// Private subnet resource "aws_subnet" "private" { for_each = local.az_private_subnets vpc_id = data.aws_vpc.selected.id cidr_block = each.value availability_zone = each.key tags = { Name = "EKS (${var.cluster_name}) private subnet (${each.key})", "kubernetes.io/role/internal-elb" = 1 } } resource "aws_route_table" "private" { for_each = local.az_private_subnets vpc_id = data.aws_vpc.selected.id tags = { Name = "EKS (${var.cluster_name}) private subnet (${each.key})" } } resource "aws_route_table_association" "private" { for_each = local.az_private_subnets subnet_id = aws_subnet.private[each.key].id route_table_id = aws_route_table.private[each.key].id } // Public subnet resource "aws_subnet" "public" { for_each = local.az_public_subnets vpc_id = data.aws_vpc.selected.id cidr_block = each.value availability_zone = each.key tags = { Name = "EKS (${var.cluster_name}) public subnet (${each.key})" "kubernetes.io/role/elb" = 1 } map_public_ip_on_launch = true } resource "aws_route_table" "public" { vpc_id = data.aws_vpc.selected.id tags = { Name = "EKS (${var.cluster_name}) public subnet" } } resource "aws_route_table_association" "public" { for_each = local.az_public_subnets subnet_id = aws_subnet.public[each.key].id route_table_id = aws_route_table.public.id } resource "aws_route" "public_internet_gateway" { route_table_id = aws_route_table.public.id destination_cidr_block = "0.0.0.0/0" gateway_id = data.aws_internet_gateway.default.id } // NAT gateway resource "aws_eip" "nat" { domain = "vpc" } resource "aws_nat_gateway" "nat_gateway" { allocation_id = aws_eip.nat.id subnet_id = aws_subnet.public[local.azs[0]].id } resource "aws_route" "nat_gateway" { for_each = local.az_private_subnets route_table_id = aws_route_table.private[each.key].id destination_cidr_block = "0.0.0.0/0" nat_gateway_id = aws_nat_gateway.nat_gateway.id }