Merge pull request #3 from zachrundle/network

add in network config
zachrundle · Aug 14, 2024 · 2b53346 · 2b53346
2 parents 0177172 + 5f4c353
commit 2b53346
Show file tree

Hide file tree

Showing 6 changed files with 155 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -0,0 +1,6 @@
+module "network" {
+  source     = "./modules/network"
+  name       = var.name
+  create_ngw = false
+  vpc_cidr   = "10.0.0.0/16"
+}
diff --git a/modules/network/main.tf b/modules/network/main.tf
@@ -0,0 +1,109 @@
+data "aws_region" "current" {
+}
+
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+locals {
+  availability_zones = data.aws_availability_zones.available.names
+}
+
+resource "aws_vpc" "this" {
+  cidr_block           = var.vpc_cidr
+  enable_dns_hostnames = true
+  tags = {
+    Name = "${var.name} vpc"
+  }
+}
+
+# The cidr block is dynamically built by passing in the prefix (vpc cidr), newbits, netnum
+# newbits will add 8 to the vpc cidr resulting in /24 subnets, the netnum will count the third octet by 1
+resource "aws_subnet" "public_subnet" {
+  for_each                = { for i, v in local.availability_zones : i => v }
+  vpc_id                  = aws_vpc.this.id
+  cidr_block              = cidrsubnet(var.vpc_cidr, 8, each.key)
+  availability_zone       = each.value
+  map_public_ip_on_launch = true
+  tags = {
+    Name = "${var.name} public subnet ${each.key + 1}"
+  }
+}
+
+# netnum factors in that the first few subnets (based off az count for that region) are utilized for public
+resource "aws_subnet" "private_subnet" {
+  for_each                = { for i, v in local.availability_zones : i => v }
+  vpc_id                  = aws_vpc.this.id
+  cidr_block              = cidrsubnet(var.vpc_cidr, 8, length(local.availability_zones) + each.key)
+  availability_zone       = each.value
+  map_public_ip_on_launch = false
+  tags = {
+    Name = "${var.name} private subnet ${each.key + 1}"
+  }
+}
+
+resource "aws_internet_gateway" "igw" {
+  vpc_id = aws_vpc.this.id
+
+  tags = {
+    Name = "${var.name}"
+  }
+}
+
+resource "aws_eip" "nat_ip" {
+  count      = var.create_ngw ? 1 : 0
+  domain     = "vpc"
+  depends_on = [aws_internet_gateway.igw]
+  tags = {
+    Name = "${var.name} nat gateway ip"
+  }
+}
+
+resource "aws_nat_gateway" "ngw" {
+  count         = var.create_ngw ? 1 : 0
+  allocation_id = aws_eip.nat_ip[count.index].id
+  subnet_id     = aws_subnet.public_subnet[count.index].id
+  tags = {
+    Name = "${var.name} nat gateway"
+  }
+}
+
+resource "aws_route_table" "public_router" {
+  vpc_id = aws_vpc.this.id
+  tags = {
+    Name = "${var.name} public routes"
+  }
+}
+
+resource "aws_route" "ipv4_pub_internet" {
+  route_table_id         = aws_route_table.public_router.id
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = aws_internet_gateway.igw.id
+}
+
+resource "aws_route_table" "private_router" {
+  vpc_id = aws_vpc.this.id
+  count  = var.create_ngw ? 1 : 0
+  tags = {
+    Name = "${var.name} private routes"
+  }
+}
+
+resource "aws_route" "ipv4_prv_internet" {
+  count                  = var.create_ngw ? 1 : 0
+  route_table_id         = aws_route_table.private_router[count.index].id
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = aws_nat_gateway.ngw[count.index].id
+}
+
+resource "aws_route_table_association" "public_route_table" {
+  count          = length(aws_subnet.public_subnet)
+  subnet_id      = aws_subnet.public_subnet[count.index].id
+  route_table_id = aws_route_table.public_router.id
+}
+
+resource "aws_route_table_association" "private_route_table" {
+  count          = var.create_ngw ? length(aws_subnet.private_subnet) : 0
+  subnet_id      = aws_subnet.private_subnet[count.index].id
+  route_table_id = aws_route_table.private_router[0].id
+}
diff --git a/modules/network/outputs.tf b/modules/network/outputs.tf
@@ -0,0 +1,19 @@
+output "vpc" {
+  value = aws_vpc.this
+}
+
+output "private_subnet_ids" {
+  value = [for subnet in values(aws_subnet.private_subnet) : subnet.id]
+}
+
+output "public_subnet_ids" {
+  value = [for subnet in values(aws_subnet.private_subnet) : subnet.id]
+}
+
+output "private_subnet_cidr_block" {
+  value = [for subnet in values(aws_subnet.private_subnet) : subnet.cidr_block]
+}
+
+output "public_subnet_cidr_block" {
+  value = [for subnet in values(aws_subnet.public_subnet) : subnet.cidr_block]
+}
diff --git a/modules/network/variables.tf b/modules/network/variables.tf
@@ -0,0 +1,11 @@
+variable "name" {
+  description = "Provide the name of the project"
+}
+
+variable "vpc_cidr" {
+  description = "Provide the /16 cidr for the vpc"
+}
+
+variable "create_ngw" {
+  default = false
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,8 @@
+# NETWORK
+output "public_subnets" {
+  value = module.network.public_subnet_cidr_block
+}
+
+output "private_subnets" {
+  value = module.network.private_subnet_cidr_block
+}
diff --git a/variables.tf b/variables.tf
@@ -5,9 +5,9 @@ variable "name" {
 variable "region" {
   description = "AWS region to create resources in"
   type        = string
-  default     = "us-east-1"
+  default     = "us-west-2"
 }
 
 variable "aws_account" {
-  description = "Account number to create AWS resources in. This variable should be defined in the Terraform Cloud workspace settings"
+  description = "Account number to create aws resources in. This variable should be defined in the terraform cloud workspace settings"
 }