marusich pushed a commit to branch master in repository maintenance. commit a130bda64c78025a479c3738eaaf4f05af0e6c83 Author: Chris Marusich <cmmarus...@gmail.com> Date: Fri Dec 28 19:38:38 2018 -0800
cdn: Switch default region to us-east-1. Before doing this, I destroyed all Terraform-managed AWS resources and locally stored Terraform state, so we can rebuild it fresh. * cdn/README.org: Update us-west-2 references to us-east-1. * cdn/terraform/main.tf (terraform, guix-terraform-state): Likewise. --- cdn/README.org | 8 ++++---- cdn/terraform/main.tf | 11 ++++++++--- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/cdn/README.org b/cdn/README.org index da5a438..99629d6 100644 --- a/cdn/README.org +++ b/cdn/README.org @@ -669,7 +669,7 @@ file, so this command worked at that time): #+BEGIN_EXAMPLE [0] marusich@garuda.local:~/maintenance/cdn/terraform -$ AWS_DEFAULT_REGION=us-west-2 ~/Downloads/terraform plan +$ AWS_DEFAULT_REGION=us-east-1 ~/Downloads/terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. @@ -1103,7 +1103,7 @@ Invoke it like this (customize the environment variables as needed): #+BEGIN_EXAMPLE [0] marusich@garuda.local:~ -$ AWS_DEFAULT_REGION=us-west-2 AWS_PROFILE=guix aws iam list-users +$ AWS_DEFAULT_REGION=us-east-1 AWS_PROFILE=guix aws iam list-users { "Users": [ { @@ -1157,7 +1157,7 @@ needed): #+BEGIN_EXAMPLE [0] marusich@garuda.local:~ -$ AWS_DEFAULT_REGION=us-west-2 AWS_PROFILE=guix aws cloudfront create-invalidation --distribution-id E2LCS83UL0PPNA --paths '/*' +$ AWS_DEFAULT_REGION=us-east-1 AWS_PROFILE=guix aws cloudfront create-invalidation --distribution-id E2LCS83UL0PPNA --paths '/*' { "Location": "https://cloudfront.amazonaws.com/2017-03-25/distribution/E2LCS83UL0PPNA/invalidation/I2PCH5JZ52HUX7", "Invalidation": { @@ -1183,7 +1183,7 @@ You can also check on the invalidation status like so: #+BEGIN_EXAMPLE [0] marusich@garuda.local:~ -$ AWS_DEFAULT_REGION=us-west-2 AWS_PROFILE=guix aws cloudfront get-invalidation --id I2PCH5JZ52HUX7 --distribution-id E2LCS83UL0PPNA +$ AWS_DEFAULT_REGION=us-east-1 AWS_PROFILE=guix aws cloudfront get-invalidation --id I2PCH5JZ52HUX7 --distribution-id E2LCS83UL0PPNA { "Invalidation": { "Id": "I2PCH5JZ52HUX7", diff --git a/cdn/terraform/main.tf b/cdn/terraform/main.tf index e36ae6b..c81dc61 100644 --- a/cdn/terraform/main.tf +++ b/cdn/terraform/main.tf @@ -1,11 +1,16 @@ # Backend documentation: # https://www.terraform.io/docs/backends/types/s3.html terraform { + # If you ever want to rebuild everything from scratch, including the + # state bucket and the state it contains, you will need to remove or + # comment out this backend and use the local backend first. After + # creating the bucket, you can then add this backend back and + # migrate the state into it via "terraform init". backend "s3" { # TODO: Add a Dynamo DB table for locking. bucket = "guix-terraform-state" key = "state" - region = "us-west-2" + region = "us-east-1" } } @@ -23,7 +28,7 @@ terraform { # # Then you can invoke "terraform" like this to use the credentials: # -# AWS_PROFILE=guix AWS_DEFAULT_REGION=us-west-2 terraform apply +# AWS_PROFILE=guix AWS_DEFAULT_REGION=us-east-1 terraform apply # # The first environment variable tells the AWS provider to look for a # "profile" named "guix". You can use any profile name you want, but @@ -282,7 +287,7 @@ resource "aws_s3_bucket" "guix-terraform-state" { # The best region! :-) This could be any region, really, but since # I'm the primary user right now, I'm choosing the one that's # closest to me. - region = "us-west-2" + region = "us-east-1" # Encrypt data at rest using S3's server side encryption. See: # https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html server_side_encryption_configuration {