feat: Added networking layer for infrastructure.

Author: jamesiarmes

tofu/config/networking/.terraform.lock.hcl

@@ -0,0 +1,25 @@
+terraform {
+  backend "s3" {
+    bucket         = "${var.project}-${var.environment}-tfstate"
+    key            = "networking.tfstate"
+    region         = var.region
+    dynamodb_table = "${var.environment}.tfstate"
+  }
+}
+
+# TODO: Air gap this VPC from the internet.
+module "vpc" {
+  source = "github.com/codeforamerica/tofu-modules-aws-vpc?ref=1.1.2"
+
+  project         = var.project
+  environment     = var.environment
+  cidr            = var.vpc_cidr
+  logging_key_id  = var.logging_key_arn
+  private_subnets = var.vpc_private_subnet_cidrs
+
+  # TODO: We don't need public subnets or a NAT gateway for an air gapped VPC.
+  public_subnets     = var.vpc_public_subnet_cidrs
+  single_nat_gateway = true
+
+  tags = var.tags
+}

tofu/config/networking/main.tf

@@ -0,0 +1,14 @@
+output "vpc_id" {
+  value       = module.vpc.vpc_id
+  description = "The ID of the VPC."
+}
+
+output "private_subnets" {
+  value       = module.vpc.public_subnets
+  description = "The IDs of the private subnets."
+}
+
+output "public_subnets" {
+  value       = module.vpc.public_subnets
+  description = "The IDs of the public subnets."
+}

tofu/config/networking/outputs.tf

@@ -0,0 +1,12 @@
+provider "aws" {
+  region = var.region
+
+  default_tags {
+    tags = {
+      application = "${var.project}-${var.environment}"
+      environment = var.environment
+      program     = var.program
+      project     = var.project
+    }
+  }
+}

tofu/config/networking/providers.tf

@@ -0,0 +1,49 @@
+variable "environment" {
+  type        = string
+  description = "Environment for the deployment."
+  default     = "development"
+}
+
+variable "logging_key_arn" {
+  type        = string
+  description = "The ARN of the KMS key for logging."
+}
+
+variable "program" {
+  type        = string
+  description = "Program the application belongs to."
+  default     = null
+}
+
+variable "project" {
+  type        = string
+  description = "Project that these resources are supporting."
+  default     = "sqs-senzing"
+}
+
+variable "region" {
+  type        = string
+  description = "AWS region where resources should be deployed."
+  default     = "us-west-1"
+}
+
+variable "tags" {
+  type        = map(string)
+  description = "Tags to apply to resources."
+  default     = {}
+}
+
+variable "vpc_cidr" {
+  type        = string
+  description = "CIDR block for the VPC."
+}
+
+variable "vpc_private_subnet_cidrs" {
+  type        = list(string)
+  description = "List of CIDR blocks for private subnets."
+}
+
+variable "vpc_public_subnet_cidrs" {
+  type        = list(string)
+  description = "List of CIDR blocks for public subnets."
+}

tofu/config/networking/variables.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.9"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}