From d6c0ed549ca2b531726b31d4f60af636e18a4e3e Mon Sep 17 00:00:00 2001 From: Sungmin Lee Date: Tue, 11 Oct 2022 18:24:04 +0900 Subject: [PATCH] add subnet attribute --- README.md | 57 +++++++++++++++++++++++++++++++++++++++------------- main.tf | 19 +++++++++++++++++- outputs.tf | 8 +++++++- variables.tf | 42 +++++++++++++++++++++----------------- 4 files changed, 92 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index 217d95c..6e2cc72 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,21 @@ vpcs = [ name = string ipv4_cidr_block = string(cidr) + // Subnet declaration (Optional, List) + subnets = [ + { + name = string + usage_type = "GEN" // GEN | LOADB + subnet_type = "PRIVATE" // PUBLIC | PRIVATE + // If usage_type is LOADB in the KR region, only PRIVATE is allowed. + zone = string(zone) // (PUB) KR-1 | KR-2 // (FIN) FKR-1 | FKR-2 // (GOV) KR | KRS + subnet = string(cidr) + network_acl = string // default | NetworkAclName, + // if set "default", then "default Network ACL" will be set. + } + ] + + // Deprecated // Subnet declaration (Optional, List) public_subnets = [ { @@ -140,43 +155,51 @@ vpcs = [ name = "vpc-foo" ipv4_cidr_block = "10.0.0.0/16" - public_subnets = [ + subnets = [ { name = "sbn-foo-public-1" + usage_type = "GEN" + subnet_type = "PUBLIC" zone = "KR-1" subnet = "10.0.1.0/24" network_acl = "default" }, { name = "sbn-foo-public-2" + usage_type = "GEN" + subnet_type = "PUBLIC" zone = "KR-2" subnet = "10.0.2.0/24" network_acl = "default" - } - ] - private_subnets = [ + }, { name = "sbn-foo-private-1" + usage_type = "GEN" + subnet_type = "PRIVATE" zone = "KR-1" subnet = "10.0.3.0/24" network_acl = "default" }, { name = "sbn-foo-private-2" + usage_type = "GEN" + subnet_type = "PRIVATE" zone = "KR-2" subnet = "10.0.4.0/24" network_acl = "default" - } - ] - loadbalancer_subnets = [ + }, { name = "sbn-foo-lb-1" + usage_type = "LOADB" + subnet_type = "PRIVATE" zone = "KR-1" subnet = "10.0.5.0/24" network_acl = "nacl-foo-loadbalancer" }, { name = "sbn-foo-lb-2" + usage_type = "LOADB" + subnet_type = "PRIVATE" zone = "KR-2" subnet = "10.0.6.0/24" network_acl = "nacl-foo-loadbalancer" @@ -277,23 +300,26 @@ vpcs = [ name = "vpc-bar" ipv4_cidr_block = "10.10.0.0/16" - public_subnets = [ + subnets = [ { name = "sbn-bar-public" + usage_type = "GEN" + subnet_type = "PUBLIC" zone = "KR-1" subnet = "10.10.1.0/24" network_acl = "default" - } - ] - private_subnets = [ + }, { name = "sbn-bar-private" + usage_type = "GEN" + subnet_type = "PRIVATE" zone = "KR-1" subnet = "10.10.2.0/24" network_acl = "default" } ] + access_control_groups = [ { name = "acg-bar-public" @@ -362,9 +388,12 @@ module "vpcs" { name = each.value.name ipv4_cidr_block = each.value.ipv4_cidr_block - public_subnets = lookup(each.value, "public_subnets", []) - private_subnets = lookup(each.value, "private_subnets", []) - loadbalancer_subnets = lookup(each.value, "loadbalancer_subnets", []) + subnets = lookup(each.value, "subnets", []) + + // Deprecated. It has been replaced by "subnets" + // public_subnets = lookup(each.value, "public_subnets", []) + // private_subnets = lookup(each.value, "private_subnets", []) + // loadbalancer_subnets = lookup(each.value, "loadbalancer_subnets", []) network_acls = lookup(each.value, "network_acls", []) deny_allow_groups = lookup(each.value, "deny_allow_groups", []) diff --git a/main.tf b/main.tf index b45e8c7..9ddc7d7 100644 --- a/main.tf +++ b/main.tf @@ -3,6 +3,21 @@ resource "ncloud_vpc" "vpc" { ipv4_cidr_block = var.ipv4_cidr_block } + +resource "ncloud_subnet" "subnets" { + for_each = { for subnet in var.subnets : subnet.name => subnet } + + name = each.value.name + vpc_no = ncloud_vpc.vpc.id + usage_type = each.value.usage_type + subnet_type = each.value.subnet_type + zone = each.value.zone + subnet = each.value.subnet + network_acl_no = each.value.network_acl == "default" ? ncloud_vpc.vpc.default_network_acl_no : ncloud_network_acl.network_acls[each.value.network_acl].id + +} + +// Deprecated. It has been replaced by "subnets" resource "ncloud_subnet" "public_subnets" { for_each = { for subnet in var.public_subnets : subnet.name => subnet } @@ -16,6 +31,7 @@ resource "ncloud_subnet" "public_subnets" { } +// Deprecated. It has been replaced by "subnets" resource "ncloud_subnet" "private_subnets" { for_each = { for subnet in var.private_subnets : subnet.name => subnet } @@ -29,6 +45,7 @@ resource "ncloud_subnet" "private_subnets" { } +// Deprecated. It has been replaced by "subnets" resource "ncloud_subnet" "loadbalancer_subnets" { for_each = { for subnet in var.loadbalancer_subnets : subnet.name => subnet } @@ -43,7 +60,7 @@ resource "ncloud_subnet" "loadbalancer_subnets" { } locals { - subnets = merge(ncloud_subnet.public_subnets, ncloud_subnet.private_subnets, ncloud_subnet.loadbalancer_subnets) + subnets = merge(ncloud_subnet.subnets, ncloud_subnet.public_subnets, ncloud_subnet.private_subnets, ncloud_subnet.loadbalancer_subnets) } resource "ncloud_network_acl" "network_acls" { diff --git a/outputs.tf b/outputs.tf index 68bd797..3fade75 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,8 +2,14 @@ output "vpc" { value = ncloud_vpc.vpc } + +output "subnets" { + value = merge(ncloud_subnet.subnets, ncloud_subnet.public_subnets, ncloud_subnet.private_subnets, ncloud_subnet.loadbalancer_subnets) +} + +// Deprecated. It has been replaced by "subnets" output "all_subnets" { - value = merge(ncloud_subnet.public_subnets, ncloud_subnet.private_subnets, ncloud_subnet.loadbalancer_subnets) + value = merge(ncloud_subnet.subnets, ncloud_subnet.public_subnets, ncloud_subnet.private_subnets, ncloud_subnet.loadbalancer_subnets) } output "public_subnets" { diff --git a/variables.tf b/variables.tf index 4cc9054..001b449 100644 --- a/variables.tf +++ b/variables.tf @@ -1,41 +1,47 @@ variable "name" { description = "See the description in the readme" - type = string + type = string } variable "ipv4_cidr_block" { description = "See the description in the readme" - type = string + type = string +} + +variable "subnets" { + description = "See the description in the readme" + type = list(any) + default = [] } variable "public_subnets" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "private_subnets" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "loadbalancer_subnets" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "network_acls" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "deny_allow_groups" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "access_control_groups" { @@ -46,18 +52,18 @@ variable "access_control_groups" { variable "public_route_tables" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "private_route_tables" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] } variable "nat_gateways" { description = "See the description in the readme" - type = list(any) - default = [] + type = list(any) + default = [] }