-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
555aebc
commit 04875cd
Showing
17 changed files
with
1,009 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,7 @@ | ||
| # terraform-modules | ||
| A collection of terraform modules to standardize network creation and common interactions in aws | ||
|
|
||
| - aws | ||
| - network | ||
| - rds | ||
| - redis |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| provider "aws" { | ||
| region = "us-west-2" | ||
| } | ||
|
|
||
| module "network" { | ||
| source = "../.." | ||
|
|
||
| az_zones = data.aws_availability_zones.current.names | ||
| region = "us-west-2" | ||
| vpc_sub = "10.66" | ||
|
|
||
| name = "test-vpc" | ||
| deployment_env = "test-vpc" | ||
|
|
||
| extra_private_routes = [] | ||
| extra_public_routes = [] | ||
| } | ||
|
|
||
| data "aws_availability_zones" "current" { | ||
| state = "available" | ||
| } | ||
|
|
||
| data "aws_caller_identity" "current" {} | ||
|
|
||
| output "public_routes" { | ||
| value = [ | ||
| for index, route in flatten(module.network.public_route_tables.*.route) : | ||
| "${try(route.gateway_id, route.vpc_peering_connection_id)}/${route.cidr_block}" | ||
| ] | ||
| } | ||
|
|
||
| output "public_routes_v2" { | ||
| value = [ | ||
| for route in module.network.public_routes_v2 : | ||
| "${try(route.gateway_id, route.vpc_peering_connection_id)}/${route.destination_cidr_block}" | ||
| ] | ||
| } | ||
|
|
||
|
|
||
| output "private_routes" { | ||
| value = [ | ||
| for index, route in flatten(module.network.private_route_tables.*.route) : | ||
| "${try(route.nat_gateway_id, route.vpc_peering_connection_id)}/${route.cidr_block}" | ||
| ] | ||
| } | ||
|
|
||
| output "private_routes_v2" { | ||
| value = [ | ||
| for route in module.network.private_routes_v2 : | ||
| "${try(route.nat_gateway_id, route.vpc_peering_connection_id)}/${route.destination_cidr_block}" | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,176 @@ | ||
| terraform { | ||
| required_version = ">= 1.0.0" | ||
| } | ||
|
|
||
| resource "aws_vpc" "default" { | ||
| cidr_block = format("%s.0.0/16", var.vpc_sub) | ||
| enable_dns_hostnames = true | ||
| tags = { | ||
| Name = "${var.name}-vpc" | ||
| Description = "VPC for ${var.name}" | ||
| } | ||
| } | ||
|
|
||
| /* Public Subnet */ | ||
| resource "aws_subnet" "public" { | ||
| count = length(var.az_zones) | ||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| cidr_block = cidrsubnet(format("%s.0.0/21", var.vpc_sub), ceil(log(length(var.az_zones), 2)), count.index) | ||
| availability_zone = var.az_zones[count.index] | ||
|
|
||
| tags = merge( | ||
| var.public_subnet_tags, | ||
| { | ||
| Name = "${var.name}-Public-${var.az_zones[count.index]}-subnet" | ||
| Description = "Public Subnet for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| ) | ||
| } | ||
|
|
||
| /* Private Subnet */ | ||
| resource "aws_subnet" "private" { | ||
| count = length(var.az_zones) | ||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| cidr_block = cidrsubnet(format("%s.100.0/20", var.vpc_sub), ceil(log(length(var.az_zones), 2)), count.index) | ||
| availability_zone = var.az_zones[count.index] | ||
|
|
||
| tags = merge( | ||
| var.private_subnet_tags, | ||
| { | ||
| Name = "${var.name}-Private-${var.az_zones[count.index]}-subnet" | ||
| Description = "Private Subnet for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| ) | ||
| } | ||
|
|
||
| /* Gateways Nat and Internet */ | ||
| resource "aws_eip" "nat" { | ||
| count = length(var.az_zones) | ||
| vpc = true | ||
| tags = { | ||
| Name = "${var.name}-${var.az_zones[count.index]}-eip" | ||
| Description = "Internet Gateway for NAT Gateway" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| } | ||
| resource "aws_nat_gateway" "default" { | ||
| count = length(var.az_zones) | ||
| allocation_id = element(aws_eip.nat.*.id, count.index) | ||
| subnet_id = element(aws_subnet.public.*.id, count.index) | ||
| depends_on = [aws_subnet.public] | ||
|
|
||
| tags = { | ||
| Name = "${var.name}-${var.az_zones[count.index]}-natgw" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| } | ||
| resource "aws_internet_gateway" "default" { | ||
| vpc_id = aws_vpc.default.id | ||
| tags = { | ||
| Name = "${var.name}-internetgw" | ||
| Description = "Internet Gateway for Public Subnets for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| } | ||
| /* route tables */ | ||
| resource "aws_route_table" "private" { | ||
| count = !var.remove_all_private_route_tables_v1 ? length(var.az_zones) : 0 | ||
|
|
||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| route { | ||
| cidr_block = "0.0.0.0/0" | ||
| nat_gateway_id = element(aws_nat_gateway.default.*.id, count.index) | ||
| } | ||
|
|
||
| dynamic "route" { | ||
| for_each = concat( | ||
| var.extra_private_routes, | ||
| try(var.extra_private_routes_per_az[var.az_zones[count.index]], []) | ||
| ) | ||
|
|
||
| content { | ||
| cidr_block = route.value["cidr_block"] | ||
| vpc_peering_connection_id = route.value["vpc_peering_connection_id"] | ||
| network_interface_id = route.value["network_interface_id"] | ||
| } | ||
| } | ||
|
|
||
| tags = { | ||
| Name = "${var.name}-Private-${var.az_zones[count.index]}-routetable" | ||
| Description = "Route table Target to Nat Gateway for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| depends_on = [aws_nat_gateway.default] | ||
| } | ||
| resource "aws_route_table" "public" { | ||
| count = !var.remove_all_public_route_tables_v1 ? length(var.az_zones) : 0 | ||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| route { | ||
| cidr_block = "0.0.0.0/0" | ||
| gateway_id = aws_internet_gateway.default.id | ||
| } | ||
|
|
||
| dynamic "route" { | ||
| for_each = var.extra_public_routes | ||
|
|
||
| content { | ||
| cidr_block = route.value["cidr_block"] | ||
| vpc_peering_connection_id = route.value["vpc_peering_connection_id"] | ||
| network_interface_id = route.value["network_interface_id"] | ||
| } | ||
| } | ||
|
|
||
| tags = { | ||
| Name = "${var.name}-Public-${var.az_zones[count.index]}-routetable" | ||
| Description = "Route table Target to Internet Gateway for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
| depends_on = [aws_internet_gateway.default] | ||
| } | ||
| /* Subnets Assciation for Public and Private */ | ||
| resource "aws_route_table_association" "private" { | ||
| count = length(var.az_zones) | ||
|
|
||
| subnet_id = aws_subnet.private[count.index].id | ||
|
|
||
| route_table_id = ( | ||
| count.index < var.associate_private_route_table_v2 | ||
| ? aws_route_table.private_v2[count.index].id | ||
| : aws_route_table.private[count.index].id | ||
| ) | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private, | ||
| aws_route_table.private, | ||
| ] | ||
| } | ||
|
|
||
| resource "aws_route_table_association" "public" { | ||
| count = length(var.az_zones) | ||
|
|
||
| subnet_id = aws_subnet.public[count.index].id | ||
|
|
||
| route_table_id = ( | ||
| count.index < var.associate_public_route_table_v2 | ||
| ? aws_route_table.public_v2[count.index].id | ||
| : aws_route_table.public[count.index].id | ||
| ) | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.public, | ||
| aws_route_table.public, | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| output "private_subnets" { | ||
| description = "List of IDs of private subnets" | ||
| value = aws_subnet.private.*.id | ||
| } | ||
|
|
||
| output "public_subnets" { | ||
| description = "List of IDs of public subnets" | ||
| value = aws_subnet.public.*.id | ||
| } | ||
|
|
||
| output "private_route_tables" { | ||
| description = "List of private route tables" | ||
| value = aws_route_table.private | ||
| } | ||
|
|
||
| output "private_route_tables_v2" { | ||
| description = "List of private route tables v2" | ||
| value = aws_route_table.private_v2 | ||
| } | ||
|
|
||
| output "private_routes_v2" { | ||
| value = concat(aws_route.private_nat_v2, values(aws_route.private_v2)) | ||
| } | ||
|
|
||
| output "public_route_tables" { | ||
| description = "List of public route tables" | ||
| value = aws_route_table.public | ||
| } | ||
|
|
||
| output "public_route_tables_v2" { | ||
| description = "List of public route tables v2" | ||
| value = aws_route_table.public_v2 | ||
| } | ||
|
|
||
| output "public_routes_v2" { | ||
| value = concat(aws_route.public_gateway_v2, values(aws_route.public_v2)) | ||
| } | ||
|
|
||
| output "vpc_id" { | ||
| description = "The ID of the VPC" | ||
| value = concat(aws_vpc.default.*.id, [""])[0] | ||
| } | ||
|
|
||
| output "vpc" { | ||
| description = "The ID of the VPC" | ||
| value = aws_vpc.default | ||
| } | ||
|
|
||
| output "nat_gateways" { | ||
| description = "List of nat gateways" | ||
| value = concat(aws_eip.nat.*) | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| resource "aws_route_table" "private_v2" { | ||
| count = var.create_route_table_v2 ? length(var.az_zones) : 0 | ||
|
|
||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| tags = { | ||
| Name = "${var.name}-Private-${var.az_zones[count.index]}-routetable-v2" | ||
| Description = "Route table Target to Nat Gateway for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
|
|
||
| depends_on = [aws_nat_gateway.default] | ||
| } | ||
|
|
||
| resource "aws_route" "private_nat_v2" { | ||
| count = var.create_route_table_v2 ? length(var.az_zones) : 0 | ||
|
|
||
| route_table_id = aws_route_table.private_v2[count.index].id | ||
| nat_gateway_id = aws_nat_gateway.default[count.index].id | ||
| destination_cidr_block = "0.0.0.0/0" | ||
| } | ||
|
|
||
| resource "aws_route" "private_v2" { | ||
| for_each = var.create_route_table_v2 ? local.private_routes_v2 : {} | ||
|
|
||
| route_table_id = aws_route_table.private_v2[index(var.az_zones, each.value.az)].id | ||
| destination_cidr_block = each.value.cidr_block | ||
| vpc_peering_connection_id = each.value.vpc_peering_connection_id | ||
| } | ||
|
|
||
| resource "aws_route_table" "public_v2" { | ||
| count = var.create_route_table_v2 ? length(var.az_zones) : 0 | ||
|
|
||
| vpc_id = aws_vpc.default.id | ||
|
|
||
| tags = { | ||
| Name = "${var.name}-Public-${var.az_zones[count.index]}-routetable-v2" | ||
| Description = "Route table Target to Internet Gateway for ${var.name}" | ||
| Created-By = "DevOps-Terraform" | ||
| Environment = var.deployment_env | ||
| } | ||
|
|
||
| depends_on = [aws_internet_gateway.default] | ||
| } | ||
|
|
||
| resource "aws_route" "public_gateway_v2" { | ||
| count = var.create_route_table_v2 ? length(var.az_zones) : 0 | ||
|
|
||
| route_table_id = aws_route_table.public_v2[count.index].id | ||
| gateway_id = aws_internet_gateway.default.id | ||
| destination_cidr_block = "0.0.0.0/0" | ||
| } | ||
|
|
||
| resource "aws_route" "public_v2" { | ||
| for_each = var.create_route_table_v2 ? local.public_routes_v2 : {} | ||
|
|
||
| route_table_id = aws_route_table.public_v2[index(var.az_zones, each.value.az)].id | ||
| destination_cidr_block = each.value.cidr_block | ||
| vpc_peering_connection_id = each.value.vpc_peering_connection_id | ||
| } | ||
|
|
||
| locals { | ||
| private_routes_v2 = merge({ | ||
| for index, az_route in setproduct(var.az_zones, var.extra_private_routes) : | ||
| "${az_route[0]}/${az_route[1].cidr_block}" => merge(az_route[1], { az = az_route[0] }) | ||
| }) | ||
|
|
||
| public_routes_v2 = { | ||
| for index, az_route in setproduct(var.az_zones, var.extra_public_routes) : | ||
| "${az_route[0]}/${az_route[1].cidr_block}" => merge(az_route[1], { az = az_route[0] }) | ||
| } | ||
| } |
Oops, something went wrong.