-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmain.tf
116 lines (106 loc) · 5.24 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
## Managed By : CloudDrove
## Copyright @ CloudDrove. All Right Reserved.
##-----------------------------------------------------------------------------
## Locals declaration
##-----------------------------------------------------------------------------
locals {
subnet = var.specific_name_subnet == false ? length(var.subnet_names) : length(var.specific_subnet_names)
}
##-----------------------------------------------------------------------------
## Labels module callled that will be used for naming and tags.
##-----------------------------------------------------------------------------
module "labels" {
source = "clouddrove/labels/azure"
version = "1.0.0"
name = var.name
environment = var.environment
managedby = var.managedby
label_order = var.label_order
repository = var.repository
extra_tags = var.extra_tags
}
##-----------------------------------------------------------------------------
## Below resource will deploy subnet in your azure environment.
##-----------------------------------------------------------------------------
resource "azurerm_subnet" "subnet" {
count = var.enable ? local.subnet : 0
name = var.specific_name_subnet == false ? "${var.name}-${element(var.subnet_names, count.index)}" : var.specific_subnet_names[0]
resource_group_name = var.resource_group_name
address_prefixes = [var.subnet_prefixes[count.index]]
virtual_network_name = var.virtual_network_name
service_endpoints = var.service_endpoints
service_endpoint_policy_ids = var.service_endpoint_policy_ids
private_link_service_network_policies_enabled = var.subnet_enforce_private_link_service_network_policies
private_endpoint_network_policies = var.private_endpoint_network_policies
default_outbound_access_enabled = var.default_outbound_access_enabled
dynamic "delegation" {
for_each = var.delegation
content {
name = delegation.key
dynamic "service_delegation" {
for_each = toset(delegation.value)
content {
name = service_delegation.value.name
actions = service_delegation.value.actions
}
}
}
}
}
##-----------------------------------------------------------------------------
## Below resource will deploy Nat Gateway in your azure environment.
##-----------------------------------------------------------------------------
resource "azurerm_public_ip" "pip" {
count = var.enable && var.create_nat_gateway ? 1 : 0
name = format("%s-nat-gateway-ip", module.labels.id)
allocation_method = var.allocation_method
location = var.location
resource_group_name = var.resource_group_name
sku = var.sku
tags = module.labels.tags
}
resource "azurerm_nat_gateway" "natgw" {
count = var.enable && var.create_nat_gateway ? 1 : 0
name = format("%s-nat-gateway", module.labels.id)
location = var.location
resource_group_name = var.resource_group_name
sku_name = var.sku_name
idle_timeout_in_minutes = var.nat_gateway_idle_timeout
zones = var.zones
tags = module.labels.tags
}
resource "azurerm_nat_gateway_public_ip_association" "pip_assoc" {
count = var.enable && var.create_nat_gateway ? 1 : 0
nat_gateway_id = join("", azurerm_nat_gateway.natgw[*].id)
public_ip_address_id = azurerm_public_ip.pip[0].id
}
resource "azurerm_subnet_nat_gateway_association" "subnet_assoc" {
count = var.enable && var.create_nat_gateway ? local.subnet : 0
nat_gateway_id = join("", azurerm_nat_gateway.natgw[*].id)
subnet_id = element(azurerm_subnet.subnet[*].id, count.index)
}
##-------------------------------------------------------------------------------------------
## Below resource will deploy Route Table in your azure environment and associate with subnet
##-------------------------------------------------------------------------------------------
resource "azurerm_route_table" "rt" {
count = var.enable && var.enable_route_table ? 1 : 0
name = var.route_table_name == null ? format("%s-route-table", module.labels.id) : format("%s-%s-route-table", module.labels.id, var.route_table_name)
location = var.location
resource_group_name = var.resource_group_name
bgp_route_propagation_enabled = var.bgp_route_propagation_enabled
tags = module.labels.tags
dynamic "route" {
for_each = var.routes
content {
name = route.value.name
address_prefix = route.value.address_prefix
next_hop_type = route.value.next_hop_type
next_hop_in_ip_address = lookup(route.value, "next_hop_in_ip_address", null)
}
}
}
resource "azurerm_subnet_route_table_association" "main" {
count = var.enable && var.enable_route_table ? local.subnet : 0
subnet_id = element(azurerm_subnet.subnet[*].id, count.index)
route_table_id = azurerm_route_table.rt[0].id
}