cloudposse
diff --git a/‎examples/snippets/stacks/workflows/README.md
Lines changed: 69 additions & 0 deletions b/‎examples/snippets/stacks/workflows/README.md
Lines changed: 69 additions & 0 deletions
diff --git a/‎examples/snippets/stacks/workflows/accounts.yaml
Lines changed: 36 additions & 0 deletions b/‎examples/snippets/stacks/workflows/accounts.yaml
Lines changed: 36 additions & 0 deletions
diff --git a/‎examples/snippets/stacks/workflows/addons.yaml
Lines changed: 127 additions & 0 deletions b/‎examples/snippets/stacks/workflows/addons.yaml
Lines changed: 127 additions & 0 deletions
diff --git a/‎examples/snippets/stacks/workflows/alerting.yaml
Lines changed: 46 additions & 0 deletions b/‎examples/snippets/stacks/workflows/alerting.yaml
Lines changed: 46 additions & 0 deletions
diff --git a/‎examples/snippets/stacks/workflows/app-on-ecs.yaml
Lines changed: 22 additions & 0 deletions b/‎examples/snippets/stacks/workflows/app-on-ecs.yaml
Lines changed: 22 additions & 0 deletions
@@ -0,0 +1,69 @@
+# Atmos Workflows
+
+ Atmos Workflows are used to automate deployment or destructions steps within the context of Atmos. Workflows
+combine multiple commands into one executable unit of work.
+
+## Usage
+
+Run any Workflow from the root of the directory by calling `atmos workflow -f filename`. Some workflow require a stack
+parameter, whereas others have the stack predetermined. Add a stack (where applicable) with `-s stack-name`
+
+## Naming Convention
+
+Workflow Jobs can have any name, but in order to maintain consistency, we have chosen to follow a pattern similar to
+Terraform commands.
+
+**Note**: Not all Workflows include each of these commands. These are guidelines for naming any Workflow job.
+
+### `vendor`
+
+Use `vendor` to pull all the latest components for a given layer.
+
+Example
+
+```
+atmos workflow vendor -f baseline
+```
+
+### `init`
+
+Use `atmos workflow init -f {{ filename }}` to run any commands required before deployment.
+
+Example
+
+```
+atmos workflow init -f spacelift
+```
+
+### `deploy`
+
+Use `atmos workflow deploy -f {{ filename }}` to deploy all components for a given layer.
+
+```
+atmos workflow deploy -f baseline
+```
+
+Use `atmos workflow deploy/{{ component or group name }} -f {{ filename }}` to deploy a specific component or group of
+components
+
+```
+atmos workflow deploy/vpc -f network
+atmos workflow deploy/tgw -f network
+```
+
+### `all`
+
+Use `atmos workflow all -f {{ filename }}` to run all steps together. This will execute all included jobs in the given
+Workflow in order.
+
+For example,
+
+```
+atmos workflow all -f spacelift
+```
+
+
+
+## References
+
+- [Atmos Workflows](https://atmos.tools/core-concepts/workflows/)
@@ -0,0 +1,36 @@
+workflows:
+  all:
+    description: run all workflows
+    steps:
+      - command: workflow deploy/accounts -f accounts
+      - command: workflow deploy/account-settings -f accounts
+
+  deploy/organization:
+    description: | 
+      Deploy the AWS Organization. This is required before finishing the root account requirements.
+    steps:
+      - command: terraform deploy account -target=aws_organizations_organization.this[0] -s core-gbl-root
+      - command: aws ram enable-sharing-with-aws-organization
+        type: shell
+
+  deploy/accounts:
+    description: Deploys all AWS Organization accounts
+    steps:
+      - command: terraform apply account -s core-gbl-root
+      - command: terraform deploy account-map -s core-gbl-root
+
+  deploy/account-settings:
+    description: Apply AWS Account settings for best practices.
+    steps:
+      - command: terraform deploy account-settings -s core-gbl-artifacts
+      - command: terraform deploy account-settings -s core-gbl-audit
+      - command: terraform deploy account-settings -s core-gbl-auto
+      - command: terraform deploy account-settings -s core-gbl-dns
+      - command: terraform deploy account-settings -s core-gbl-identity
+      - command: terraform deploy account-settings -s core-gbl-network
+      - command: terraform deploy account-settings -s core-gbl-root
+      - command: terraform deploy account-settings -s core-gbl-security
+      - command: terraform deploy account-settings -s plat-gbl-dev
+      - command: terraform deploy account-settings -s plat-gbl-prod
+      - command: terraform deploy account-settings -s plat-gbl-sandbox
+      - command: terraform deploy account-settings -s plat-gbl-staging
@@ -0,0 +1,127 @@
+workflows:
+  all:
+    description: run all workflows
+    steps:
+      - command: workflow vendor -f addons
+      - command: workflow deploy/all -f addons
+
+  vendor:
+    description: Vendor addon components.
+    steps:
+      - command: workflow vendor -f addons/alb
+      - command: workflow vendor -f addons/cognito
+      - command: workflow vendor -f addons/kms
+      - command: workflow vendor -f addons/lambda
+      - command: workflow vendor -f addons/s3-bucket
+      - command: workflow vendor -f addons/sns-topic
+      - command: workflow vendor -f addons/sqs-queue
+      - command: workflow vendor -f addons/ssm-parameters
+      - command: workflow vendor -f addons/waf
+      - command: workflow vendor -f addons/api-gateway
+      - command: workflow vendor -f addons/kinesis-stream
+      - command: workflow vendor -f addons/ses
+      - command: workflow vendor -f addons/spa-s3-cloudfront
+      - command: workflow vendor -f addons/ec2-instance
+
+  deploy/all:
+    description: run all deploy workflows
+    steps:
+      - command: workflow deploy/alb -f addons
+      - command: workflow deploy/cognito -f addons
+      - command: workflow deploy/kms -f addons
+      - command: workflow deploy/lambda -f addons
+      - command: workflow deploy/s3-bucket -f addons
+      - command: workflow deploy/sns-topic -f addons
+      - command: workflow deploy/sqs-queue -f addons
+      - command: workflow deploy/ssm-parameters -f addons
+      - command: workflow deploy/waf -f addons
+      - command: workflow deploy/api-gateway -f addons
+      - command: workflow deploy/kinesis-stream -f addons
+      - command: workflow deploy/ses -f addons
+      - command: workflow deploy/spa-s3-cloudfront -f addons
+      - command: workflow deploy/ec2-instance -f addons
+    
+  deploy/alb:
+    description: >-
+      Deploy Alb Component.
+      Please modify the stacks/workflows/addons/alb.yaml to customize
+    steps:
+      - command: workflow all -f addons/alb
+  deploy/cognito:
+    description: >-
+      Deploy Cognito Component.
+      Please modify the stacks/workflows/addons/cognito.yaml to customize
+    steps:
+      - command: workflow all -f addons/cognito
+  deploy/kms:
+    description: >-
+      Deploy Kms Component.
+      Please modify the stacks/workflows/addons/kms.yaml to customize
+    steps:
+      - command: workflow all -f addons/kms
+  deploy/lambda:
+    description: >-
+      Deploy Lambda Component.
+      Please modify the stacks/workflows/addons/lambda.yaml to customize
+    steps:
+      - command: workflow all -f addons/lambda
+  deploy/s3-bucket:
+    description: >-
+      Deploy S3-Bucket Component.
+      Please modify the stacks/workflows/addons/s3-bucket.yaml to customize
+    steps:
+      - command: workflow all -f addons/s3-bucket
+  deploy/sns-topic:
+    description: >-
+      Deploy Sns-Topic Component.
+      Please modify the stacks/workflows/addons/sns-topic.yaml to customize
+    steps:
+      - command: workflow all -f addons/sns-topic
+  deploy/sqs-queue:
+    description: >-
+      Deploy Sqs-Queue Component.
+      Please modify the stacks/workflows/addons/sqs-queue.yaml to customize
+    steps:
+      - command: workflow all -f addons/sqs-queue
+  deploy/ssm-parameters:
+    description: >-
+      Deploy Ssm-Parameters Component.
+      Please modify the stacks/workflows/addons/ssm-parameters.yaml to customize
+    steps:
+      - command: workflow all -f addons/ssm-parameters
+  deploy/waf:
+    description: >-
+      Deploy Waf Component.
+      Please modify the stacks/workflows/addons/waf.yaml to customize
+    steps:
+      - command: workflow all -f addons/waf
+  deploy/api-gateway:
+    description: >-
+      Deploy Api-Gateway Component.
+      Please modify the stacks/workflows/addons/api-gateway.yaml to customize
+    steps:
+      - command: workflow all -f addons/api-gateway
+  deploy/kinesis-stream:
+    description: >-
+      Deploy Kinesis-Stream Component.
+      Please modify the stacks/workflows/addons/kinesis-stream.yaml to customize
+    steps:
+      - command: workflow all -f addons/kinesis-stream
+  deploy/ses:
+    description: >-
+      Deploy Ses Component.
+      Please modify the stacks/workflows/addons/ses.yaml to customize
+    steps:
+      - command: workflow all -f addons/ses
+  deploy/spa-s3-cloudfront:
+    description: >-
+      Deploy Spa-S3-Cloudfront Component.
+      Please modify the stacks/workflows/addons/spa-s3-cloudfront.yaml to customize
+    steps:
+      - command: workflow all -f addons/spa-s3-cloudfront
+  deploy/ec2-instance:
+    description: >-
+      Deploy Ec2-Instance Component.
+      Please modify the stacks/workflows/addons/ec2-instance.yaml to customize
+    steps:
+      - command: workflow all -f addons/ec2-instance
@@ -0,0 +1,46 @@
+workflows:
+  all:
+    description: run all workflows
+    steps:
+      - command: workflow init -f alerting
+      - command: workflow vendor -f alerting
+      - command: workflow deploy -f alerting
+
+
+  init:
+    description: Prompt to collect the OpsGenie API Key and write it to AWS SSM
+    steps:
+      - type: shell
+        command: |-
+          if [ $( AWS_PROFILE=acme-core-gbl-auto-admin chamber read opsgenie opsgenie_api_key ) ]; then
+            echo "Found OpsGenie API Key, skipping init..."
+            exit 0
+          fi
+
+          echo "Please enter an OpsGenie API Key"
+          stty -echo
+          read -p "API Key: " -r API_KEY
+          stty echo
+          if [ -z "$API_KEY" ]
+          then
+              echo 'Inputs cannot be blank, please try again!'
+              exit 0
+          fi
+          if ! [[ "$API_KEY" =~ "^[a-zA-Z0-9-]{36}$" ]]
+          then
+              echo "Invalid API Key"
+              echo "HINT: The API key ID is displayed as a lower-case, 36-character alphanumeric value."
+              exit 0
+          fi
+          AWS_PROFILE=acme-core-gbl-auto-admin chamber write opsgenie opsgenie_api_key "$API_KEY"
+
+  vendor:
+    description: vendor dependencies
+    steps:
+      - command: vendor pull --component opsgenie-team
+
+  deploy:
+    description: opsgenie
+    steps:
+      - command: terraform deploy opsgenie-team/app-team-1 -s core-gbl-auto
+      - command: terraform deploy opsgenie-team/sre -s core-gbl-auto
@@ -0,0 +1,22 @@
+workflows:
+  all:
+    steps:
+      - command: workflow verify/github-oidc-providers -f app-on-ecs
+      - command: workflow deploy/app-on-ecs -f app-on-ecs
+
+  verify/github-oidc-providers:
+    description: |
+      This workflow ensures all Github OIDC Provider Configuration deployed.
+    steps:
+      - command: workflow deploy/github-oidc-provider -f github
+
+  deploy/app-on-ecs:
+    description: |
+      This workflow deploys `app-on-ecs` stacks
+    steps:
+      - command: terraform deploy ecs-services/example-app-on-ecs -s plat-use1-sandbox
+      - command: terraform deploy ecs-services/example-app-on-ecs/dev -s plat-use1-dev
+      - command: terraform deploy ecs-services/example-app-on-ecs/qa1 -s plat-use1-dev
+      - command: terraform deploy ecs-services/example-app-on-ecs/qa2 -s plat-use1-dev
+      - command: terraform deploy ecs-services/example-app-on-ecs -s plat-use1-staging
+      - command: terraform deploy ecs-services/example-app-on-ecs -s plat-use1-prod