Merge pull request #7 from aws-ia/vpc-update-wip

Various VPC Updates
aws-ia · Jul 9, 2021 · 642c0c4 · 642c0c4
2 parents f75d3c8 + 1dc38cb
commit 642c0c4
Show file tree

Hide file tree

Showing 7 changed files with 39 additions and 108 deletions.
diff --git a/deploy/main.tf b/deploy/main.tf
@@ -1,12 +1,12 @@
 # ----------------------------------------------------------------------------------------------------------------------
 # REQUIRE A SPECIFIC TERRAFORM VERSION OR HIGHER
-# This module has been updated with 0.15.1 syntax, which means it is no longer compatible with any versions below 0.15.1.
+# This module has been updated with 1.0.1 syntax, which means it is no longer compatible with any versions below 1.0.1.
 # ----------------------------------------------------------------------------------------------------------------------
 ######################################
 # Defaults
 ######################################
 terraform {
-  required_version = ">= 0.15.1"
+  required_version = ">= 1.0.1"
   backend "remote" {}
 }
 
@@ -52,6 +52,6 @@ module "aws-ia_vpc" {
   public_outbound_acl_rules = var.public_inbound_acl_rules
   custom_inbound_acl_rules  = var.custom_inbound_acl_rules
   custom_outbound_acl_rules = var.custom_outbound_acl_rules
-  public_subnet_tags        = tomap(var.public_subnet_tags, { "terraform" = "true" })
-  private_subnet_tags       = tomap(var.private_subnet_tags, { "terraform" = "true" })
+  public_subnet_tags        = tomap(var.public_subnet_tags)
+  private_subnet_tags       = tomap(var.private_subnet_tags)
 }
diff --git a/deploy/variables.tf b/deploy/variables.tf
@@ -3,7 +3,6 @@ variable "region" {
   type        = string
   default     = "us-west-2"
 }
-
 variable "namespace" {
   description = "Namespace, which could be your organiation name, e.g. amazon"
   default     = "myorg"
@@ -24,60 +23,45 @@ variable "delimiter" {
   description = "Delimiter, which could be used between name, namespace and env"
   default     = "-"
 }
-
 variable "tags" {
   default     = {}
   description = "Tags, which could be used for additional tags"
 }
-
-variable "create_vpc" {
-  description = "Controls if VPC should be created (it affects almost all resources)"
-  type        = bool
-  default     = true
-}
-
 variable "enable_dns_hostnames" {
   description = "Should be true to enable DNS hostnames in the VPC"
   type        = bool
   default     = true
 }
-
 variable "enable_dns_support" {
   description = "Should be true to enable DNS support in the VPC"
   type        = bool
   default     = true
 }
-
 variable "instance_tenancy" {
   description = "A tenancy option for instances launched into the VPC"
   type        = string
   default     = "default"
 }
-
 variable "cidr" {
   description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden"
   type        = string
   default     = "10.0.0.0/16"
 }
-
 variable "public_subnets" {
   description = "A list of private subnets inside the VPC"
   type        = list(string)
   default     = ["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"]
 }
-
 variable "private_subnets_A" {
   description = "A list of private subnets inside the VPC"
   type        = list(string)
   default     = ["10.0.96.0/19", "10.0.232.0/22", "10.0.236.0/22"]
 }
-
 variable "private_subnets_B" {
   description = "A list of private subnets inside the VPC"
   type        = list(string)
   default     = []
 }
-
 variable "public_inbound_acl_rules" {
   description = "Public subnets inbound network ACLs"
   type        = list(map(string))
@@ -93,7 +77,6 @@ variable "public_inbound_acl_rules" {
     },
   ]
 }
-
 variable "public_outbound_acl_rules" {
   description = "Public subnets outbound network ACLs"
   type        = list(map(string))
@@ -109,7 +92,6 @@ variable "public_outbound_acl_rules" {
     },
   ]
 }
-
 variable "custom_inbound_acl_rules" {
   description = "Custom subnets inbound network ACLs"
   type        = list(map(string))
@@ -125,7 +107,6 @@ variable "custom_inbound_acl_rules" {
     },
   ]
 }
-
 variable "custom_outbound_acl_rules" {
   description = "Custom subnets outbound network ACLs"
   type        = list(map(string))
@@ -141,15 +122,18 @@ variable "custom_outbound_acl_rules" {
     },
   ]
 }
-
 variable "public_subnet_tags" {
   type        = map(string)
   default     = { "Name" = "Public Subnet" }
   description = "Public Subnet Tags"
 }
-
 variable "private_subnet_tags" {
   type        = map(string)
   default     = { "Name" = "Private Subnet" }
   description = "Private Subnet Tags"
 }
+variable "create_vpc" {
+  description = "Controls if VPC should be created (it affects almost all resources)"
+  type        = bool
+  default     = true
+}
diff --git a/main.tf b/main.tf
@@ -6,7 +6,7 @@
 # Defaults
 ######################################
 terraform {
-  required_version = ">= 0.15.1"
+  required_version = ">= 1.0.0"
   backend "remote" {}
 }
 
@@ -41,7 +41,7 @@ module "aws-vpc" {
   public_outbound_acl_rules = var.public_inbound_acl_rules
   custom_inbound_acl_rules  = var.custom_inbound_acl_rules
   custom_outbound_acl_rules = var.custom_outbound_acl_rules
-  public_subnet_tags        = tomap(var.public_subnet_tags, { "terraform" = "true" })
-  private_subnet_tags       = tomap(var.private_subnet_tags, { "terraform" = "true" })
-
+  public_subnet_tags        = tomap(var.public_subnet_tags)
+  private_subnet_tags       = tomap(var.private_subnet_tags)
+  create_vpc                = var.create_vpc
 }
diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf
@@ -3,11 +3,11 @@
 ##########
 
 terraform {
-  required_version = ">= 0.13"
+  required_version = ">= 1.0.0"
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.10"
+      version = ">= 3.49.0"
     }
   }
   backend "remote" {}

diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf
@@ -1,12 +1,6 @@
-
-# ---------------------------------------------------------------------------------------------------------------------
-# PARAMETERS
-# These parameters have reasonable defaults.
-# ---------------------------------------------------------------------------------------------------------------------
 variable "create_vpc" {
   description = "Controls if VPC should be created (it affects almost all resources)"
   type        = bool
-  default     = true
 }
 
 variable "name" {
@@ -40,19 +34,16 @@ variable "public_subnet_tags" {
 variable "enable_dns_hostnames" {
   description = "Should be true to enable DNS hostnames in the VPC"
   type        = bool
-  default     = true
 }
 
 variable "enable_dns_support" {
   description = "Should be true to enable DNS support in the VPC"
   type        = bool
-  default     = true
 }
 
 variable "instance_tenancy" {
   description = "A tenancy option for instances launched into the VPC"
   type        = string
-  default     = "default"
 }
 
 variable "cidr" {
@@ -78,63 +69,17 @@ variable "private_subnets_B" {
 variable "public_inbound_acl_rules" {
   description = "Public subnets inbound network ACLs"
   type        = list(map(string))
-
-  default = [
-    {
-      rule_number = 100
-      rule_action = "allow"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_block  = "0.0.0.0/0"
-    },
-  ]
 }
 
 variable "public_outbound_acl_rules" {
   description = "Public subnets outbound network ACLs"
   type        = list(map(string))
-
-  default = [
-    {
-      rule_number = 100
-      rule_action = "allow"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_block  = "0.0.0.0/0"
-    },
-  ]
 }
-
 variable "custom_inbound_acl_rules" {
   description = "Custom subnets inbound network ACLs"
   type        = list(map(string))
-
-  default = [
-    {
-      rule_number = 100
-      rule_action = "allow"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_block  = "0.0.0.0/0"
-    },
-  ]
 }
-
 variable "custom_outbound_acl_rules" {
   description = "Custom subnets outbound network ACLs"
   type        = list(map(string))
-
-  default = [
-    {
-      rule_number = 100
-      rule_action = "allow"
-      from_port   = 0
-      to_port     = 0
-      protocol    = "-1"
-      cidr_block  = "0.0.0.0/0"
-    },
-  ]
 }
diff --git a/setup_workspace/workspace.tf b/setup_workspace/workspace.tf
@@ -1,17 +1,16 @@
+
 terraform {
   required_version = ">= 1.0.0"
 }
-
-resource "random_pet" "name" {
-  prefix = "tfm-aws"
-  length = 1
+locals {
+  dir_down = ".."
 }
 
 # Generate new terraform org and workspace
 
-module "tfc_workspace" {
+module "tfcloud" {
   source                = "aws-ia/cloud_workspace/hashicorp"
-  version               = "0.0.1"
+  version               = "0.0.2"
   tfe_email             = var.tfe_email
   tfe_organization      = var.tfe_organization
   tfe_workspace         = var.tfe_workspace
@@ -24,38 +23,39 @@ module "tfc_workspace" {
 
 
 resource "null_resource" "setup_backend_file" {
-  depends_on = [module.tfc_workspace]
+  depends_on = [module.tfcloud]
   provisioner "local-exec" {
-    command = "mv backend.hcl  ../deploy"
+    command = "mv backend.hcl ${local.dir_down}${var.working_directory}"
   }
 }
 
 
-resource "null_resource" "remote_init" {
+resource "null_resource" "remoteinit" {
   depends_on = [null_resource.setup_backend_file]
   provisioner "local-exec" {
-    working_dir = "../deploy"
+    working_dir = "${local.dir_down}${var.working_directory}"
     command     = "terraform init -backend-config=backend.hcl"
   }
 }
 
 output "user_instructions" {
   value = <<README
-# org name    = ${module.tfc_workspace.tfm-aws-org-name}
-# workspace   = ${module.tfc_workspace.tfm-aws-workspace-name}
-#
-#
+# org name    = ${module.tfcloud.tfcloud-org-name}
+# workspace   = ${module.tfcloud.tfcloud-workspace-name}
+
+
 # Run these commands in order:
-  cd ../deploy
+cd ${local.dir_down}${var.working_directory}
 
 # Configure your tfvars file
   AWS_SECRET_ACCESS_KEY = "*****************"
   AWS_ACCESS_KEY_ID     = "*****************"
   AWS_SESSION_TOKEN     = "*****************"
-  region                = "region override"
+  region                = ${var.region}
 
 #  Note: Use of STS Creds are highly reccommended!
-# !!!!CAUTION!!!!: Make sure your credential are secured ourside version control (and follow secrets mangement bestpractices)
+# !!!!CAUTION!!!!: Make sure your credentials are secured outside version control 
+# (and follow secrets mangement bestpractices)
 #   
    terraform apply  -var-file="$HOME/.aws/terraform.tfvars"
 README

diff --git a/variables.tf b/variables.tf
@@ -6,19 +6,16 @@
 variable "name" {
   type        = string
   description = "The name of the resources"
-  default     = "tfm-aws"
 }
 
 variable "region" {
   type        = string
   description = "The name of the region you wish to deploy into"
-  default     = "us-east-1"
 }
 
 variable "enable_dns_hostnames" {
   description = "Should be true to enable DNS hostnames in the VPC"
   type        = bool
-  default     = true
 }
 
 variable "enable_dns_support" {
@@ -56,7 +53,6 @@ variable "private_subnets_A" {
   default     = ["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19", "10.0.96.0/19", "10.0.232.0/22", "10.0.236.0/22"]
 }
 
-#  default     = ["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21", "10.0.216.0/21", "10.0.224.0/22", "10.0.228.0/22"]
 variable "private_subnets_B" {
   description = "A list of private subnets inside the VPC"
   type        = list(string)
@@ -137,4 +133,10 @@ variable "private_subnet_tags" {
   type        = map(string)
   default     = { "Name" = "Private Subnet" }
   description = "Private Subnet Tags"
-}
+}
+
+
+variable "create_vpc" {
+  type        = bool
+  description = "Allow you to create vpc based on condition"
+}