aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf
diff options
context:
space:
mode:
Diffstat (limited to 'fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf')
-rw-r--r--fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf690
1 files changed, 690 insertions, 0 deletions
diff --git a/fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf b/fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf
new file mode 100644
index 0000000000..44373ed4de
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-elastic-beanstalk-environment/main.tf
@@ -0,0 +1,690 @@
+locals {
+ tags = {
+ "Name" = "${var.application_name}"
+ "Environment" = "${var.application_name}"
+ }
+
+ # Settings for all loadbalancer types
+ generic_elb_settings = [
+ {
+ namespace = "aws:elasticbeanstalk:environment"
+ name = "LoadBalancerType"
+ value = var.environment_loadbalancer_type
+ }
+ ]
+
+ elb_settings = [
+ {
+ namespace = "aws:ec2:vpc"
+ name = "ELBSubnets"
+ value = join(",", [aws_subnet.subnet_a.id, aws_subnet.subnet_b.id])
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "Port"
+ value = var.environment_process_default_port
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "Protocol"
+ value = var.environment_loadbalancer_type == "network" ? "TCP" : "HTTP"
+ },
+ {
+ namespace = "aws:ec2:vpc"
+ name = "ELBScheme"
+ value = var.environment_type == "LoadBalanced" ? var.elb_scheme : ""
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "HealthCheckInterval"
+ value = var.environment_process_default_healthcheck_interval
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "HealthyThresholdCount"
+ value = var.environment_process_default_healthy_threshold_count
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "UnhealthyThresholdCount"
+ value = var.environment_process_default_unhealthy_threshold_count
+ }
+ ]
+
+ generic_alb_settings = [
+ {
+ namespace = "aws:elbv2:loadbalancer"
+ name = "SecurityGroups"
+ value = join(",", sort(var.environment_loadbalancer_security_groups))
+ }
+ ]
+
+ alb_settings = [
+ {
+ namespace = "aws:elbv2:listener:default"
+ name = "ListenerEnabled"
+ value = var.default_listener_enabled || var.environment_loadbalancer_ssl_certificate_id == "" ? "true" : "false"
+ },
+ {
+ namespace = "aws:elbv2:loadbalancer"
+ name = "ManagedSecurityGroup"
+ value = var.environment_loadbalancer_managed_security_group
+ },
+ {
+ namespace = "aws:elbv2:listener:443"
+ name = "ListenerEnabled"
+ value = var.environment_loadbalancer_ssl_certificate_id == "" ? "false" : "true"
+ },
+ {
+ namespace = "aws:elbv2:listener:443"
+ name = "Protocol"
+ value = "HTTPS"
+ },
+ {
+ namespace = "aws:elbv2:listener:443"
+ name = "SSLCertificateArns"
+ value = var.environment_loadbalancer_ssl_certificate_id
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "HealthCheckPath"
+ value = var.application_healthcheck_url
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "MatcherHTTPCode"
+ value = join(",", sort(var.default_matcher_http_code))
+ },
+ {
+ namespace = "aws:elasticbeanstalk:environment:process:default"
+ name = "HealthCheckTimeout"
+ value = var.default_health_check_timeout
+ }
+ ]
+
+ nlb_settings = [
+ {
+ namespace = "aws:elbv2:listener:default"
+ name = "ListenerEnabled"
+ value = var.default_listener_enabled
+ }
+ ]
+
+ settings_nlb = var.environment_loadbalancer_type == "network" ? concat(local.nlb_settings, local.generic_elb_settings, local.elb_settings) : []
+ settings_alb = var.environment_loadbalancer_type == "application" ? concat(local.generic_alb_settings, local.alb_settings, local.generic_elb_settings, local.elb_settings) : []
+
+ # Full set of LoadBlanacer settings.
+ elb = var.environment_tier == "WebServer" ? concat(local.settings_nlb, local.settings_alb) : []
+}
+
+# Create elastic beanstalk VPC
+resource "aws_vpc" "vpc" {
+ assign_generated_ipv6_cidr_block = true
+ cidr_block = var.vpc_cidr_block
+ enable_dns_hostnames = var.vpc_enable_dns_hostnames
+ enable_dns_support = var.vpc_enable_dns_support
+ instance_tenancy = var.vpc_instance_tenancy
+ tags = local.tags
+}
+
+# Create elastic beanstalk Subnets
+resource "aws_subnet" "subnet_a" {
+ depends_on = [
+ aws_vpc.vpc
+ ]
+ availability_zone = var.subnet_a_availability_zone
+ assign_ipv6_address_on_creation = true
+ cidr_block = var.subnet_a_cidr_block
+ ipv6_cidr_block = cidrsubnet(aws_vpc.vpc.ipv6_cidr_block, 8, 1)
+ map_public_ip_on_launch = true
+ vpc_id = aws_vpc.vpc.id
+ tags = local.tags
+}
+
+resource "aws_subnet" "subnet_b" {
+ depends_on = [
+ aws_vpc.vpc
+ ]
+ availability_zone = var.subnet_b_availability_zone
+ assign_ipv6_address_on_creation = true
+ cidr_block = var.subnet_b_cidr_block
+ ipv6_cidr_block = cidrsubnet(aws_vpc.vpc.ipv6_cidr_block, 8, 2)
+ map_public_ip_on_launch = true
+ vpc_id = aws_vpc.vpc.id
+ tags = local.tags
+}
+
+resource "aws_internet_gateway" "internet_gateway" {
+ depends_on = [
+ aws_vpc.vpc
+ ]
+ vpc_id = aws_vpc.vpc.id
+ tags = local.tags
+}
+
+resource "aws_route" "route" {
+ depends_on = [
+ aws_vpc.vpc,
+ aws_internet_gateway.internet_gateway
+ ]
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.internet_gateway.id
+ route_table_id = aws_vpc.vpc.main_route_table_id
+}
+
+# Create elastic beanstalk IAM mapping
+data "aws_iam_policy_document" "service" {
+ statement {
+ actions = [
+ "sts:AssumeRole"
+ ]
+ principals {
+ type = "Service"
+ identifiers = ["elasticbeanstalk.amazonaws.com"]
+ }
+ effect = "Allow"
+ }
+}
+
+resource "aws_iam_role" "service" {
+ assume_role_policy = data.aws_iam_policy_document.service.json
+ name = "${var.application_name}-eb-service"
+}
+
+resource "aws_iam_role_policy_attachment" "enhanced_health" {
+ policy_arn = "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth"
+ role = aws_iam_role.service.name
+}
+
+resource "aws_iam_role_policy_attachment" "service" {
+ policy_arn = "arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService"
+ role = aws_iam_role.service.name
+}
+
+data "aws_iam_policy_document" "ec2" {
+ statement {
+ actions = [
+ "sts:AssumeRole"
+ ]
+ principals {
+ type = "Service"
+ identifiers = ["ec2.amazonaws.com"]
+ }
+ effect = "Allow"
+ }
+ statement {
+ actions = [
+ "sts:AssumeRole",
+ ]
+ principals {
+ type = "Service"
+ identifiers = ["ssm.amazonaws.com"]
+ }
+ effect = "Allow"
+ }
+}
+
+resource "aws_iam_role" "ec2" {
+ assume_role_policy = data.aws_iam_policy_document.ec2.json
+ name = "${var.application_name}-eb-ec2"
+}
+
+resource "aws_iam_instance_profile" "ec2_iam_instance_profile" {
+ name = "${var.application_name}-iam-instance-profile"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "multicontainer_docker" {
+ policy_arn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "web_tier" {
+ policy_arn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "worker_tier" {
+ policy_arn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "ssm_automation" {
+ policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "ssm_ec2" {
+ policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_iam_role_policy_attachment" "ecr_readonly" {
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
+ role = aws_iam_role.ec2.name
+}
+
+resource "aws_ssm_activation" "ec2" {
+ depends_on = [
+ aws_iam_role.ec2,
+ aws_iam_role_policy_attachment.ssm_ec2
+ ]
+ name = "${var.application_name}-ec2-activation"
+ iam_role = aws_iam_role.ec2.id
+ registration_limit = 3
+}
+
+data "aws_iam_policy_document" "default" {
+ statement {
+ actions = [
+ "elasticloadbalancing:DescribeInstanceHealth",
+ "elasticloadbalancing:DescribeLoadBalancers",
+ "elasticloadbalancing:DescribeTargetHealth",
+ "ec2:DescribeInstances",
+ "ec2:DescribeInstanceStatus",
+ "ec2:GetConsoleOutput",
+ "ec2:AssociateAddress",
+ "ec2:DescribeAddresses",
+ "ec2:DescribeSecurityGroups",
+ "sqs:GetQueueAttributes",
+ "sqs:GetQueueUrl",
+ "autoscaling:DescribeAutoScalingGroups",
+ "autoscaling:DescribeAutoScalingInstances",
+ "autoscaling:DescribeScalingActivities",
+ "autoscaling:DescribeNotificationConfigurations",
+ ]
+ resources = ["*"]
+ effect = "Allow"
+ }
+
+ statement {
+ sid = "AllowOperations"
+ actions = [
+ "autoscaling:AttachInstances",
+ "autoscaling:CreateAutoScalingGroup",
+ "autoscaling:CreateLaunchConfiguration",
+ "autoscaling:DeleteLaunchConfiguration",
+ "autoscaling:DeleteAutoScalingGroup",
+ "autoscaling:DeleteScheduledAction",
+ "autoscaling:DescribeAccountLimits",
+ "autoscaling:DescribeAutoScalingGroups",
+ "autoscaling:DescribeAutoScalingInstances",
+ "autoscaling:DescribeLaunchConfigurations",
+ "autoscaling:DescribeLoadBalancers",
+ "autoscaling:DescribeNotificationConfigurations",
+ "autoscaling:DescribeScalingActivities",
+ "autoscaling:DescribeScheduledActions",
+ "autoscaling:DetachInstances",
+ "autoscaling:PutScheduledUpdateGroupAction",
+ "autoscaling:ResumeProcesses",
+ "autoscaling:SetDesiredCapacity",
+ "autoscaling:SetInstanceProtection",
+ "autoscaling:SuspendProcesses",
+ "autoscaling:TerminateInstanceInAutoScalingGroup",
+ "autoscaling:UpdateAutoScalingGroup",
+ "cloudwatch:PutMetricAlarm",
+ "ec2:AssociateAddress",
+ "ec2:AllocateAddress",
+ "ec2:AuthorizeSecurityGroupEgress",
+ "ec2:AuthorizeSecurityGroupIngress",
+ "ec2:CreateSecurityGroup",
+ "ec2:DeleteSecurityGroup",
+ "ec2:DescribeAccountAttributes",
+ "ec2:DescribeAddresses",
+ "ec2:DescribeImages",
+ "ec2:DescribeInstances",
+ "ec2:DescribeKeyPairs",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeSnapshots",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeVpcs",
+ "ec2:DisassociateAddress",
+ "ec2:ReleaseAddress",
+ "ec2:RevokeSecurityGroupEgress",
+ "ec2:RevokeSecurityGroupIngress",
+ "ec2:TerminateInstances",
+ "ecs:CreateCluster",
+ "ecs:DeleteCluster",
+ "ecs:DescribeClusters",
+ "ecs:RegisterTaskDefinition",
+ "elasticbeanstalk:*",
+ "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
+ "elasticloadbalancing:ConfigureHealthCheck",
+ "elasticloadbalancing:CreateLoadBalancer",
+ "elasticloadbalancing:DeleteLoadBalancer",
+ "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+ "elasticloadbalancing:DescribeInstanceHealth",
+ "elasticloadbalancing:DescribeLoadBalancers",
+ "elasticloadbalancing:DescribeTargetHealth",
+ "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
+ "elasticloadbalancing:DescribeTargetGroups",
+ "elasticloadbalancing:RegisterTargets",
+ "elasticloadbalancing:DeregisterTargets",
+ "iam:ListRoles",
+ "iam:PassRole",
+ "logs:CreateLogGroup",
+ "logs:PutRetentionPolicy",
+ "rds:DescribeDBEngineVersions",
+ "rds:DescribeDBInstances",
+ "rds:DescribeOrderableDBInstanceOptions",
+ "s3:GetObject",
+ "s3:GetObjectAcl",
+ "s3:ListBucket",
+ "sns:CreateTopic",
+ "sns:GetTopicAttributes",
+ "sns:ListSubscriptionsByTopic",
+ "sns:Subscribe",
+ "sqs:GetQueueAttributes",
+ "sqs:GetQueueUrl",
+ "codebuild:CreateProject",
+ "codebuild:DeleteProject",
+ "codebuild:BatchGetBuilds",
+ "codebuild:StartBuild",
+ ]
+ resources = ["*"]
+ effect = "Allow"
+ }
+
+ statement {
+ sid = "AllowS3OperationsOnElasticBeanstalkBuckets"
+ actions = [
+ "s3:*"
+ ]
+ resources = [
+ "arn:aws:s3:::*"
+ ]
+ effect = "Allow"
+ }
+
+ statement {
+ sid = "AllowDeleteCloudwatchLogGroups"
+ actions = [
+ "logs:DeleteLogGroup"
+ ]
+ resources = [
+ "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*"
+ ]
+ effect = "Allow"
+ }
+
+ statement {
+ sid = "AllowCloudformationOperationsOnElasticBeanstalkStacks"
+ actions = [
+ "cloudformation:*"
+ ]
+ resources = [
+ "arn:aws:cloudformation:*:*:stack/awseb-*",
+ "arn:aws:cloudformation:*:*:stack/eb-*"
+ ]
+ effect = "Allow"
+ }
+}
+
+resource "aws_iam_role_policy" "default" {
+ depends_on = [
+ aws_iam_role.ec2
+ ]
+ name = "${var.application_name}-eb-default"
+ policy = data.aws_iam_policy_document.default.json
+ role = aws_iam_role.ec2.id
+}
+
+# Create elastic beanstalk Environment
+resource "aws_elastic_beanstalk_environment" "environment" {
+ depends_on = [
+ aws_vpc.vpc,
+ aws_subnet.subnet_a,
+ aws_subnet.subnet_b,
+ aws_ssm_activation.ec2
+ ]
+ application = var.environment_application
+ description = var.environment_description
+ name = var.environment_name
+ solution_stack_name = var.environment_solution_stack_name
+ tier = var.environment_tier
+ wait_for_ready_timeout = var.environment_wait_for_ready_timeout
+ version_label = var.environment_version_label
+ tags = local.tags
+
+ # aws:ec2:instances
+ setting {
+ namespace = "aws:ec2:instances"
+ name = "InstanceTypes"
+ value = var.instances_instance_types
+ }
+
+ # aws:ec2:vpc
+ setting {
+ namespace = "aws:ec2:vpc"
+ name = "VPCId"
+ value = aws_vpc.vpc.id
+ }
+
+ setting {
+ namespace = "aws:ec2:vpc"
+ name = "Subnets"
+ value = join(",", [aws_subnet.subnet_a.id, aws_subnet.subnet_b.id])
+ }
+
+ setting {
+ namespace = "aws:ec2:vpc"
+ name = "AssociatePublicIpAddress"
+ value = var.associate_public_ip_address
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:environment"
+ name = "ServiceRole"
+ value = aws_iam_role.service.name
+ }
+
+ # aws:autoscaling:launchconfiguration
+ setting {
+ namespace = "aws:autoscaling:launchconfiguration"
+ name = "IamInstanceProfile"
+ value = aws_iam_instance_profile.ec2_iam_instance_profile.name
+ }
+
+ setting {
+ namespace = "aws:autoscaling:launchconfiguration"
+ name = "DisableIMDSv1"
+ value = true
+ }
+
+ dynamic "setting" {
+ for_each = local.elb
+ content {
+ namespace = setting.value["namespace"]
+ name = setting.value["name"]
+ value = setting.value["value"]
+ }
+ }
+
+ # aws:autoscaling:updatepolicy:rollingupdate
+ setting {
+ namespace = "aws:autoscaling:updatepolicy:rollingupdate"
+ name = "RollingUpdateEnabled"
+ value = var.autoscaling_updatepolicy_rolling_update_enabled
+ }
+
+ setting {
+ namespace = "aws:autoscaling:updatepolicy:rollingupdate"
+ name = "RollingUpdateType"
+ value = var.autoscaling_updatepolicy_rolling_update_type
+ }
+
+ setting {
+ namespace = "aws:autoscaling:updatepolicy:rollingupdate"
+ name = "MinInstancesInService"
+ value = var.autoscaling_updatepolicy_min_instance_in_service
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:application"
+ name = "Application Healthcheck URL"
+ value = var.application_healthcheck_url
+ }
+
+ # aws:elasticbeanstalk:command
+ setting {
+ namespace = "aws:elasticbeanstalk:command"
+ name = "DeploymentPolicy"
+ value = var.command_deployment_policy
+ }
+
+ # aws:autoscaling:updatepolicy:rollingupdate
+ setting {
+ namespace = "aws:autoscaling:updatepolicy:rollingupdate"
+ name = "MaxBatchSize"
+ value = var.updatepolicy_max_batch_size
+ }
+
+ # aws:elasticbeanstalk:healthreporting:system
+ setting {
+ namespace = "aws:elasticbeanstalk:healthreporting:system"
+ name = "SystemType"
+ value = var.healthreporting_system_type
+ }
+
+ # aws:elasticbeanstalk:managedactions
+ setting {
+ namespace = "aws:elasticbeanstalk:managedactions"
+ name = "ManagedActionsEnabled"
+ value = var.managedactions_managed_actions_enabled ? "true" : "false"
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:managedactions"
+ name = "PreferredStartTime"
+ value = var.managedactions_preferred_start_time
+ }
+
+ # aws:elasticbeanstalk:managedactions:platformupdate
+ setting {
+ namespace = "aws:elasticbeanstalk:managedactions:platformupdate"
+ name = "UpdateLevel"
+ value = var.managedactions_platformupdate_update_level
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:managedactions:platformupdate"
+ name = "InstanceRefreshEnabled"
+ value = var.managedactions_platformupdate_instance_refresh_enabled
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:command"
+ name = "IgnoreHealthCheck"
+ value = var.command_ignore_health_check
+ }
+
+ # aws:autoscaling:asg
+ setting {
+ namespace = "aws:autoscaling:asg"
+ name = "MinSize"
+ value = var.autoscaling_asg_minsize
+ }
+ setting {
+ namespace = "aws:autoscaling:asg"
+ name = "MaxSize"
+ value = var.autoscaling_asg_maxsize
+ }
+
+ # aws:autoscaling:trigger
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "MeasureName"
+ value = var.autoscaling_trigger_measure_name
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "Statistic"
+ value = var.autoscaling_trigger_statistic
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "Unit"
+ value = var.autoscaling_trigger_unit
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "LowerThreshold"
+ value = var.autoscaling_trigger_lower_threshold
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "LowerBreachScaleIncrement"
+ value = var.autoscaling_trigger_lower_breach_scale_increment
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "UpperThreshold"
+ value = var.autoscaling_trigger_upper_threshold
+ }
+
+ setting {
+ namespace = "aws:autoscaling:trigger"
+ name = "UpperBreachScaleIncrement"
+ value = var.autoscaling_trigger_upper_breach_scale_increment
+ }
+
+ # aws:elasticbeanstalk:hostmanager
+ setting {
+ namespace = "aws:elasticbeanstalk:hostmanager"
+ name = "LogPublicationControl"
+ value = var.hostmanager_log_publication_control ? "true" : "false"
+ }
+
+ # aws:elasticbeanstalk:cloudwatch:logs
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs"
+ name = "StreamLogs"
+ value = var.cloudwatch_logs_stream_logs ? "true" : "false"
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs"
+ name = "DeleteOnTerminate"
+ value = var.cloudwatch_logs_delete_on_terminate ? "true" : "false"
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs"
+ name = "RetentionInDays"
+ value = var.cloudwatch_logs_retention_in_days
+ }
+
+ # aws:elasticbeanstalk:cloudwatch:logs:health
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs:health"
+ name = "HealthStreamingEnabled"
+ value = var.cloudwatch_logs_health_health_streaming_enabled ? "true" : "false"
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs:health"
+ name = "DeleteOnTerminate"
+ value = var.cloudwatch_logs_health_delete_on_terminate ? "true" : "false"
+ }
+
+ setting {
+ namespace = "aws:elasticbeanstalk:cloudwatch:logs:health"
+ name = "RetentionInDays"
+ value = var.cloudwatch_logs_health_retention_in_days
+ }
+
+ # aws:elasticbeanstalk:application:environment
+ dynamic "setting" {
+ for_each = var.environment_variables
+ content {
+ namespace = "aws:elasticbeanstalk:application:environment"
+ name = setting.key
+ value = setting.value
+ }
+ }
+}