Separate Service Gateway routing rule from NAT (#109)

Closes: #108
oracle-terraform-modules · Apr 21, 2023 · d03bda9 · d03bda9
1 parent 0677cfb
commit d03bda9
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 12 deletions.
diff --git a/outputs.tf b/outputs.tf
@@ -32,6 +32,11 @@ output "nat_route_id" {
   value       = join(",", oci_core_route_table.nat[*].id)
 }
 
+output "sgw_route_id" {
+  description = "id of VCN Service gateway route table"
+  value       = join(",", oci_core_route_table.service_gw[*].id)
+}
+
 # New complete outputs for each resources with provider parity. Auto-updating.
 # Usefull for module composition.
 

diff --git a/vcn_gateways.tf b/vcn_gateways.tf
@@ -129,6 +129,34 @@ resource "oci_core_service_gateway" "service_gateway" {
   count = var.create_service_gateway == true ? 1 : 0
 }
 
+resource "oci_core_route_table" "service_gw" {
+  compartment_id = var.compartment_id
+  display_name   = var.label_prefix == "none" ? "service-gw-route" : "${var.label_prefix}-service-gw-route"
+
+  freeform_tags = var.freeform_tags
+  defined_tags = var.defined_tags
+
+  dynamic "route_rules" {
+    # * If Service Gateway is created with the module, automatically creates a rule to handle traffic for "all services" through Service Gateway
+    for_each = var.create_service_gateway == true ? [1] : []
+
+    content {
+      destination       = lookup(data.oci_core_services.all_oci_services[0].services[0], "cidr_block")
+      destination_type  = "SERVICE_CIDR_BLOCK"
+      network_entity_id = oci_core_service_gateway.service_gateway[0].id
+      description       = "Terraformed - Auto-generated at Service Gateway creation: All Services in region to Service Gateway"
+    }
+  }
+
+  vcn_id = oci_core_vcn.vcn.id
+
+  lifecycle {
+    ignore_changes = [defined_tags, freeform_tags]
+  }
+
+  count = var.create_service_gateway == true ? 1 : 0
+}
+
 ###################
 # NAT Gateway (NGW)
 ###################
@@ -165,18 +193,6 @@ resource "oci_core_route_table" "nat" {
     description       = "Terraformed - Auto-generated at NAT Gateway creation: NAT Gateway as default gateway"
   }
 
-  dynamic "route_rules" {
-    # * If Service Gateway is created with the module, automatically creates a rule to handle traffic for "all services" through Service Gateway
-    for_each = var.create_service_gateway == true ? [1] : []
-
-    content {
-      destination       = lookup(data.oci_core_services.all_oci_services[0].services[0], "cidr_block")
-      destination_type  = "SERVICE_CIDR_BLOCK"
-      network_entity_id = oci_core_service_gateway.service_gateway[0].id
-      description       = "Terraformed - Auto-generated at Service Gateway creation: All Services in region to Service Gateway"
-    }
-  }
-
   dynamic "route_rules" {
     # * filter var.nat_gateway_route_rules for routes with "drg" as destination
     # * and steer traffic to the attached DRG if available