🎉 first commit

Author: 5up3r20e

.gitignore

@@ -0,0 +1,5 @@
+.terraform
+*terraform.tfstate*
+.terraform.lock.hcl
+test.sh
+test.tfvars

LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 zoe zhang
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,37 @@
+# terraform-aws-vpc
+
+## overview
+a light terraform module to create a vpc with 3 private subnets, 3 public subnets, 1 gateway, 3 nat gateway.
+
+## usage
+see example folder.
+```tf
+module "test" {
+  source      = "../"
+  name_prefix = "test"
+  vpc_cidr    = "10.17.0.0/20"
+  natgateway  = ["a", "b", "c"]
+  public_subnets = {
+    a = "10.17.0.0/23"
+    b = "10.17.2.0/23"
+    c = "10.17.4.0/23"
+  }
+  private_subnets = {
+    a = "10.17.6.0/23"
+    b = "10.17.8.0/23"
+    c = "10.17.10.0/23"
+  }
+}
+```
+
+## input
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| name_prefix | a name prefix used to tag vpc | `string` | true | yes |
+| vpc_cidr | vpc cidr block | `string` | false | yes |
+| public_subnets | public subnets map, availability zone map to cidr block | `map` | false | yes |
+| private_subnets | private subnets map, availability zone map to cidr block | `map` | false | yes |
+| natgateway | nat gateway list of availability zone to spread | `list` | false | yes |
+
+## output
+vpc_id

example/main.tf

@@ -0,0 +1,16 @@
+module "test" {
+  source      = "../"
+  name_prefix = "test"
+  vpc_cidr    = "10.17.0.0/20"
+  natgateway  = ["a", "b", "c"]
+  public_subnets = {
+    a = "10.17.0.0/23"
+    b = "10.17.2.0/23"
+    c = "10.17.4.0/23"
+  }
+  private_subnets = {
+    a = "10.17.6.0/23"
+    b = "10.17.8.0/23"
+    c = "10.17.10.0/23"
+  }
+}

example/provider.tf

@@ -0,0 +1,13 @@
+provider "aws" {
+  # i am using environment variables locally
+  region = "us-east-1"
+  # access_key = "AKIAZGWEKBAWRKPVLRIL"
+  # secret_key = "my-secret-key"
+  default_tags {
+    tags = {
+      Provisioner = "Terraform"
+      Project     = "POC"
+      OWNER       = "ops"
+    }
+  }
+}

example/version.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~>4.8"
+    }
+  }
+  required_version = "1.1.7"
+}

main.tf

@@ -0,0 +1,106 @@
+data "aws_region" "current" {
+
+}
+resource "aws_vpc" "vpc" {
+
+  cidr_block           = var.vpc_cidr
+  enable_dns_hostnames = true
+  enable_dns_support   = true
+  tags = {
+    "Name" = "${var.name_prefix}-vpc"
+  }
+
+}
+
+resource "aws_default_security_group" "vpc-default-sg" {
+
+  vpc_id = aws_vpc.vpc.id
+  egress {
+    from_port        = 0
+    to_port          = 0
+    protocol         = "-1"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+}
+
+
+resource "aws_default_route_table" "default-rt" {
+
+  default_route_table_id = aws_vpc.vpc.default_route_table_id
+
+}
+
+resource "aws_internet_gateway" "igw" {
+
+  vpc_id = aws_vpc.vpc.id
+
+}
+
+
+resource "aws_route_table" "public-rt" {
+  vpc_id = aws_vpc.vpc.id
+
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.igw.id
+  }
+}
+
+resource "aws_subnet" "public-subnet" {
+  for_each                = var.public_subnets
+  vpc_id                  = aws_vpc.vpc.id
+  cidr_block              = each.value
+  availability_zone       = format("%s%s", data.aws_region.current.name, each.key)
+  map_public_ip_on_launch = "true"
+  tags = {
+    "Name" = format("%s-public-%s", var.name_prefix, each.key)
+  }
+}
+resource "aws_route_table_association" "public-rba" {
+  for_each = var.public_subnets
+
+  subnet_id      = aws_subnet.public-subnet[each.key].id
+  route_table_id = aws_route_table.public-rt.id
+}
+resource "aws_eip" "nateip" {
+  for_each = toset(var.natgateway)
+  vpc      = true
+  lifecycle {
+    prevent_destroy = false
+  }
+}
+
+resource "aws_nat_gateway" "natgw" {
+  for_each      = toset(var.natgateway)
+  allocation_id = aws_eip.nateip[each.key].id
+  subnet_id     = aws_subnet.public-subnet[each.key].id
+  depends_on    = [aws_internet_gateway.igw]
+}
+
+resource "aws_subnet" "private-subnet" {
+  for_each                = var.private_subnets
+  vpc_id                  = aws_vpc.vpc.id
+  cidr_block              = each.value
+  availability_zone       = format("%s%s", data.aws_region.current.name, each.key)
+  map_public_ip_on_launch = "false"
+  tags = {
+    "Name" = format("%s-private-%s", var.name_prefix, each.key)
+  }
+}
+
+resource "aws_route_table" "private-rt" {
+  for_each = var.private_subnets
+  vpc_id   = aws_vpc.vpc.id
+  route {
+    cidr_block     = "0.0.0.0/0"
+    nat_gateway_id = aws_nat_gateway.natgw[each.key].id
+  }
+
+}
+resource "aws_route_table_association" "private-rba" {
+  for_each = var.private_subnets
+
+  subnet_id      = aws_subnet.private-subnet[each.key].id
+  route_table_id = aws_route_table.private-rt[each.key].id
+}

output.tf

@@ -0,0 +1,3 @@
+output "vpc_id" {
+  value=aws_vpc.vpc.id
+}

variables.tf

@@ -0,0 +1,31 @@
+variable "name_prefix" {
+  type        = string
+  description = "a name tag for resources"
+  default     = "test"
+}
+variable "vpc_cidr" {
+  type        = string
+  default     = "10.240.0.0/16"
+  description = "vpc cidr block"
+}
+variable "public_subnets" {
+  default = {
+    a = "10.240.0.0/22"
+    b = "10.240.4.0/22"
+    c = "10.240.8.0/22"
+  }
+  description = "public subnets map, availability zone map to cidr block"
+}
+variable "private_subnets" {
+  default = {
+    a = "10.240.12.0/22"
+    b = "10.240.16.0/22"
+    c = "10.240.20.0/22"
+  }
+  description = "private subnets map, availability zone map to cidr block"
+}
+
+variable "natgateway" {
+  default     = ["a", "b", "c"]
+  description = "nat gateway list of availability zone to spread"
+}

version.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">=4.8"
+    }
+  }
+  required_version = ">=0.13"
+}