Merge pull request #55 from FairwindsOps/0.12-migration

0.12 migration
FairwindsOps · Oct 15, 2019 · 8b96788 · 8b96788
2 parents 54f1c41 + b7dd2fb
commit 8b96788
Show file tree

Hide file tree

Showing 12 changed files with 181 additions and 125 deletions.
diff --git a/Makefile b/Makefile
@@ -3,7 +3,7 @@
 
 TEMPDIR := $(shell mktemp -d)
 
-TF_VERSION = 0.11.8
+TF_VERSION = 0.12.9
 TF_PLATFORM = darwin
 SHELL := /bin/bash
 

diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 This Terraform module creates a configurable general purpose [Amazon Web Services VPC](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html). The module offers an opinionated but flexible network topography geared towards general purpose situations with separate public and private subnets. Each VPC can be configured to support one to four availability zones. Private subnet [NAT](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat.html) can be configured via [NAT Gateways](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html). A single [Internet Gateway](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html) is created to provide public routing for public subnets. The module does not configure a bastion or VPN instance for private subnet instance access.
 
-This module has been tested with Terraform version 0.11.8
+This module has been tested with Terraform version 0.12.9
 
 ## Example VPC Layout: 3 AZ's
 
@@ -14,14 +14,14 @@ This module has been tested with Terraform version 0.11.8
 
 ```
 module "vpc" {
- source = "git::ssh://[email protected]/FairwindsOps/terraform-vpc.git?ref=2.0.2"
+ source = "git::ssh://[email protected]/reactiveops/terraform-vpc.git?ref=3.0.0"
 
- aws_region = "${var.aws_region}"
+ aws_region = var.aws_region
 
- az_count = "${var.az_count}"
- aws_azs = "${var.aws_azs}"
+ az_count = var.az_count
+ aws_azs = var.aws_azs
 
- vpc_cidr_base = "${var.vpc_cidr_base}"
+ vpc_cidr_base = var.vpc_cidr_base
 
 }
 ```

diff --git a/eip.tf b/eip.tf
@@ -13,11 +13,12 @@
 #limitations under the License.
 
 resource "aws_eip" "mod_nat" {
- count = "${((var.multi_az_nat_gateway * var.az_count) + (var.single_nat_gateway * 1))}"
- tags = "${var.global_tags}"
- vpc = true
+ count = var.multi_az_nat_gateway * var.az_count + var.single_nat_gateway * 1
+ tags  = var.global_tags
+ vpc  = true
 }
 
 output "aws_eip_nat_ips" {
- value = ["${aws_eip.mod_nat.*.public_ip}"]
+ value = [aws_eip.mod_nat.*.public_ip]
 }
+
diff --git a/internet-gateway.tf b/internet-gateway.tf
@@ -13,9 +13,13 @@
 #limitations under the License.
 
 resource "aws_internet_gateway" "default" {
- vpc_id = "${aws_vpc.default.id}"
- tags = "${merge(var.global_tags,
- map("Name", "${var.aws_vpc_name}"),
- var.internet_gateway_tags)}"
-
+ vpc_id = aws_vpc.default.id
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = var.aws_vpc_name
+ },
+ var.internet_gateway_tags,
+ )
 }
+
diff --git a/nat-gateway.tf b/nat-gateway.tf
@@ -13,20 +13,25 @@
 #limitations under the License.
 
 resource "aws_nat_gateway" "nat_gateway" {
- count = "${((var.multi_az_nat_gateway * var.az_count) + (var.single_nat_gateway * 1))}"
- subnet_id = "${element(aws_subnet.public.*.id, count.index)}"
- allocation_id = "${element(aws_eip.mod_nat.*.id, count.index)}"
- tags = "${var.global_tags}"
- depends_on = ["aws_internet_gateway.default","aws_eip.mod_nat","aws_subnet.public"]
- lifecycle = {
- ignore_changes = ["tags"]
- }
+ count = var.multi_az_nat_gateway * var.az_count + var.single_nat_gateway * 1
+ subnet_id = element(aws_subnet.public.*.id, count.index)
+ allocation_id = element(aws_eip.mod_nat.*.id, count.index)
+ tags = var.global_tags
+ depends_on = [
+ aws_internet_gateway.default,
+ aws_eip.mod_nat,
+ aws_subnet.public,
+ ]
+ lifecycle {
+ ignore_changes = [tags]
+ }
 }
 
 output "aws_nat_gateway_count" {
- value = "${length(aws_nat_gateway.nat_gateway.*.id)}"
+ value = length(aws_nat_gateway.nat_gateway.*.id)
 }
 
 output "aws_nat_gateway_ids" {
- value = ["${aws_nat_gateway.nat_gateway.*.id}"]
+ value = [aws_nat_gateway.nat_gateway.*.id]
 }
+
diff --git a/route-table.tf b/route-table.tf
@@ -12,43 +12,53 @@
 #See the License for the specific language governing permissions and
 #limitations under the License.
 
-
 # Routing table for public subnets
 resource "aws_route_table" "public" {
- vpc_id = "${aws_vpc.default.id}"
- tags = "${merge(var.global_tags,
- map("Name", "public"),
- var.public_route_table_tags)}"
+ vpc_id = aws_vpc.default.id
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "public"
+ },
+ var.public_route_table_tags,
+ )
 }
 
 output "aws_route_table_public_ids" {
- value = ["${aws_route_table.public.id}"]
+ value = [aws_route_table.public.id]
 }
 
 resource "aws_route" "public_internet_gateway" {
- route_table_id = "${aws_route_table.public.id}"
+ route_table_id  = aws_route_table.public.id
  destination_cidr_block = "0.0.0.0/0"
- gateway_id = "${aws_internet_gateway.default.id}"
+ gateway_id  = aws_internet_gateway.default.id
 }
 
-
 # Routing table for private subnets
 resource "aws_route_table" "private" {
- count = "${((var.multi_az_nat_gateway * var.az_count) + (var.single_nat_gateway * 1))}"
- vpc_id = "${aws_vpc.default.id}"
- tags = "${merge(var.global_tags,
- map("Name", "private_az${(count.index +1)}"),
- var.private_route_table_tags)}"
+ count = var.multi_az_nat_gateway * var.az_count + var.single_nat_gateway * 1
+ vpc_id = aws_vpc.default.id
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "private_az${count.index + 1}"
+ },
+ var.private_route_table_tags,
+ )
 }
 
 output "aws_route_table_private_ids" {
- value = ["${aws_route_table.private.*.id}"]
+ value = [aws_route_table.private.*.id]
 }
 
 resource "aws_route" "private_nat_gateway" {
- count = "${((var.multi_az_nat_gateway * var.az_count) + (var.single_nat_gateway * 1))}"
- route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
- nat_gateway_id = "${element(aws_nat_gateway.nat_gateway.*.id, count.index)}"
+ count  = var.multi_az_nat_gateway * var.az_count + var.single_nat_gateway * 1
+ route_table_id  = element(aws_route_table.private.*.id, count.index)
+ nat_gateway_id  = element(aws_nat_gateway.nat_gateway.*.id, count.index)
  destination_cidr_block = "0.0.0.0/0"
- depends_on = ["aws_route_table.private","aws_nat_gateway.nat_gateway"]
+ depends_on = [
+ aws_route_table.private,
+ aws_nat_gateway.nat_gateway,
+ ]
 }
+
diff --git a/subnets.tf b/subnets.tf
@@ -17,81 +17,98 @@
 #
 
 resource "aws_subnet" "admin" {
- count = "${var.az_count}"
- vpc_id = "${aws_vpc.default.id}"
- cidr_block = "${var.vpc_cidr_base}${lookup(var.admin_subnet_cidrs, format("zone%d", count.index))}"
- availability_zone = "${element(split(", ", var.aws_azs), count.index)}"
- tags = "${merge(var.global_tags,
- map("Name", "admin_az${(count.index +1)}"),
- var.admin_subnet_tags)}"
+ count = var.az_count
+ vpc_id = aws_vpc.default.id
+ cidr_block = "${var.vpc_cidr_base}${var.admin_subnet_cidrs[format("zone%d", count.index)]}"
+ availability_zone = element(split(", ", var.aws_azs), count.index)
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "admin_az${count.index + 1}"
+ },
+ var.admin_subnet_tags,
+ )
 }
 
 output "aws_subnet_admin_ids" {
- value = ["${aws_subnet.admin.*.id}"]
+ value = [aws_subnet.admin.*.id]
 }
 
 resource "aws_route_table_association" "private_admin" {
- count = "${var.az_count}"
- subnet_id = "${element(aws_subnet.admin.*.id, count.index)}"
- route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
+ count  = var.az_count
+ subnet_id  = element(aws_subnet.admin.*.id, count.index)
+ route_table_id = element(aws_route_table.private.*.id, count.index)
 }
 
 resource "aws_subnet" "public" {
- count = "${var.az_count}"
- vpc_id = "${aws_vpc.default.id}"
- cidr_block = "${var.vpc_cidr_base}${lookup(var.public_subnet_cidrs, format("zone%d", count.index))}"
- availability_zone = "${element(split(", ", var.aws_azs), count.index)}"
- tags = "${merge(var.global_tags,
- map("Name", "public_az${(count.index +1)}"),
- var.public_subnet_tags)}"
+ count = var.az_count
+ vpc_id = aws_vpc.default.id
+ cidr_block = "${var.vpc_cidr_base}${var.public_subnet_cidrs[format("zone%d", count.index)]}"
+ availability_zone = element(split(", ", var.aws_azs), count.index)
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "public_az${count.index + 1}"
+ },
+ var.public_subnet_tags,
+ )
 }
 
 output "aws_subnet_public_ids" {
- value = ["${aws_subnet.public.*.id}"]
+ value = [aws_subnet.public.*.id]
 }
 
 resource "aws_route_table_association" "public_public" {
- count = "${var.az_count}"
- subnet_id = "${element(aws_subnet.public.*.id, count.index)}"
- route_table_id = "${aws_route_table.public.id}"
+ count  = var.az_count
+ subnet_id  = element(aws_subnet.public.*.id, count.index)
+ route_table_id = aws_route_table.public.id
 }
 
 resource "aws_subnet" "private_prod" {
- count = "${var.az_count}"
- vpc_id = "${aws_vpc.default.id}"
- cidr_block = "${var.vpc_cidr_base}${lookup(var.private_prod_subnet_cidrs, format("zone%d", count.index))}"
- availability_zone = "${element(split(", ", var.aws_azs), count.index)}"
- tags = "${merge(var.global_tags,
- map("Name", "private_prod_az${(count.index +1)}"),
- var.private_prod_subnet_tags)}"
+ count = var.az_count
+ vpc_id = aws_vpc.default.id
+ cidr_block = "${var.vpc_cidr_base}${var.private_prod_subnet_cidrs[format("zone%d", count.index)]}"
+ availability_zone = element(split(", ", var.aws_azs), count.index)
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "private_prod_az${count.index + 1}"
+ },
+ var.private_prod_subnet_tags,
+ )
 }
 
 output "aws_subnet_private_prod_ids" {
- value = ["${aws_subnet.private_prod.*.id}"]
+ value = [aws_subnet.private_prod.*.id]
 }
 
 resource "aws_route_table_association" "private_private_prod" {
- count = "${var.az_count}"
- subnet_id = "${element(aws_subnet.private_prod.*.id, count.index)}"
- route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
+ count  = var.az_count
+ subnet_id  = element(aws_subnet.private_prod.*.id, count.index)
+ route_table_id = element(aws_route_table.private.*.id, count.index)
 }
 
 resource "aws_subnet" "private_working" {
- count = "${var.az_count}"
- vpc_id = "${aws_vpc.default.id}"
- cidr_block = "${var.vpc_cidr_base}${lookup(var.private_working_subnet_cidrs, format("zone%d", count.index))}"
- availability_zone = "${element(split(", ", var.aws_azs), count.index)}"
- tags = "${merge(var.global_tags,
- map("Name", "private_working_az${(count.index +1)}"),
- var.private_working_subnet_tags)}"
+ count = var.az_count
+ vpc_id = aws_vpc.default.id
+ cidr_block = "${var.vpc_cidr_base}${var.private_working_subnet_cidrs[format("zone%d", count.index)]}"
+ availability_zone = element(split(", ", var.aws_azs), count.index)
+ tags = merge(
+ var.global_tags,
+ {
+ "Name" = "private_working_az${count.index + 1}"
+ },
+ var.private_working_subnet_tags,
+ )
 }
 
 output "aws_subnet_private_working_ids" {
- value = ["${aws_subnet.private_working.*.id}"]
+ value = [aws_subnet.private_working.*.id]
 }
 
 resource "aws_route_table_association" "private_private_working" {
- count = "${var.az_count}"
- subnet_id = "${element(aws_subnet.private_working.*.id, count.index)}"
- route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
+ count  = var.az_count
+ subnet_id  = element(aws_subnet.private_working.*.id, count.index)
+ route_table_id = element(aws_route_table.private.*.id, count.index)
 }
+
diff --git a/tests/provider.tf b/tests/provider.tf
@@ -2,7 +2,7 @@ variable "aws_access_key" {}
 variable "aws_secret_key" {}
 
 provider "aws" {
- access_key = "${var.aws_access_key}"
- secret_key = "${var.aws_secret_key}"
- region = "${var.aws_region}"
+ access_key = var.aws_access_key
+ secret_key = var.aws_secret_key
+ region = var.aws_region
 }