initial commit

2025-07-22 18:29:08 -05:00
commit 18647902d4
18 changed files with 11020 additions and 0 deletions
--- a/modules/network/data.tf
+++ b/modules/network/data.tf
@@ -0,0 +1,19 @@
+data "aws_availability_zones" "available" {
+  filter {
+    name   = "opt-in-status"
+    values = ["opt-in-not-required"]
+  }
+
+  exclude_zone_ids = ["use1-az3", "usw1-az2", "cac1-az3"]
+}
+
+data "aws_vpc" "selected" {
+  id = var.vpc_id
+}
+
+data "aws_internet_gateway" "default" {
+  filter {
+    name   = "attachment.vpc-id"
+    values = [data.aws_vpc.selected.id]
+  }
+}
--- a/modules/network/locals.tf
+++ b/modules/network/locals.tf
@@ -0,0 +1,7 @@
+locals {
+  azs = slice(data.aws_availability_zones.available.names, 0, 3)
+
+  az_private_subnets = zipmap(local.azs, var.private_subnets)
+
+  az_public_subnets = zipmap(local.azs, var.public_subnets)
+}
--- a/modules/network/main.tf
+++ b/modules/network/main.tf
@@ -0,0 +1,74 @@
+// Private subnet
+resource "aws_subnet" "private" {
+  for_each          = local.az_private_subnets
+  vpc_id            = data.aws_vpc.selected.id
+  cidr_block        = each.value
+  availability_zone = each.key
+  tags = {
+    Name                              = "EKS (${var.cluster_name}) private subnet (${each.key})",
+    "kubernetes.io/role/internal-elb" = 1
+  }
+}
+
+resource "aws_route_table" "private" {
+  for_each = local.az_private_subnets
+  vpc_id   = data.aws_vpc.selected.id
+  tags = {
+    Name = "EKS (${var.cluster_name}) private subnet (${each.key})"
+  }
+}
+
+resource "aws_route_table_association" "private" {
+  for_each       = local.az_private_subnets
+  subnet_id      = aws_subnet.private[each.key].id
+  route_table_id = aws_route_table.private[each.key].id
+}
+
+// Public subnet
+resource "aws_subnet" "public" {
+  for_each          = local.az_public_subnets
+  vpc_id            = data.aws_vpc.selected.id
+  cidr_block        = each.value
+  availability_zone = each.key
+  tags = {
+    Name                     = "EKS (${var.cluster_name}) public subnet (${each.key})"
+    "kubernetes.io/role/elb" = 1
+  }
+  map_public_ip_on_launch = true
+}
+
+resource "aws_route_table" "public" {
+  vpc_id = data.aws_vpc.selected.id
+  tags = {
+    Name = "EKS (${var.cluster_name}) public subnet"
+  }
+}
+
+resource "aws_route_table_association" "public" {
+  for_each       = local.az_public_subnets
+  subnet_id      = aws_subnet.public[each.key].id
+  route_table_id = aws_route_table.public.id
+}
+
+resource "aws_route" "public_internet_gateway" {
+  route_table_id         = aws_route_table.public.id
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = data.aws_internet_gateway.default.id
+}
+
+// NAT gateway
+resource "aws_eip" "nat" {
+  domain = "vpc"
+}
+
+resource "aws_nat_gateway" "nat_gateway" {
+  allocation_id = aws_eip.nat.id
+  subnet_id     = aws_subnet.public[local.azs[0]].id
+}
+
+resource "aws_route" "nat_gateway" {
+  for_each               = local.az_private_subnets
+  route_table_id         = aws_route_table.private[each.key].id
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = aws_nat_gateway.nat_gateway.id
+}
--- a/modules/network/outputs.tf
+++ b/modules/network/outputs.tf
@@ -0,0 +1,15 @@
+output "azs" {
+  value = local.azs
+}
+
+output "vpc" {
+  value = data.aws_vpc.selected
+}
+
+output "private_subnet_ids" {
+  value = [for k in aws_subnet.private : k.id]
+}
+
+output "public_subnet_ids" {
+  value = [for k in aws_subnet.public : k.id]
+}
--- a/modules/network/variables.tf
+++ b/modules/network/variables.tf
@@ -0,0 +1,18 @@
+variable "vpc_id" {
+  description = "VPC ID"
+  type        = string
+}
+
+variable "cluster_name" {
+  description = "The name of the cluster"
+}
+
+variable "private_subnets" {
+  description = "Private subnets}"
+  type        = list(string)
+}
+
+variable "public_subnets" {
+  description = "Public subnets}"
+  type        = list(string)
+}