-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvpc.tf
131 lines (117 loc) · 3.21 KB
/
vpc.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# VPC
resource "aws_vpc" "terra_vpc" {
cidr_block = var.vpc_cidr
tags = {
Name = "TerraVPC"
}
}
# Internet Gateway
resource "aws_internet_gateway" "terra_igw" {
vpc_id = aws_vpc.terra_vpc.id
tags = {
Name = "VPC-Terraform"
}
}
# Subnets : public
resource "aws_subnet" "public" {
count = length(var.subnets_cidr)
vpc_id = aws_vpc.terra_vpc.id
cidr_block = element(var.subnets_cidr,count.index)
availability_zone = element(var.azs,count.index)
map_public_ip_on_launch = true
tags = {
Name = "Subnet-${count.index+1}"
}
}
# Subnets : private
resource "aws_subnet" "private" {
count = length(var.subnets_cidr_private)
vpc_id = aws_vpc.terra_vpc.id
cidr_block = element(var.subnets_cidr_private,count.index)
availability_zone = element(var.azs,count.index)
#map_public_ip_on_launch = true
tags = {
Name = "Subnet-${count.index+1}"
}
}
# Route table: attach Internet Gateway
resource "aws_route_table" "public_rt" {
vpc_id = aws_vpc.terra_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.terra_igw.id
}
tags = {
Name = "publicRouteTable"
}
}
# Route table association with public subnets
resource "aws_route_table_association" "a" {
count = length(var.subnets_cidr)
subnet_id = element(aws_subnet.public.*.id,count.index)
route_table_id = aws_route_table.public_rt.id
}
# Route table: attach Internet Gateway
resource "aws_route_table" "private_rt" {
vpc_id = aws_vpc.terra_vpc.id
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.nata.id}"
}
tags = {
Name = "privateRouteTableA"
}
}
# Route table: attach Internet Gateway
resource "aws_route_table" "private_rt_b" {
vpc_id = aws_vpc.terra_vpc.id
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.natb.id}"
}
tags = {
Name = "privateRouteTableB"
}
}
# Route table association with private subnets
resource "aws_route_table_association" "b" {
count = length(var.subnets_cidr_private)
subnet_id = element(aws_subnet.private.*.id, 0)
route_table_id = aws_route_table.private_rt.id
}
# Route table association with private subnets
resource "aws_route_table_association" "c" {
count = length(var.subnets_cidr_private)
subnet_id = element(aws_subnet.private.*.id, 1)
route_table_id = aws_route_table.private_rt_b.id
}
/* Elastic IP for NAT AZA Private */
resource "aws_eip" "nat_eip_aza" {
vpc = true
depends_on = [aws_internet_gateway.terra_igw]
}
/* Elastic IP for NAT AZB Private */
resource "aws_eip" "nat_eip_azb" {
vpc = true
depends_on = [aws_internet_gateway.terra_igw]
}
/* NAT for AZA Private Subnet*/
resource "aws_nat_gateway" "nata" {
allocation_id = "${aws_eip.nat_eip_aza.id}"
subnet_id = "${element(aws_subnet.private.*.id, 0)}"
depends_on = [aws_internet_gateway.terra_igw]
tags = {
Name = "nat"
#Environment = "${var.environment}"
}
}
/* NAT for AZB Private Subnet*/
resource "aws_nat_gateway" "natb" {
allocation_id = "${aws_eip.nat_eip_azb.id}"
subnet_id = "${element(aws_subnet.private.*.id, 1)}"
depends_on = [aws_internet_gateway.terra_igw]
tags = {
Name = "nat"
#Environment = "${var.environment}"
}
}