fix: move everyhing to the /modules dir, so terrafrom registry will s…

…ee child modules

.gitignore

@@ -35,3 +35,5 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
+
+.terraform.lock.hcl

modules/shared_parameters/chat_bot_topic_arn/create/README.md → modules/chat_bot_topic_arn/create/README.md

@@ -20,7 +20,7 @@ locals {
 }
 
 module "shared_chat_bot_topic_arn" {
-  source   = "../../../modules/external/shared_parameters/chat_bot_topic_arn/create"
+  source   = "../../chat_bot_topic_arn/create"
   for_each = local.topics_environment_configuration
 
   chat_bot_topic_arn = aws_sns_topic.chat_bot_environment_notifications[each.key].arn
@@ -45,10 +45,10 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | ../../../naming_conventions | n/a |
-| <a name="module_org_info"></a> [org\_info](#module\_org\_info) | ../../../shared_parameters/org_info/read | n/a |
-| <a name="module_shared_kms_key_arn"></a> [shared\_kms\_key\_arn](#module\_shared\_kms\_key\_arn) | ../../../shared_parameters/shared_kms_key_arn/read | n/a |
-| <a name="module_shared_parameter"></a> [shared\_parameter](#module\_shared\_parameter) | ../../../shared_parameter | n/a |
+| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | fivexl/naming-convetions/aws | 0.0.1 |
+| <a name="module_org_info"></a> [org\_info](#module\_org\_info) | ../../org_info/read | n/a |
+| <a name="module_shared_kms_key_arn"></a> [shared\_kms\_key\_arn](#module\_shared\_kms\_key\_arn) | ../../shared_kms_key_arn/read | n/a |
+| <a name="module_shared_parameter"></a> [shared\_parameter](#module\_shared\_parameter) | ../../shared_parameter | n/a |
 
 ## Resources
 
@@ -59,7 +59,6 @@ No resources.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_chat_bot_topic_arn"></a> [chat\_bot\_topic\_arn](#input\_chat\_bot\_topic\_arn) | The ARN of the SNS topic for chatbot notifications | `string` | n/a | yes |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment to deploy to | `string` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to resources | `map(string)` | n/a | yes |
 
 ## Outputs

modules/shared_parameters/chat_bot_topic_arn/create/main.tf → modules/chat_bot_topic_arn/create/main.tf

@@ -5,14 +5,15 @@ module "naming_conventions" {
 
 module "shared_kms_key_arn" {
   source = "../../shared_kms_key_arn/read"
+
 }
 
 module "org_info" {
   source = "../../org_info/read"
 }
 
 module "shared_parameter" {
-  source = "../../../shared_parameter"
+  source = "../../shared_parameter"
 
   parameter_name           = module.naming_conventions.chat_bot_topic_arn_ssm_parameter_name
   resource_share_name      = module.naming_conventions.chat_bot_topic_arn_resource_share_name

modules/shared_parameters/chat_bot_topic_arn/read/README.md → modules/chat_bot_topic_arn/read/README.md

@@ -23,8 +23,8 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | ../../../naming_conventions | n/a |
-| <a name="module_shared_parameter_data"></a> [shared\_parameter\_data](#module\_shared\_parameter\_data) | ../../../shared_parameter_data | n/a |
+| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | fivexl/naming-convetions/aws | 0.0.1 |
+| <a name="module_shared_parameter_data"></a> [shared\_parameter\_data](#module\_shared\_parameter\_data) | ../../shared_parameter_data | n/a |
 
 ## Resources
 
@@ -34,7 +34,6 @@ No resources.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment to deploy the resources in | `string` | n/a | yes |
 | <a name="input_resource_owner"></a> [resource\_owner](#input\_resource\_owner) | The owner of the resource share | `string` | `"OTHER-ACCOUNTS"` | no |
 
 ## Outputs

modules/shared_parameters/chat_bot_topic_arn/read/main.tf → modules/chat_bot_topic_arn/read/main.tf

@@ -4,7 +4,7 @@ module "naming_conventions" {
 }
 
 module "shared_parameter_data" {
-  source = "../../../shared_parameter_data"
+  source = "../../shared_parameter_data"
 
   resource_share_name = module.naming_conventions.chat_bot_topic_arn_resource_share_name
   resource_owner      = var.resource_owner

modules/shared_parameters/default_kms_key_arn/read/README.md → modules/default_kms_key_arn/read/README.md

@@ -5,7 +5,7 @@ This module outputs the ARN of the `alias/default` KMS key. This is default key
 ## Usage
 ```hcl
 module "kms_key_arn" {
-  source = "fivexl/shared-parameters/aws//modules/shared_parameters/default_kms_key_arn/read"
+  source = "../../default_kms_key_arn/read"
 }
 
 output "kms_key_arn" {

modules/shared_parameters/default_kms_key_arn/read/main.tf → modules/default_kms_key_arn/read/main.tf

@@ -4,7 +4,7 @@ module "naming_conventions" {
 }
 
 module "shared_parameter_data" {
-  source = "../../../shared_parameter_data"
+  source = "../../shared_parameter_data"
 
   resource_share_name = module.naming_conventions.default_kms_key_resource_share_name
   resource_owner      = var.resource_owner

modules/shared_parameters/org_info/create/README.md → modules/org_info/create/README.md

@@ -6,6 +6,43 @@ It's intended to be created in the `management` account, because it depends on `
 ## Usage
 For more information about output values and usage, please refer to `./read` module. 
 
+```hcl
+locals {
+  all_non_master_accounts= {
+    for account in data.aws_organizations_organization.this.non_master_accounts : account.name => {
+      id = account.id
+    }
+  }
+  root_id = data.aws_organizations_organization.this.roots[0].id
+  
+  security_ou_arn = [for ou in data.aws_organizations_organizational_units.root.children : ou if ou.name == "security"][0].arn
+  infrastructure_ou_arn = [for ou in data.aws_organizations_organizational_units.root.children : ou if ou.name == "infrastructure"][0].arn
+}
+
+data "aws_organizations_organizational_units" "root" {
+  parent_id = local.root_id
+}
+
+module "organization_info_shared_parameter_primary" {
+  source                   = "../../org_info/create"
+  shared_kms_key_arn       = module.shared_kms_key.primary_key_arn
+  principals_to_share_with = [local.security_ou_arn, local.infrastructure_ou_arn]
+  all_accounts = local.all_non_master_accounts
+  tags = module.tags.result
+}
+
+module "organization_info_shared_parameter_secondary" {
+  source                   = "../../org_info/create"
+  shared_kms_key_arn       = module.shared_kms_key.secondary_key_arn
+  principals_to_share_with = [local.security_ou_arn, local.infrastructure_ou_arn]
+  all_accounts = local.all_non_master_accounts
+  providers = {
+    aws = aws.secondary
+  }
+  tags = module.tags.result
+}
+```
+
 
 <!-- BEGIN_TF_DOCS -->
 ## Requirements

modules/shared_parameters/org_info/create/main.tf → modules/org_info/create/main.tf

@@ -29,7 +29,7 @@ locals {
 }
 
 module "shared_parameter" {
-  source = "../../../shared_parameter"
+  source = "../../shared_parameter"
 
   parameter_name           = module.naming_conventions.org_info_ssm_parameter_name
   resource_share_name      = module.naming_conventions.org_info_ram_resource_share_name

modules/shared_parameters/org_info/read/README.md → modules/org_info/read/README.md

@@ -4,6 +4,14 @@ This module collects data from SSM parameter and provides it as outputs.
 Commonly you would need this information in the `security-sso` account to manage permissions.
 See outputs for more information.
 
+## Usage
+```hcl
+module "org_info" {
+  source = "../../org_info/read"
+}
+```
+
+
 <!-- BEGIN_TF_DOCS -->
 ## Requirements
 

modules/shared_parameters/org_info/read/main.tf → modules/org_info/read/main.tf

@@ -4,7 +4,7 @@ module "naming_conventions" {
 }
 
 module "org_info" {
-  source = "../../../shared_parameter_data"
+  source = "../../shared_parameter_data"
 
   resource_share_name = module.naming_conventions.org_info_ram_resource_share_name
   resource_owner      = var.resource_owner

modules/shared_parameters/s3_access_logs_replication/create/README.md → modules/s3_access_logs_replication/create/README.md

@@ -3,6 +3,32 @@
 This module creates a SSM parameter that is shared by RAM with enrire aws organization. This parameter contains necessary information to configure S3 access logs replication to `log-archive` account, so that any child account in AWS organization can get inforation necessary to configure S3 access logs replication.
 It's intended to be created in the `log-archive` account, used by account_baseline module.
 
+## Usage
+
+```hcl
+module "s3_access_logs_replication_configuration_shared_parameter_primary" {
+  source = "../../s3_access_logs_replication/create"
+
+  bucket_arn = module.s3_server_access_logs_lake_primary.s3_bucket_arn
+
+  tags = module.tags.result
+}
+
+module "s3_access_logs_replication_configuration_shared_parameter_secondary" {
+  source = "../../s3_access_logs_replication/create"
+
+  bucket_arn = module.s3_server_access_logs_lake_secondary.s3_bucket_arn
+
+  tags = module.tags.result
+
+  providers = {
+    aws = aws.secondary
+  }
+}
+```
+
+
+
 <!-- BEGIN_TF_DOCS -->
 ## Requirements
 

modules/shared_parameters/s3_access_logs_replication/create/main.tf → modules/s3_access_logs_replication/create/main.tf

@@ -24,7 +24,7 @@ variable "tags" {
 }
 
 module "shared_parameter" {
-  source = "../../../shared_parameter"
+  source = "../../shared_parameter"
 
   parameter_name        = module.naming_conventions.s3_access_logs_replication_configuration_ssm_parameter_name
   resource_share_name   = module.naming_conventions.s3_access_logs_replication_configuration_resource_share_name

modules/shared_parameters/s3_access_logs_replication/read/README.md → modules/s3_access_logs_replication/read/README.md

@@ -4,6 +4,30 @@ This module collects data from the s3_access_logs_replication SSM parameter and
 You would need this information in any account from which you want to replicate access logs to `log-archive` account.
 See outputs for more information.
 
+## Usage
+```hcl
+
+module "s3_access_logs_replication_configuration_primary" {
+  source = "../shared_parameters/s3_access_logs_replication/read"
+
+  resource_owner = var.config.s3_access_logs_bucket_arn_resource_owner
+  providers = {
+    aws = aws.primary
+  }
+}
+
+module "s3_server_access_logs_lake_delivery_configuration_primary" {
+  source  = "fivexl/s3-server-access-logs-lake/aws//modules/delivery_configuration"
+  version = "0.0.1"
+  source_bucket_arn      = "arn:aws:s3:::${module.naming_conventions_primary.s3_access_logs_bucket_name}"
+  destination_account_id = module.s3_access_logs_replication_configuration_primary.account_id
+  destination_bucket_arn = module.s3_access_logs_replication_configuration_primary.bucket_arn
+
+  tags = var.config.tags
+  providers              = { aws = aws.primary }
+}
+```
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 
@@ -20,8 +44,8 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | ../../../naming_conventions | n/a |
-| <a name="module_shared_parameter_data"></a> [shared\_parameter\_data](#module\_shared\_parameter\_data) | ../../../shared_parameter_data | n/a |
+| <a name="module_naming_conventions"></a> [naming\_conventions](#module\_naming\_conventions) | fivexl/naming-convetions/aws | 0.0.1 |
+| <a name="module_shared_parameter_data"></a> [shared\_parameter\_data](#module\_shared\_parameter\_data) | ../../shared_parameter_data | n/a |
 
 ## Resources
 

modules/shared_parameters/s3_access_logs_replication/read/main.tf → modules/s3_access_logs_replication/read/main.tf

@@ -4,7 +4,7 @@ module "naming_conventions" {
 }
 
 module "shared_parameter_data" {
-  source = "../../../shared_parameter_data"
+  source = "../../shared_parameter_data"
 
   resource_share_name = module.naming_conventions.s3_access_logs_replication_configuration_resource_share_name
   resource_owner      = var.resource_owner

modules/shared_parameters/shared_kms_key_arn/read/README.md → modules/shared_kms_key_arn/read/README.md

@@ -5,6 +5,15 @@ This module outputs the ARN of the `alias/shared` KMS key. This key is created i
 ## Usage
 This module is intended to be used in child organization accounts, to get the ARN of the shared KMS key to encrypt shared across the organization resources.
 
+```hcl
+module "shared_kms_key_arn" {
+  source = "../../shared_kms_key_arn/read"
+}
+
+locals {
+  parameter_key_id      = module.shared_kms_key_arn.value
+}
+```
 
 <!-- BEGIN_TF_DOCS -->
 ## Requirements

modules/shared_parameters/shared_kms_key_arn/read/main.tf → modules/shared_kms_key_arn/read/main.tf

@@ -4,7 +4,7 @@ module "naming_conventions" {
 }
 
 module "kms_key_arn" {
-  source = "../../../shared_parameter_data"
+  source = "../../shared_parameter_data"
 
   resource_share_name = module.naming_conventions.shared_kms_key_resource_share_name
   resource_owner      = var.resource_owner