# Terraform configuration to enable AWS Shield Advanced.

provider "aws" {
  region = "us-east-1"
}

# --- 1. Create Shield Advanced Subscription ---
# Note: AWS Shield Advanced is a paid service. Creating this resource will incur costs.
# This resource might fail if your account is not eligible or if a subscription already exists.
resource "aws_shield_protection" "main" {
  name        = "MyTerraformShieldProtection"
  resource_arn = "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/my-alb/50dc6c495c0c9188" # !!! IMPORTANT: Replace with a valid ARN of a protected resource (e.g., ALB, CloudFront) !!!
}

# --- Outputs ---
output "shield_protection_id" {
  value       = aws_shield_protection.main.id
  description = "The ID of the Shield Advanced protection."
}

output "shield_protection_arn" {
  value       = aws_shield_protection.main.arn
  description = "The ARN of the Shield Advanced protection."
}