Aded examples and updated names

97c5f73b · Anton Babenko · 7c927eb0 · 97c5f73b · 97c5f73b · 97c5f73b
Commit 97c5f73b authored Sep 11, 2017 by Anton Babenko
11 changed files
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
+version: 2
+
+terraform: &terraform
+  docker:
+    - image: hashicorp/terraform:0.10.4
+  working_directory: /tmp/workspace/terraform
+
+jobs:
+  validate:
+    <<: *terraform
+    steps:
+      - checkout
+      - run:
+          name: Add github.com to ~/.ssh/known_hosts
+          command: mkdir ~/.ssh && ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
+      - run:
+          name: terraform init
+          command: terraform init -input=false
+      - run:
+          name: Validate Terraform configurations
+          command: find . -type f -name "*.tf" -exec dirname {} \;|sort -u | while read m; do (terraform validate -check-variables=false "$m" && echo "√ $m") || exit 1 ; done
+      - run:
+          name: Check if Terraform configurations are properly formatted
+          command: if [[ -n "$(terraform fmt -write=false)" ]]; then echo "Some terraform files need be formatted, run 'terraform fmt' to fix"; exit 1; fi
+      - run:
+          name: Install tflint
+          command: curl -L -o /tmp/tflint.zip https://github.com/wata727/tflint/releases/download/v0.4.2/tflint_linux_amd64.zip && unzip /tmp/tflint.zip -d /usr/local/bin
+      - run:
+          name: Check Terraform configurations with tflint
+          command: tflint
+      - persist_to_workspace:
+          root: .
+          paths: .
+
+workflows:
+  version: 2
+  build:
+    jobs:
+      - validate
+#      - plan_examples
+#      - approve
+#      - release
--- a/README.md
+++ b/README.md
@@ -3,6 +3,18 @@ AWS VPC Terraform module

 Terraform module which creates VPC resources on AWS.

+These types of resources are supported:
+
+* [VPC](https://www.terraform.io/docs/providers/aws/r/vpc.html)
+* [Subnet](https://www.terraform.io/docs/providers/aws/r/aws_subnet.html)
+* [Route](https://www.terraform.io/docs/providers/aws/r/route.html)
+* [Route table](https://www.terraform.io/docs/providers/aws/r/route_table.html)
+* [Internet Gateway](https://www.terraform.io/docs/providers/aws/r/internet_gateway.html) 
+* [NAT Gateway](https://www.terraform.io/docs/providers/aws/r/nat_gateway.html)
+* [VPC Endpoint](https://www.terraform.io/docs/providers/aws/r/vpc_endpoint.html) (S3 and DynamoDB)
+* [RDS DB Subnet Group](https://www.terraform.io/docs/providers/aws/r/db_subnet_group.html) 
+* [ElastiCache Subnet Group](https://www.terraform.io/docs/providers/aws/r/elasticache_subnet_group.html) 
+
 Usage
 -----

@@ -13,13 +25,13 @@ module "vpc" {
  name = "my-vpc"

  cidr = "10.0.0.0/16"
+  
+  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]

  enable_nat_gateway = true

-  azs = ["us-west-2a", "us-west-2b", "us-west-2c"]
-
  tags {
    Terraform = "true"
    Environment = "dev"
@@ -27,6 +39,12 @@ module "vpc" {
 }
 ```

+Examples
+========
+
+* [simple-vpc](examples/simple-vpc)
+* [complete-vpc](examples/complete-vpc)
+
 Authors
 =======


--- a/examples/complete-vpc/README.md
+++ b/examples/complete-vpc/README.md
+Complete VPC
+============
+
+Configuration in this directory creates set of VPC resources which may be sufficient for staging or production environment (look into [simple-vpc](../simple-vpc) for more simplified setup).
+
+There are public, private, database, ElastiCache subnets, NAT Gateways created in each availability zone.
+
+Usage
+=====
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example may create resources which can cost money (AWS Elastic IP, for example). Run `terraform destroy` when you don't need these resources.
--- a/examples/complete-vpc/main.tf
+++ b/examples/complete-vpc/main.tf
+module "vpc" {
+  source = "../../"
+
+  name = "complete-example"
+
+  cidr = "10.10.0.0/16"
+
+  azs                 = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
+  private_subnets     = ["10.10.1.0/24", "10.10.2.0/24", "10.10.3.0/24"]
+  public_subnets      = ["10.10.11.0/24", "10.10.12.0/24", "10.10.13.0/24"]
+  database_subnets    = ["10.10.21.0/24", "10.10.22.0/24", "10.10.23.0/24"]
+  elasticache_subnets = ["10.10.31.0/24", "10.10.32.0/24", "10.10.33.0/24"]
+
+  create_database_subnet_group = false
+
+  enable_nat_gateway = true
+
+  enable_s3_endpoint       = true
+  enable_dynamodb_endpoint = true
+
+  tags = {
+    Owner       = "user"
+    Environment = "staging"
+  }
+}
--- a/examples/complete-vpc/outputs.tf
+++ b/examples/complete-vpc/outputs.tf
+# VPC
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = "${module.vpc.vpc_id}"
+}
+
+# Subnets
+output "private_subnets" {
+  description = "List of IDs of private subnets"
+  value       = ["${module.vpc.private_subnets}"]
+}
+
+output "public_subnets" {
+  description = "List of IDs of public subnets"
+  value       = ["${module.vpc.public_subnets}"]
+}
+
+output "database_subnets" {
+  description = "List of IDs of database subnets"
+  value       = ["${module.vpc.database_subnets}"]
+}
+
+output "elasticache_subnets" {
+  description = "List of IDs of elasticache subnets"
+  value       = ["${module.vpc.elasticache_subnets}"]
+}
+
+# NAT gateways
+output "nat_public_ips" {
+  description = "List of public Elastic IPs created for AWS NAT Gateway"
+  value       = ["${module.vpc.nat_public_ips}"]
+}
--- a/examples/simple-vpc/README.md
+++ b/examples/simple-vpc/README.md
+Simple VPC
+==========
+
+Configuration in this directory creates set of VPC resources which may be sufficient for development environment.
+
+There is a public and private subnet created per availability zone in addition to single NAT Gateway shared between all 3 availability zones.
+
+Usage
+=====
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example may create resources which can cost money (AWS Elastic IP, for example). Run `terraform destroy` when you don't need these resources.
--- a/examples/simple-vpc/main.tf
+++ b/examples/simple-vpc/main.tf
+provider "aws" {
+  region = "eu-west-1"
+}
+
+module "vpc" {
+  source = "../../"
+
+  name = "simple-example"
+
+  cidr = "10.0.0.0/16"
+
+  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
+  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
+  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
+
+  enable_nat_gateway = true
+  single_nat_gateway = true
+
+  tags = {
+    Owner       = "user"
+    Environment = "dev"
+  }
+}
--- a/examples/simple-vpc/outputs.tf
+++ b/examples/simple-vpc/outputs.tf
+# VPC
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = "${module.vpc.vpc_id}"
+}
+
+# Subnets
+output "private_subnets" {
+  description = "List of IDs of private subnets"
+  value       = ["${module.vpc.private_subnets}"]
+}
+
+output "public_subnets" {
+  description = "List of IDs of public subnets"
+  value       = ["${module.vpc.public_subnets}"]
+}
+
+# NAT gateways
+output "nat_public_ips" {
+  description = "List of public Elastic IPs created for AWS NAT Gateway"
+  value       = ["${module.vpc.nat_public_ips}"]
+}
--- a/main.tf
+++ b/main.tf
--- a/outputs.tf
+++ b/outputs.tf
+# VPC
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = "${aws_vpc.this.id}"
+}
+
+output "vpc_cidr_block" {
+  description = "The CIDR block of the VPC"
+  value       = "${aws_vpc.this.cidr_block}"
+}
+
+output "default_security_group_id" {
+  description = "The ID of the security group created by default on VPC creation"
+  value       = "${aws_vpc.this.default_security_group_id}"
+}
+
+output "default_network_acl_id" {
+  description = "The ID of the default network ACL"
+  value       = "${aws_vpc.this.default_network_acl_id}"
+}
+
+# Subnets
 output "private_subnets" {
-  desctiption = "List of IDs of private subnets"
+  description = "List of IDs of private subnets"
  value       = ["${aws_subnet.private.*.id}"]
 }

@@ -9,38 +31,26 @@ output "public_subnets" {
 }

 output "database_subnets" {
-  desctiption = "List of IDs of database subnets"
+  description = "List of IDs of database subnets"
  value       = ["${aws_subnet.database.*.id}"]
 }

 output "database_subnet_group" {
-  desctiption = "ID of database subnet group"
+  description = "ID of database subnet group"
  value       = "${aws_db_subnet_group.database.id}"
 }

 output "elasticache_subnets" {
-  desctiption = "List of IDs of elasticache subnets"
-
+  description = "List of IDs of elasticache subnets"
  value       = ["${aws_subnet.elasticache.*.id}"]
 }

 output "elasticache_subnet_group" {
-  desctiption = "ID of elasticache subnet group"
-
+  description = "ID of elasticache subnet group"
  value       = "${aws_elasticache_subnet_group.elasticache.id}"
 }

-output "vpc_id" {
-  description = "The ID of the VPC"
-  value       = "${aws_vpc.mod.id}"
-}
-
-output "vpc_cidr_block" {
-  desctiption = "The CIDR block of the VPC"
-
-  value = "${aws_vpc.mod.cidr_block}"
-}
-
+# Route tables
 output "public_route_table_ids" {
  description = "List of IDs of public route tables"
  value       = ["${aws_route_table.public.*.id}"]
@@ -51,28 +61,34 @@ output "private_route_table_ids" {
  value       = ["${aws_route_table.private.*.id}"]
 }

-output "default_security_group_id" {
-  description = "The ID of the security group created by default on VPC creation"
-
-  value = "${aws_vpc.mod.default_security_group_id}"
-}
-
-output "nat_eips" {
+output "nat_ids" {
  description = "List of allocation ID of Elastic IPs created for AWS NAT Gateway"
-  value       = ["${aws_eip.nateip.*.id}"]
+  value       = ["${aws_eip.nat.*.id}"]
 }

-output "nat_eips_public_ips" {
+output "nat_public_ips" {
  description = "List of public Elastic IPs created for AWS NAT Gateway"
-  value       = ["${aws_eip.nateip.*.public_ip}"]
+  value       = ["${aws_eip.nat.*.public_ip}"]
 }

 output "natgw_ids" {
  description = "List of NAT Gateway IDs"
-  value       = ["${aws_nat_gateway.natgw.*.id}"]
+  value       = ["${aws_nat_gateway.this.*.id}"]
 }

+# Internet Gateway
 output "igw_id" {
  description = "The ID of the Internet Gateway"
-  value       = "${aws_internet_gateway.mod.id}"
+  value       = "${aws_internet_gateway.this.id}"
+}
+
+# VPC Endpoints
+output "vpc_endpoint_s3_id" {
+  description = "The ID of VPC endpoint for S3"
+  value       = "${aws_vpc_endpoint.s3.id}"
+}
+
+output "vpc_endpoint_dynamodb_id" {
+  description = "The ID of VPC endpoint for DynamoDB"
+  value       = "${aws_vpc_endpoint.dynamodb.id}"
 }
--- a/variables.tf
+++ b/variables.tf
@@ -35,6 +35,11 @@ variable "elasticache_subnets" {
  default     = []
 }

+variable "create_database_subnet_group" {
+  description = "Controls, if should database subnet group be created."
+  default     = true
+}
+
 variable "azs" {
  description = "A list of Availability zones in the region"
  default     = []
@@ -60,6 +65,11 @@ variable "single_nat_gateway" {
  default     = false
 }

+variable "enable_dynamodb_endpoint" {
+  description = "should be true if you want to provision an DynamoDB endpoint to the VPC"
+  default     = false
+}
+
 variable "enable_s3_endpoint" {
  description = "should be true if you want to provision an S3 endpoint to the VPC"
  default     = false