Add single NAT Gateway flag. (#3)

mhmdio · web-flow · commit f438afe2a985 · 2020-09-06T12:52:44.000+01:00
* add single nat option

* remove aws profile

* add pre-commit

* update README.md

* dummy update

* update README.md
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,6 @@
+repos:
+  - repo: git://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.27.0
+    hooks:
+      - id: terraform_fmt
+      - id: terraform_docs
diff --git a/README.md b/README.md
@@ -14,3 +14,42 @@ This Terraform module creates the base networking infrastructure on AWS.
 Check valid versions on:
 * Github Releases: <https://github.com/cn-terraform/terraform-aws-networking/releases>
 * Terraform Module Registry: <https://registry.terraform.io/modules/cn-terraform/networking/aws>
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name      | Version |
+| --------- | ------- |
+| terraform | >= 0.13 |
+
+## Providers
+
+| Name | Version |
+| ---- | ------- |
+| aws  | n/a     |
+
+## Inputs
+
+| Name                                             | Description                                                        | Type   | Default | Required |
+| ------------------------------------------------ | ------------------------------------------------------------------ | ------ | ------- | :------: |
+| availability\_zones                              | List of availability zones to be used by subnets                   | `list` | n/a     |   yes    |
+| name\_prefix                                     | Name prefix for resources on AWS                                   | `any`  | n/a     |   yes    |
+| private\_subnets\_cidrs\_per\_availability\_zone | List of CIDRs to use on each availability zone for private subnets | `list` | n/a     |   yes    |
+| public\_subnets\_cidrs\_per\_availability\_zone  | List of CIDRs to use on each availability zone for public subnets  | `list` | n/a     |   yes    |
+| single\_nat                                      | enable single NAT Gateway                                          | `bool` | `false` |    no    |
+| vpc\_cidr\_block                                 | AWS VPC CIDR Block                                                 | `any`  | n/a     |   yes    |
+
+## Outputs
+
+| Name                               | Description                                                                                            |
+| ---------------------------------- | ------------------------------------------------------------------------------------------------------ |
+| availability\_zones                | List of availability zones used by subnets                                                             |
+| internet\_gateway\_id              | ID of the generated Internet Gateway                                                                   |
+| nat\_gw\_ids                       | List with the IDs of the NAT Gateways created on public subnets to provide internet to private subnets |
+| private\_subnets\_ids              | List with the Private Subnets IDs                                                                      |
+| private\_subnets\_route\_table\_id | ID of the Route Table used on Private networks                                                         |
+| public\_subnets\_ids               | List with the Public Subnets IDs                                                                       |
+| public\_subnets\_route\_table\_id  | ID of the Route Tables used on Public networks                                                         |
+| vpc\_cidr\_block                   | The CIDR block of the VPC                                                                              |
+| vpc\_id                            | The ID of the VPC                                                                                      |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/test/main.tf b/examples/test/main.tf
@@ -3,10 +3,22 @@ provider "aws" {
 }
 
 module "base-network" {
-  source                                      = "../../"
-  name_prefix                                 = "base"
-  vpc_cidr_block                              = "192.168.0.0/16"
-  availability_zones                          = ["us-east-1a", "us-east-1b", "us-east-1c", "us-east-1d"]
-  public_subnets_cidrs_per_availability_zone  = ["192.168.0.0/19", "192.168.32.0/19", "192.168.64.0/19", "192.168.96.0/19"]
-  private_subnets_cidrs_per_availability_zone = ["192.168.128.0/19", "192.168.160.0/19", "192.168.192.0/19", "192.168.224.0/19"]
+  source         = "../../"
+  name_prefix    = "test"
+  single_nat     = true
+  vpc_cidr_block = "192.168.0.0/16"
+
+  availability_zones = [
+    "us-east-1a",
+    "us-east-1b"
+  ]
+  public_subnets_cidrs_per_availability_zone = [
+    "192.168.0.0/19",
+    "192.168.32.0/19"
+  ]
+  private_subnets_cidrs_per_availability_zone = [
+    "192.168.128.0/19",
+    "192.168.160.0/19"
+  ]
+
 }
diff --git a/main.tf b/main.tf
@@ -2,9 +2,12 @@
 # AWS Virtual Private Network
 #------------------------------------------------------------------------------
 resource "aws_vpc" "vpc" {
-  cidr_block           = var.vpc_cidr_block # The CIDR block for the VPC.
-  enable_dns_support   = true               # A boolean flag to enable/disable DNS support in the VPC.
-  enable_dns_hostnames = true               # A boolean flag to enable/disable DNS hostnames in the VPC.
+  cidr_block = var.vpc_cidr_block
+  # The CIDR block for the VPC.
+  enable_dns_support = true
+  # A boolean flag to enable/disable DNS support in the VPC.
+  enable_dns_hostnames = true
+  # A boolean flag to enable/disable DNS hostnames in the VPC.
   tags = {
     Name = "${var.name_prefix}-vpc"
   }
@@ -37,7 +40,7 @@ resource "aws_subnet" "public_subnets" {
 
 # Elastic IPs for NAT
 resource "aws_eip" "nat_eip" {
-  count = length(var.availability_zones)
+  count = var.single_nat ? 1 : length(var.availability_zones)
   vpc   = true
   tags = {
     Name = "${var.name_prefix}-nat-eip-${element(var.availability_zones, count.index)}"
@@ -46,13 +49,17 @@ resource "aws_eip" "nat_eip" {
 
 # NAT Gateways
 resource "aws_nat_gateway" "nat_gw" {
-  count         = length(var.availability_zones)
-  depends_on    = [aws_internet_gateway.internet_gw]
-  allocation_id = element(aws_eip.nat_eip.*.id, count.index)
-  subnet_id     = element(aws_subnet.public_subnets.*.id, count.index)
+  count         = var.single_nat ? 1 : length(var.availability_zones)
+  allocation_id = var.single_nat ? aws_eip.nat_eip.0.id : element(aws_eip.nat_eip.*.id, count.index)
+  subnet_id     = var.single_nat ? aws_subnet.public_subnets.0.id : element(aws_subnet.public_subnets.*.id, count.index)
+
   tags = {
     Name = "${var.name_prefix}-nat-gw-${element(var.availability_zones, count.index)}"
   }
+
+  depends_on = [
+    aws_internet_gateway.internet_gw
+  ]
 }
 
 # Public route table
@@ -116,7 +123,7 @@ resource "aws_route" "private_internet_route" {
   ]
   route_table_id         = element(aws_route_table.private_subnets_route_table.*.id, count.index)
   destination_cidr_block = "0.0.0.0/0"
-  nat_gateway_id         = element(aws_nat_gateway.nat_gw.*.id, count.index)
+  nat_gateway_id         = var.single_nat ? aws_nat_gateway.nat_gw.0.id : element(aws_nat_gateway.nat_gw.*.id, count.index)
 }
 
 # Association of Route Table to Subnets
diff --git a/variables.tf b/variables.tf
@@ -29,3 +29,9 @@ variable "private_subnets_cidrs_per_availability_zone" {
   type        = list
   description = "List of CIDRs to use on each availability zone for private subnets"
 }
+
+variable "single_nat" {
+  type        = bool
+  default     = false
+  description = "enable single NAT Gateway"
+}
