fdio.infra.terraform/terraform-aws-vpc/main.tf

   1 locals {
   2   tags = {
   3     "Name"        = "${var.tags_name}"
   4     "Environment" = "${var.tags_environment}"
   5   }
   6 }
   7
   8 # Create VPC
   9 resource "aws_vpc" "vpc" {
  10   assign_generated_ipv6_cidr_block = var.vpc_assign_generated_ipv6_cidr_block
  11   cidr_block                       = var.vpc_cidr_block
  12   enable_dns_hostnames             = var.vpc_enable_dns_hostnames
  13   enable_dns_support               = var.vpc_enable_dns_support
  14   instance_tenancy                 = var.vpc_instance_tenancy
  15   tags                             = local.tags
  16 }
  17
  18 # Create Security Group
  19 resource "aws_security_group" "security_group" {
  20   depends_on = [
  21     aws_vpc.vpc
  22   ]
  23   description            = var.security_group_description
  24   name                   = var.security_group_name
  25   revoke_rules_on_delete = var.security_group_revoke_rules_on_delete
  26   tags                   = local.tags
  27   vpc_id                 = aws_vpc.vpc.id
  28
  29   ingress {
  30     from_port        = 0
  31     to_port          = 0
  32     protocol         = -1
  33     self             = true
  34     ipv6_cidr_blocks = ["::/0"]
  35   }
  36
  37   dynamic "ingress" {
  38     for_each = var.security_group_ingress
  39     content {
  40       from_port        = lookup(ingress.value, "from_port", null)
  41       to_port          = lookup(ingress.value, "to_port", null)
  42       protocol         = lookup(ingress.value, "protocol", null)
  43       self             = lookup(ingress.value, "self", null)
  44       cidr_blocks      = lookup(ingress.value, "cidr_blocks", null)
  45       ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", null)
  46     }
  47   }
  48   dynamic "egress" {
  49     for_each = var.security_group_egress
  50     content {
  51       from_port        = lookup(egress.value, "from_port", null)
  52       to_port          = lookup(egress.value, "to_port", null)
  53       protocol         = lookup(egress.value, "protocol", null)
  54       self             = lookup(egress.value, "self", null)
  55       cidr_blocks      = lookup(egress.value, "cidr_blocks", null)
  56       ipv6_cidr_blocks = lookup(egress.value, "ipv6_cidr_blocks", null)
  57     }
  58   }
  59 }
  60
  61 # Create Internet Gateway
  62 resource "aws_internet_gateway" "internet_gateway" {
  63   depends_on = [
  64     aws_vpc.vpc
  65   ]
  66   tags   = local.tags
  67   vpc_id = aws_vpc.vpc.id
  68 }
  69
  70 # Create Route
  71 resource "aws_route" "route" {
  72   depends_on = [
  73     aws_vpc.vpc,
  74     aws_internet_gateway.internet_gateway
  75   ]
  76   destination_cidr_block = "0.0.0.0/0"
  77   gateway_id             = aws_internet_gateway.internet_gateway.id
  78   route_table_id         = aws_vpc.vpc.main_route_table_id
  79 }
  80
  81 # Create Subnet
  82 resource "aws_subnet" "subnet" {
  83   depends_on = [
  84     aws_vpc.vpc
  85   ]
  86   assign_ipv6_address_on_creation = var.subnet_assign_ipv6_address_on_creation
  87   availability_zone               = var.subnet_availability_zone
  88   cidr_block                      = aws_vpc.vpc.cidr_block
  89   ipv6_cidr_block                 = cidrsubnet(aws_vpc.vpc.ipv6_cidr_block, 8, 1)
  90   map_public_ip_on_launch         = var.subnet_map_public_ip_on_launch
  91   tags                            = local.tags
  92   vpc_id                          = aws_vpc.vpc.id
  93 }