Skip to content

Commit

Permalink
Merge pull request #31 from clouddrove/feat/issue_240-a
Browse files Browse the repository at this point in the history 
Update module to be dynamic.
  • Loading branch information
@d4kverma
d4kverma committed Sep 25, 2023
2 parents 5d7487f + f8865d7 commit 15cf897
Show file tree
Hide file tree
Showing 22 changed files with 577 additions and 317 deletions.
17 changes: 15 additions & 2 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ updates:
open-pull-requests-limit: 3

- package-ecosystem: "terraform" # See documentation for possible values
directory: "/_example/single-account" # Location of package manifests
directory: "/_example/single_account" # Location of package manifests
schedule:
interval: "weekly"
# Add assignees
Expand All @@ -43,7 +43,20 @@ updates:
open-pull-requests-limit: 3

- package-ecosystem: "terraform" # See documentation for possible values
directory: "/_example/different-account" # Location of package manifests
directory: "/_example/multi_account/main_account" # Location of package manifests
schedule:
interval: "weekly"
# Add assignees
assignees:
- "clouddrove-ci"
# Add reviewer
reviewers:
- "approvers"
# Allow up to 3 open pull requests for pip dependencies
open-pull-requests-limit: 3

- package-ecosystem: "terraform" # See documentation for possible values
directory: "/_example/multi_account/slave_account" # Location of package manifests
schedule:
interval: "weekly"
# Add assignees
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/readme.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ on:
- master

jobs:
readme:
readme-create:
name: 'readme-create'
runs-on: ubuntu-latest
steps:
Expand Down
12 changes: 8 additions & 4 deletions .github/workflows/tf-checks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,15 @@ on:
pull_request:
workflow_dispatch:
jobs:
single:
single-account-example:
uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
with:
working_directory: './_example/single-account/'
different:
working_directory: './_example/single_account/'
main-account-example:
uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
with:
working_directory: './_example/different-account/'
working_directory: './_example/multi_account/main_account/'
slave-account-example:
uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
with:
working_directory: './_example/multi_account/slave_account/'
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,6 @@
*.tfstate
*.tfstate.backup
.terraform
.terraform.*
.idea
*.iml
128 changes: 91 additions & 37 deletions README.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ badges:
url: "LICENSE.md"

prerequesties:
- name: Terraform 1.4.6
- name: Terraform 1.5.6
url: https://learn.hashicorp.com/terraform/getting-started/install.html

# description of this project
Expand All @@ -43,47 +43,101 @@ usage : |-
### Transit Gateway For Single Account
```hcl
module "transit-gateway" {
source = "clouddrove/transit-gateway/aws"
name = "transit-gateway"
environment = "test"
label_order = ["environment", "name"]
enable = true
tgw_create = true
amazon_side_asn = 64512
auto_accept_shared_attachments = "enable"
default_route_table_propagation = "enable"
description = "This transit Gateway create for testung purpose"
#TGW Share
resource_share_enable = false
resource_share_allow_external_principals = true
resource_share_account_ids = ["XXXXXXXXXXXXX"]
module "transit-gateway" {
depends_on = [module.vpc, module.subnets]
source = "clouddrove/transit-gateway/aws"
name = "app"
environment = "test"
tgw_create = true
amazon_side_asn = 64512
description = "This transit Gateway create for testing purpose"
# VPC Attachements
vpc_attachments = {
vpc1 = {
vpc_id = module.vpc.vpc_id
subnet_ids = module.subnets.public_subnet_id
transit_gateway_default_route_table_association = true
transit_gateway_default_route_table_propagation = true
# Below should be uncommented only when vpc and subnet are already deployed.
#vpc_route_table_ids = module.subnets.public_route_tables_id
#destination_cidr = ["10.11.0.0/16"]
},
vpc2 = {
vpc_id = module.vpc_other.vpc_id
subnet_ids = module.subnets_other.public_subnet_id
transit_gateway_default_route_table_association = false
transit_gateway_default_route_table_propagation = false
# Below should be uncommented only when vpc and subnet are already deployed.
#vpc_route_table_ids = module.subnets_other.public_route_tables_id
#destination_cidr = ["31.0.0.0/16", "53.0.0.0/16"]
}
}
}
```
# VPC Attachements
vpc_attachement_create = false # Enable After once create the subnets
vpc_id = module.vpc.vpc_id
destination_cidr_block = [ "10.0.0.0/8", "172.16.0.0/12"]
}
### Transit Gateway for Multi AWS Account
### Main Account
```hcl
module "transit_gateway" {
depends_on = [module.vpc, module.subnets]
source = "clouddrove/transit-gateway/aws"
name = "app"
environment = "test"
tgw_create = true
amazon_side_asn = 64512
auto_accept_shared_attachments = "enable"
default_route_table_propagation = "enable"
description = "This transit Gateway create for testing purpose"
#TGW Share
resource_share_enable = true
resource_share_allow_external_principals = true
resource_share_account_ids = ["xxxxxxxxxxxx"]
# VPC Attachements
vpc_attachments = {
vpc1 = {
vpc_id = module.vpc.vpc_id
subnet_ids = module.subnets.public_subnet_id
transit_gateway_default_route_table_association = true
transit_gateway_default_route_table_propagation = true
# Below should be uncommented only when vpc and subnet are already deployed.
# vpc_route_table_ids = module.subnets.public_route_tables_id
# destination_cidr = ["10.11.0.0/16"]
},
vpc2 = {
vpc_id = module.vpc_other.vpc_id
subnet_ids = module.subnets_other.public_subnet_id
transit_gateway_default_route_table_association = false
transit_gateway_default_route_table_propagation = false
# Below should be uncommented only when vpc and subnet are already deployed.
#vpc_route_table_ids = module.subnets_other.public_route_tables_id
#destination_cidr = ["31.0.0.0/16", "53.0.0.0/16"]
}
}
}
```
### Transit Gateway Diffrent AWS Account
### Slave Account
```hcl
module "transit-gateway" {
module "transit_gateway_peer" {
depends_on = [module.vpc, module.subnets]
source = "clouddrove/transit-gateway/aws"
name = "transit-gateway"
name = "app"
environment = "test"
label_order = ["environment", "name"]
#Transit gateway invitation accepter
tgw_create = false
#TGW Share
aws_ram_resource_share_accepter = true
resource_share_arn = "arn:aws:ram:eu-west-1:XXXXXXXXXXX:resource-share/XXXXXXXXXXXXXXXXXXXXXXXXXX"
resource_share_arn = "arn:aws:ram:eu-west-1:xxxxxxxxxx:resource-share/xxxxxxxxxxxxxxxxxxxxxxxxxx"
# VPC Attachements
vpc_attachement_create = false # Enable After once create the subnets
vpc_id = module.vpc.vpc_id
use_existing_transit_gateway_id = true
transit_gateway_id = "tgw-XXXXXXXXXXX"
destination_cidr_block = ["10.0.0.0/8", "172.16.0.0/12"]
}
transit_gateway_id = "tgw-xxxxxxxxxxx"
vpc_attachments = {
vpc1 = {
vpc_id = module.vpc.vpc_id
subnet_ids = module.subnets.public_subnet_id
transit_gateway_default_route_table_association = true
transit_gateway_default_route_table_propagation = true
# Below should be uncommented only when vpc and subnet are already deployed.
#vpc_route_table_ids = module.subnets.public_route_tables_id
#destination_cidr = ["10.10.0.0/16"]
}
}
}
```
50 changes: 0 additions & 50 deletions _example/different-account/example.tf
View file

This file was deleted.

4 changes: 0 additions & 4 deletions _example/different-account/outputs.tf
View file

This file was deleted.

111 changes: 111 additions & 0 deletions _example/multi_account/main_account/example.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
provider "aws" {
region = "eu-west-2"
}

locals {
name = "app"
environment = "test"
other_name = "app_1"
other_environment = "test_1"
}

##------------------------------------------------------------------------------
# VPC module call.
##------------------------------------------------------------------------------
module "vpc" {
source = "clouddrove/vpc/aws"
version = "2.0.0"
name = local.name
environment = local.environment
cidr_block = "10.10.0.0/16"
}

##------------------------------------------------------------------------------
# Subnet module call.
##------------------------------------------------------------------------------
#tfsec:ignore:aws-ec2-no-excessive-port-access # Ingnored because these are basic examples, it can be changed via varibales as per requirement.
#tfsec:ignore:aws-ec2-no-public-ingress-acl # Ingnored because these are basic examples, it can be changed via varibales as per requirement.
module "subnets" {
source = "clouddrove/subnet/aws"
version = "2.0.0"
name = local.name
environment = local.environment
availability_zones = ["eu-west-2a", "eu-west-2b"]
vpc_id = module.vpc.vpc_id
type = "public"
igw_id = module.vpc.igw_id
nat_gateway_enabled = false
cidr_block = module.vpc.vpc_cidr_block
ipv6_cidr_block = module.vpc.ipv6_cidr_block
}

##------------------------------------------------------------------------------
## Other-vpc module call.
##------------------------------------------------------------------------------
module "vpc_other" {
source = "clouddrove/vpc/aws"
version = "2.0.0"
name = local.other_name
environment = local.other_environment
cidr_block = "192.168.0.0/16"
}

##------------------------------------------------------------------------------
# Other-subnet module call.
##------------------------------------------------------------------------------
#tfsec:ignore:aws-ec2-no-excessive-port-access # Ingnored because these are basic examples, it can be changed via varibales as per requirement.
#tfsec:ignore:aws-ec2-no-public-ingress-acl # Ingnored because these are basic examples, it can be changed via varibales as per requirement.
module "subnets_other" {
source = "clouddrove/subnet/aws"
version = "2.0.0"
name = local.other_name
environment = local.other_environment
availability_zones = ["eu-west-2a", "eu-west-2b"]
vpc_id = module.vpc_other.vpc_id
type = "public"
igw_id = module.vpc_other.igw_id
nat_gateway_enabled = false
cidr_block = module.vpc_other.vpc_cidr_block

}

##------------------------------------------------------------------------------
## Transit-gateway module call.
## Transit gateway configuration for main account where a central transit gateway will be hosted and shared with slave(other accounts)
##------------------------------------------------------------------------------
module "transit_gateway" {
depends_on = [module.vpc, module.subnets]
source = "./../../../"
name = local.name
environment = local.environment
tgw_create = true
amazon_side_asn = 64512
auto_accept_shared_attachments = "enable"
default_route_table_propagation = "enable"
description = "This transit Gateway create for testing purpose"
#TGW Share
resource_share_enable = true
resource_share_allow_external_principals = true
resource_share_account_ids = ["xxxxxxxxxxxx"]
# VPC Attachements
vpc_attachments = {
vpc1 = {
vpc_id = module.vpc.vpc_id
subnet_ids = module.subnets.public_subnet_id
transit_gateway_default_route_table_association = true
transit_gateway_default_route_table_propagation = true
# Below should be uncommented only when vpc and subnet are already deployed.
# vpc_route_table_ids = module.subnets.public_route_tables_id
# destination_cidr = ["10.11.0.0/16"]
},
vpc2 = {
vpc_id = module.vpc_other.vpc_id
subnet_ids = module.subnets_other.public_subnet_id
transit_gateway_default_route_table_association = false
transit_gateway_default_route_table_propagation = false
# Below should be uncommented only when vpc and subnet are already deployed.
#vpc_route_table_ids = module.subnets_other.public_route_tables_id
#destination_cidr = ["31.0.0.0/16", "53.0.0.0/16"]
}
}
}

0 comments on commit 15cf897

Please sign in to comment.