers

Name	Version
aws	5.29.0

# Modules

Name	Source	Version
a-ad-srv1	../../modules/aws/base-vm-win	n/a
a-desk1	../../modules/aws/base-vm	n/a
a-desk2	../../modules/aws/base-vm	n/a
a-desk3	../../modules/aws/base-vm	n/a
a-ex-srv1	../../modules/aws/base-vm-win	n/a
a-iis-srv1	../../modules/aws/base-vm-win	n/a
b-ad-srv1	../../modules/aws/base-vm-win	n/a
b-desk1	../../modules/aws/base-vm	n/a
b-desk2	../../modules/aws/base-vm	n/a
b-desk3	../../modules/aws/base-vm	n/a
b-ex-srv1	../../modules/aws/base-vm-win	n/a
b-file-srv1	../../modules/aws/base-vm-win	n/a
b-kvm-srv1	../../modules/aws/base-vm	n/a
b-sql-srv1	../../modules/aws/base-vm-win	n/a
c-desk1	../../modules/aws/base-vm	n/a
defaults	../../modules/aws/defaults	n/a
openvpn-client	../../modules/aws/vpn-client	n/a
red-kali1	../../modules/aws/base-vm	n/a
support-dns-srv1	../../modules/aws/base-vm	n/a
support-jumpbox-srv1	../../modules/aws/base-vm-win	n/a
support-pf-srv1	../../modules/aws/base-vm	n/a
support-redirect-srv1	../../modules/aws/base-vm	n/a
support-redirect-srv2	../../modules/aws/base-vm	n/a
support-redirect-srv3	../../modules/aws/base-vm	n/a

# Resources

Name	Type
aws_default_route_table.alpha-rtb	resource
aws_default_route_table.beta-rtb	resource
aws_dynamodb_table.dynamodb-terraform-state-lock	resource
aws_eip.alpha-nat-eip	resource
aws_eip.beta-nat-eip	resource
aws_internet_gateway.alpha-igw	resource
aws_internet_gateway.beta-igw	resource
aws_key_pair.ssh-key-pair	resource
aws_nat_gateway.alpha-nat-gw	resource
aws_nat_gateway.beta-nat-gw	resource
aws_route_table.alpha-public-rtb	resource
aws_route_table.beta-public-rtb	resource
aws_route_table_association.rtba_a_desk	resource
aws_route_table_association.rtba_a_nat	resource
aws_route_table_association.rtba_a_srv	resource
aws_route_table_association.rtba_a_vpn	resource
aws_route_table_association.rtba_b_combined	resource
aws_route_table_association.rtba_c_desk	resource
aws_route_table_association.rtba_red	resource
aws_route_table_association.rtba_redirect_a	resource
aws_route_table_association.rtba_redirect_b	resource
aws_route_table_association.rtba_support_nat	resource
aws_s3_object.msr2	resource
aws_security_group.alpha	resource
aws_security_group.beta	resource
aws_subnet.a_desk	resource
aws_subnet.a_srv	resource
aws_subnet.a_vpn	resource
aws_subnet.alpha_nat	resource
aws_subnet.b_combined	resource
aws_subnet.beta_nat	resource
aws_subnet.c_desk	resource
aws_subnet.support_a	resource
aws_subnet.support_b	resource
aws_subnet.support_red	resource
aws_vpc.alpha	resource
aws_vpc.beta	resource
aws_vpc_ipv4_cidr_block_association.alpha-a	resource
aws_vpc_ipv4_cidr_block_association.alpha-b	resource
aws_vpc_ipv4_cidr_block_association.alpha-c	resource
aws_vpc_ipv4_cidr_block_association.alpha-nat	resource
aws_vpc_ipv4_cidr_block_association.beta-nat	resource
aws_vpc_ipv4_cidr_block_association.redirect-a-cidr	resource
aws_vpc_ipv4_cidr_block_association.redirect-b-cidr	resource
aws_vpc_peering_connection.range-to-red-pcx	resource
aws_vpc_security_group_ingress_rule.main	resource
aws_s3_bucket.vendors	data source

# Inputs

Name	Description	Type	Default	Required
aws-bucket-name	Name of S3 bucket for managing Terraform state across vendor ranges	`string`	`"msr2-vendor-resources"`	no
aws-region	AWS region to use, defaults to us-east-1	`string`	`"us-east-1"`	no
aws-region-az	AWS availability zone to use, defaults to us-east-1a	`string`	`"us-east-1a"`	no
category	(Optional) Category of resource group, (similar to name, used for ansible automation)	`string`	`""`	no
description	Description for the resource group	`string`	`"MSR2"`	no
dev_linux_password	Password for dev Linux hosts	`string`	n/a	yes
dev_linux_username	Username for Linux hosts	`string`	n/a	yes
dev_win_admin_password	Password for Windows 10 desktop dev boxes	`string`	n/a	yes
dev_win_admin_username	Username for Windows 10 desktop dev boxes	`string`	`"devadmin"`	no
environment	(Optional) Environment tag of resource group	`string`	`"Development"`	no
local_domain_admin_password	Local admin password to workstation 1	`string`	`"localAdmin1"`	no
local_domain_admin_username	Local admin password to workstation 1	`string`	`"localadmin"`	no
name-prefix	String prefix for resource names	`string`	`""`	no
shutdown_ok	Whether the resource can be safely disabled or shutdown	`string`	`"vendor-schedule"`	no
ssh_private_key_path	Path to SSH private key to use for Linux ssh systems (public and private key must be matching pair)	`string`	n/a	yes
ssh_public_key_path	Path to SSH public key to use for Linux ssh systems (public and private key must be matching pair)	`string`	n/a	yes
win_a_domain_name	Domain name for A	`string`	n/a	yes
win_a_netbios_name	Netbios name for A	`string`	n/a	yes
win_b_domain_name	Domain name for B	`string`	n/a	yes
win_b_netbios_name	Netbios name for B	`string`	n/a	yes
win_c_domain_name	Domain name for C	`string`	n/a	yes
win_c_netbios_name	Netbios name for C	`string`	n/a	yes
win_desk_password	Local admin password to workstation 1	`string`	`"winDesk1"`	no
win_desk_username	Local admin password to workstation 1	`string`	`"windesk"`	no
win_domain_name	Domain name for AD	`string`	n/a	yes
win_netbios_name	Netbios name for AD, e.g. reddev	`string`	n/a	yes
win_srv_admin_password	Windows Server admin password	`string`	n/a	yes
win_srv_admin_username	Windows Server admin username	`string`	n/a	yes

# Outputs

Name	Description
cacert	output cert and key separately to simplify redirecting to file used to generate vpn profiles
cakey	n/a
endpointid	n/a
rdp_data	n/a
vpn	n/a
windows-credentials	n/a