adds extra tags per subnet option to terraform module (#21)

* adds extra tags per subnet option to terraform module * fixes tagging format * fixes variable names * adds documentation * formats
skyscrapers · Mar 21, 2019 · 05bbf15 · 05bbf15
1 parent 66afc50
commit 05bbf15
Show file tree

Hide file tree

Showing 10 changed files with 178 additions and 108 deletions.
diff --git a/README.md b/README.md
@@ -81,29 +81,43 @@ It will also create the required route tables for the private subnets. The priva
 
 ### Available variables
 
-* [`cidr_block`]: String(required): the CIDR of the new VPC
-* [`amount_public_nat-bastion_subnets`]: String(optional): default to 3. the amount of public_nat-bastion subnets required
-* [`amount_public_lb_subnets`]: String(optional): default to 3. the amount of public_lb subnets required
-* [`amount_private_app_subnets`]: String(optional): default to 3. the amount of private_app subnets required
-* [`amount_private_db_subnets`]: String(optional): default to 3. the amount of private_db subnets required
-* [`environment`]: String(required): the name of the environment these subnets belong to (prod,stag,dev)
-* [`project`]: String(required): the name of the project these subnets belong to
-* [`number_private_rt`]: String(optional): default to 1. the desired number of private route tables. In case we want one per AZ we can change this value.
-* [`netnum_public_nat-bastion`]: String(optional): default to 0. First number of subnet to start of for public_nat-bastion subnets
-* [`netnum_public_lb`]: String(optional): default to 10. First number of subnet to start of for public_lb subnets
-* [`netnum_private_app`]: String(optional): default to 20. First number of subnet to start of for private_app subnets
-* [`netnum_private_db`]: String(optional): default to 30. First number of subnet to start of for private_db subnets
-* [`tags`]: Map(optional): optional tags
-
-### Output
-
-* [`vpc_id`]: String: the id of the vpc created
-* [`public_nat-bastion`]: List: list of the public_nat-bastion subnets id created
-* [`public_lb_subnets`]: List: list of the public_lb subnets id created
-* [`private_app_subnets`]: List: list of the private_app subnets id created
-* [`private_db_subnets`]: List: list of the private_db subnets id created
-* [`base_sg`]: String: id of the security group created
-* [`private_rts`]:  List: list of the ids of the private route tables created
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| amount\_private\_app\_subnets | Amount of subnets you need | string | `"3"` | no |
+| amount\_private\_db\_subnets | Amount of subnets you need | string | `"3"` | no |
+| amount\_private\_management\_subnets | Amount of subnets you need | string | `"0"` | no |
+| amount\_public\_lb\_subnets | Amount of subnets you need | string | `"3"` | no |
+| amount\_public\_nat-bastion\_subnets | Amount of subnets you need | string | `"1"` | no |
+| cidr\_block | CIDR block you want to have in your VPC | string | n/a | yes |
+| environment | How do you want to call your environment, this is helpful if you have more than 1 VPC. | string | `"production"` | no |
+| extra\_tags\_private\_db | Private database subnets extra tags | map | `<map>` | no |
+| extra\_tags\_private\_management | Private management subnets extra tags | map | `<map>` | no |
+| extra\_tags\_public\_app | Public app subnets extra tags | map | `<map>` | no |
+| extra\_tags\_public\_lb | Public load balancer subnets extra tags | map | `<map>` | no |
+| extra\_tags\_public\_nat-bastion | Public nat/bastion subnets extra tags | map | `<map>` | no |
+| extra\_tags\_vpc | VPC extra tags | map | `<map>` | no |
+| netnum\_private\_app | First number of subnet to start of for private_app subnets | string | `"20"` | no |
+| netnum\_private\_db | First number of subnet to start of for private_db subnets | string | `"30"` | no |
+| netnum\_private\_management | First number of subnet to start of for private_management subnets | string | `"200"` | no |
+| netnum\_public\_lb | First number of subnet to start of for public_lb subnets | string | `"10"` | no |
+| netnum\_public\_nat-bastion | First number of subnet to start of for public_nat-bastion subnets | string | `"0"` | no |
+| number\_private\_rt | The desired number of private route tables. In case we want one per AZ we can change this value. | string | `"1"` | no |
+| project | The current project | string | n/a | yes |
+| tags | Optional Tags | map | `<map>` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| default\_network\_acl\_id | Id of the default network acl |
+| private\_app\_subnets | List of the private_app subnets id created |
+| private\_db\_subnets | List of the private_db subnets id created |
+| private\_management\_subnets | List of the private_management subnets id created |
+| private\_rts | List of the ids of the private route tables created |
+| public\_lb\_subnets | List of the public_lb subnets id created |
+| public\_nat-bastion | List of the public_nat-bastion subnets id created |
+| public\_rts | List of the ids of the public route tables created |
+| vpc\_id | The id of the vpc created |
 
 ### Example
 

diff --git a/nat_gateway/main.tf b/nat_gateway/main.tf
@@ -1,6 +1,6 @@
 resource "aws_eip" "nat_gateway" {
-  count="${var.number_nat_gateways}"
-  vpc = true
+  count = "${var.number_nat_gateways}"
+  vpc   = true
 }
 
 data "aws_subnet" "ngw_subnets" {
@@ -9,16 +9,16 @@ data "aws_subnet" "ngw_subnets" {
 }
 
 resource "aws_nat_gateway" "gateway" {
-  count="${var.number_nat_gateways}"
+  count         = "${var.number_nat_gateways}"
   allocation_id = "${aws_eip.nat_gateway.*.id[count.index]}"
-  subnet_id = "${var.public_subnets[count.index]}"
+  subnet_id     = "${var.public_subnets[count.index]}"
 
   tags = "${merge(var.tags, map("Name", data.aws_subnet.ngw_subnets.*.availability_zone[count.index]))}"
 }
 
 resource "aws_route" "r" {
-    count = "${var.number_nat_gateways}"
-    route_table_id = "${element(var.private_route_tables,count.index)}"
-    destination_cidr_block = "0.0.0.0/0"
-    nat_gateway_id = "${element(aws_nat_gateway.gateway.*.id,count.index)}"
+  count                  = "${var.number_nat_gateways}"
+  route_table_id         = "${element(var.private_route_tables,count.index)}"
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = "${element(aws_nat_gateway.gateway.*.id,count.index)}"
 }
diff --git a/nat_gateway/output.tf b/nat_gateway/output.tf
@@ -1,6 +1,7 @@
 output "ids" {
   value = ["${aws_nat_gateway.gateway.*.id}"]
 }
+
 output "ips" {
   value = ["${aws_eip.nat_gateway.*.public_ip}"]
 }
diff --git a/nat_gateway/variables.tf b/nat_gateway/variables.tf
@@ -1,9 +1,11 @@
 variable "private_route_tables" {
   type = "list"
 }
+
 variable "number_nat_gateways" {
   default = "1"
 }
+
 variable "public_subnets" {
   type = "list"
 }

diff --git a/securitygroups/icinga_satellite/main.tf b/securitygroups/icinga_satellite/main.tf
@@ -1,7 +1,7 @@
 resource "aws_security_group" "sg_icinga_satellite" {
-  name = "sg_icinga_satellite_${var.project}_${var.environment}"
+  name        = "sg_icinga_satellite_${var.project}_${var.environment}"
   description = "Icinga Satellite Security Group"
-  vpc_id = "${var.vpc_id}"
+  vpc_id      = "${var.vpc_id}"
 
   tags {
     Name        = "${var.project}-${var.environment}-sg_icinga_sattelite"

diff --git a/subnets/variables.tf b/subnets/variables.tf
@@ -39,10 +39,12 @@ variable "environment" {
 variable "num_subnets" {
   default = "3"
 }
+
 variable "route_tables" {
-  type = "list"
+  type    = "list"
   default = []
 }
+
 variable "num_route_tables" {
   default = "0"
 }
diff --git a/vpc/main.tf b/vpc/main.tf
@@ -8,81 +8,81 @@ resource "aws_vpc" "main" {
   enable_dns_support   = true
   enable_dns_hostnames = true
 
-  tags = "${merge("${var.tags}",map("Name", "${var.project} ${var.environment} VPC", "Environment", "${var.environment}", "Project", "${var.project}"))}"
+  tags = "${merge("${merge(var.extra_tags_vpc,var.tags)}",map("Name", "${var.project} ${var.environment} VPC", "Environment", "${var.environment}", "Project", "${var.project}"))}"
 }
 
 module "public_nat-bastion_subnets" {
-  source      = "../subnets"
-  num_subnets = "${var.amount_public_nat-bastion_subnets}"
-  visibility  = "public"
-  role        = "nat-bastion"
-  cidr        = "${var.cidr_block}"
-  netnum      = "${var.netnum_public_nat-bastion}"
-  vpc_id      = "${aws_vpc.main.id}"
-  environment = "${var.environment}"
-  project     = "${var.project}"
-  tags        = "${var.tags}"
-  route_tables = "${aws_route_table.public.*.id}"
+  source           = "../subnets"
+  num_subnets      = "${var.amount_public_nat-bastion_subnets}"
+  visibility       = "public"
+  role             = "nat-bastion"
+  cidr             = "${var.cidr_block}"
+  netnum           = "${var.netnum_public_nat-bastion}"
+  vpc_id           = "${aws_vpc.main.id}"
+  environment      = "${var.environment}"
+  project          = "${var.project}"
+  tags             = "${merge(var.extra_tags_public_nat-bastion,var.tags)}"
+  route_tables     = "${aws_route_table.public.*.id}"
   num_route_tables = "1"
 }
 
 module "public_lb_subnets" {
-  source      = "../subnets"
-  num_subnets = "${var.amount_public_lb_subnets}"
-  visibility  = "public"
-  role        = "lb"
-  cidr        = "${var.cidr_block}"
-  netnum      = "${var.netnum_public_lb}"
-  vpc_id      = "${aws_vpc.main.id}"
-  environment = "${var.environment}"
-  project     = "${var.project}"
-  tags        = "${var.tags}"
-  route_tables = "${aws_route_table.public.*.id}"
+  source           = "../subnets"
+  num_subnets      = "${var.amount_public_lb_subnets}"
+  visibility       = "public"
+  role             = "lb"
+  cidr             = "${var.cidr_block}"
+  netnum           = "${var.netnum_public_lb}"
+  vpc_id           = "${aws_vpc.main.id}"
+  environment      = "${var.environment}"
+  project          = "${var.project}"
+  tags             = "${merge(var.extra_tags_public_lb,var.tags)}"
+  route_tables     = "${aws_route_table.public.*.id}"
   num_route_tables = "1"
 }
 
 module "private_app_subnets" {
-  source      = "../subnets"
-  num_subnets = "${var.amount_private_app_subnets}"
-  visibility  = "private"
-  role        = "app"
-  cidr        = "${var.cidr_block}"
-  netnum      = "${var.netnum_private_app}"
-  vpc_id      = "${aws_vpc.main.id}"
-  environment = "${var.environment}"
-  project     = "${var.project}"
-  tags        = "${var.tags}"
-  route_tables = "${aws_route_table.private.*.id}"
+  source           = "../subnets"
+  num_subnets      = "${var.amount_private_app_subnets}"
+  visibility       = "private"
+  role             = "app"
+  cidr             = "${var.cidr_block}"
+  netnum           = "${var.netnum_private_app}"
+  vpc_id           = "${aws_vpc.main.id}"
+  environment      = "${var.environment}"
+  project          = "${var.project}"
+  tags             = "${merge(var.extra_tags_public_app,var.tags)}"
+  route_tables     = "${aws_route_table.private.*.id}"
   num_route_tables = "${var.number_private_rt}"
 }
 
 module "private_db_subnets" {
-  source      = "../subnets"
-  num_subnets = "${var.amount_private_db_subnets}"
-  visibility  = "private"
-  role        = "db"
-  cidr        = "${var.cidr_block}"
-  netnum      = "${var.netnum_private_db}"
-  vpc_id      = "${aws_vpc.main.id}"
-  environment = "${var.environment}"
-  project     = "${var.project}"
-  tags        = "${var.tags}"
-  route_tables = "${aws_route_table.private.*.id}"
+  source           = "../subnets"
+  num_subnets      = "${var.amount_private_db_subnets}"
+  visibility       = "private"
+  role             = "db"
+  cidr             = "${var.cidr_block}"
+  netnum           = "${var.netnum_private_db}"
+  vpc_id           = "${aws_vpc.main.id}"
+  environment      = "${var.environment}"
+  project          = "${var.project}"
+  tags             = "${merge(var.extra_tags_private_db,var.tags)}"
+  route_tables     = "${aws_route_table.private.*.id}"
   num_route_tables = "${var.number_private_rt}"
 }
 
 module "private_management_subnets" {
-  source      = "../subnets"
-  num_subnets = "${var.amount_private_management_subnets}"
-  visibility  = "private"
-  role        = "management"
-  cidr        = "${var.cidr_block}"
-  netnum      = "${var.netnum_private_management}"
-  vpc_id      = "${aws_vpc.main.id}"
-  environment = "${var.environment}"
-  project     = "${var.project}"
-  tags        = "${var.tags}"
-  route_tables = "${aws_route_table.private.*.id}"
+  source           = "../subnets"
+  num_subnets      = "${var.amount_private_management_subnets}"
+  visibility       = "private"
+  role             = "management"
+  cidr             = "${var.cidr_block}"
+  netnum           = "${var.netnum_private_management}"
+  vpc_id           = "${aws_vpc.main.id}"
+  environment      = "${var.environment}"
+  project          = "${var.project}"
+  tags             = "${merge(var.extra_tags_private_management,var.tags)}"
+  route_tables     = "${aws_route_table.private.*.id}"
   num_route_tables = "${var.number_private_rt}"
 }
 

diff --git a/vpc/outputs.tf b/vpc/outputs.tf
@@ -1,35 +1,44 @@
 output "vpc_id" {
-  value = "${aws_vpc.main.id}"
+  description = "The id of the vpc created"
+  value       = "${aws_vpc.main.id}"
 }
 
 output "public_nat-bastion" {
-  value = "${module.public_nat-bastion_subnets.ids}"
+  description = "List of the public_nat-bastion subnets id created"
+  value       = "${module.public_nat-bastion_subnets.ids}"
 }
 
 output "public_lb_subnets" {
-  value = "${module.public_lb_subnets.ids}"
+  description = "List of the public_lb subnets id created"
+  value       = "${module.public_lb_subnets.ids}"
 }
 
 output "private_app_subnets" {
-  value = "${module.private_app_subnets.ids}"
+  description = "List of the private_app subnets id created"
+  value       = "${module.private_app_subnets.ids}"
 }
 
 output "private_db_subnets" {
-  value = "${module.private_db_subnets.ids}"
+  description = "List of the private_db subnets id created"
+  value       = "${module.private_db_subnets.ids}"
 }
 
 output "private_management_subnets" {
-  value = "${module.private_management_subnets.ids}"
+  description = "List of the private_management subnets id created"
+  value       = "${module.private_management_subnets.ids}"
 }
 
 output "private_rts" {
-  value = ["${aws_route_table.private.*.id}"]
+  description = "List of the ids of the private route tables created"
+  value       = ["${aws_route_table.private.*.id}"]
 }
 
 output "public_rts" {
-  value = ["${aws_route_table.public.*.id}"]
+  description = "List of the ids of the public route tables created"
+  value       = ["${aws_route_table.public.*.id}"]
 }
 
 output "default_network_acl_id" {
-  value = "${aws_vpc.main.default_network_acl_id}"
+  description = "Id of the default network acl"
+  value       = "${aws_vpc.main.default_network_acl_id}"
 }
diff --git a/vpc/routes.tf b/vpc/routes.tf
@@ -6,9 +6,9 @@ resource "aws_route_table" "public" {
 }
 
 resource "aws_route" "public" {
-  route_table_id          = "${aws_route_table.public.id}"
-  destination_cidr_block  = "0.0.0.0/0"
-  gateway_id              = "${aws_internet_gateway.gw.id}"
+  route_table_id         = "${aws_route_table.public.id}"
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = "${aws_internet_gateway.gw.id}"
 }
 
 # Create route table