feat: Updated module to be dynamic

clouddrove · Sep 4, 2023 · 2c01c2e · 2c01c2e
1 parent 27cd255
commit 2c01c2e
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 29 deletions.
diff --git a/main.tf b/main.tf
@@ -2,9 +2,8 @@
 ## Labels module callled that will be used for naming and tags.
 ##------------------------------------------------------------------------------
 module "labels" {
-  source  = "clouddrove/labels/aws"
-  version = "1.3.0"
-
+  source      = "clouddrove/labels/aws"
+  version     = "1.3.0"
   enabled     = var.enable
   name        = var.name
   repository  = var.repository
@@ -17,8 +16,7 @@ module "labels" {
 ## A transit gateway acts as a Regional virtual router for traffic flowing between your virtual private clouds (VPCs) and on-premises networks.
 ##------------------------------------------------------------------------------
 resource "aws_ec2_transit_gateway" "main" {
-  count = var.enable && var.tgw_create ? 1 : 0
-
+  count                           = var.enable && var.tgw_create ? 1 : 0
   description                     = var.description
   vpn_ecmp_support                = var.vpn_ecmp_support
   amazon_side_asn                 = var.amazon_side_asn
@@ -28,23 +26,22 @@ resource "aws_ec2_transit_gateway" "main" {
   transit_gateway_cidr_blocks     = var.transit_gateway_cidr_blocks
   dns_support                     = var.dns_support
   multicast_support               = var.multicast_support
-  tags                            = module.labels.tags
+  tags                            = merge(module.labels.tags, { Name = format("%s-transit_gateway", module.labels.id) })
 }
 
 ##------------------------------------------------------------------------------
 ## Get information on an EC2 Transit Gateway VPC Attachment.
 ##------------------------------------------------------------------------------
 resource "aws_ec2_transit_gateway_vpc_attachment" "main" {
-  count = var.enable && var.vpc_attachement_create ? 1 : 0
-
-  transit_gateway_id                              = var.use_existing_transit_gateway_id == false ? join("", aws_ec2_transit_gateway.main[*].id) : var.transit_gateway_id
-  subnet_ids                                      = var.subnet_ids
-  vpc_id                                          = var.vpc_id
-  dns_support                                     = var.dns_support
-  ipv6_support                                    = var.ipv6_support
-  appliance_mode_support                          = var.appliance_mode_support
-  transit_gateway_default_route_table_association = var.transit_gateway_default_route_table_association
-  transit_gateway_default_route_table_propagation = var.transit_gateway_default_route_table_propagation
+  for_each                                        = var.enable ? { for attach in var.vpc_attachments : attach.vpc_id => attach } : {}
+  transit_gateway_id                              = coalesce(each.value.transit_gateway_id, aws_ec2_transit_gateway.main[0].id)
+  subnet_ids                                      = each.value.subnet_ids
+  vpc_id                                          = each.value.vpc_id
+  dns_support                                     = lookup(each.value, "dns_support", "enable")
+  ipv6_support                                    = lookup(each.value, "ipv6_support", "disable")
+  appliance_mode_support                          = lookup(each.value, "appliance_mode_support", "disable")
+  transit_gateway_default_route_table_association = lookup(each.value, "transit_gateway_default_route_table_association", true)
+  transit_gateway_default_route_table_propagation = lookup(each.value, "transit_gateway_default_route_table_propagation", true)
   tags = merge(
     module.labels.tags,
     {
@@ -57,8 +54,7 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "main" {
 ## You can use AWS Resource Access Manager (RAM) to share a transit gateway for VPC attachments across accounts or across your organization in AWS.
 ##------------------------------------------------------------------------------
 resource "aws_ram_resource_share" "main" {
-  count = var.enable && var.resource_share_enable ? 1 : 0
-
+  count                     = var.enable && var.resource_share_enable ? 1 : 0
   name                      = format("%s-share", module.labels.id)
   allow_external_principals = var.resource_share_allow_external_principals
   tags = merge(
@@ -73,8 +69,7 @@ resource "aws_ram_resource_share" "main" {
 ## Provides a Resource Access Manager (RAM) principal association. Depending if RAM Sharing with AWS Organizations is enabled, the RAM behavior with different principal types changes.
 ##------------------------------------------------------------------------------
 resource "aws_ram_principal_association" "main" {
-  count = var.enable && var.resource_share_enable ? length(var.resource_share_account_ids) : 0
-
+  count              = var.enable && var.resource_share_enable ? length(var.resource_share_account_ids) : 0
   principal          = element(var.resource_share_account_ids, count.index)
   resource_share_arn = join("", aws_ram_resource_share.main[*].id)
 }
@@ -83,23 +78,22 @@ resource "aws_ram_principal_association" "main" {
 ## The Resource Association in AWS RAM can be configured in Terraform with the resource name aws_ram_resource_association.
 ##------------------------------------------------------------------------------
 resource "aws_ram_resource_association" "main" {
-  count = var.enable && var.resource_share_enable ? 1 : 0
-
+  count              = var.enable && var.resource_share_enable ? 1 : 0
   resource_arn       = aws_ec2_transit_gateway.main[0].arn
   resource_share_arn = aws_ram_resource_share.main[0].arn
 }
 
 data "aws_route_tables" "main" {
-  count  = var.enable && var.vpc_attachement_create ? 1 : 0
-  vpc_id = var.vpc_id
+  for_each = var.enable ? { for attach in var.vpc_attachments : attach.vpc_id => attach } : {}
+  vpc_id   = each.value.vpc_id
 }
 
 ##------------------------------------------------------------------------------
 ## Provides a resource to create a routing table entry (a route) in a VPC routing table.
 ##------------------------------------------------------------------------------
 resource "aws_route" "main" {
-  count = var.enable && var.vpc_attachement_create ? length(distinct(sort(data.aws_route_tables.main[0].ids)), ) * length(var.destination_cidr_block) : 0
-
+#  count                  = var.enable && var.vpc_attachement_create ? length(distinct(sort(data.aws_route_tables.main[*].ids)), ) * length(var.destination_cidr_block) : 0
+  for_each = var.enable ? { for attach in var.vpc_attachments : attach.vpc_id => attach } : {}
   route_table_id         = element(distinct(sort(data.aws_route_tables.main[0].ids)), count.index)
   destination_cidr_block = element(distinct(sort(var.destination_cidr_block)), ceil(count.index / length(var.destination_cidr_block), ), )
   transit_gateway_id     = var.use_existing_transit_gateway_id == false ? join("", aws_ec2_transit_gateway.main[*].id) : var.transit_gateway_id
@@ -113,10 +107,8 @@ resource "aws_route" "main" {
 ## An AWS Transit Gateway Route Table includes dynamic routes, static routes and blackhole routes.
 ##------------------------------------------------------------------------------
 resource "aws_ec2_transit_gateway_route_table" "this" {
-  count = var.tgw_create ? 1 : 0
-
+  count              = var.enable && var.tgw_create ? 1 : 0
   transit_gateway_id = aws_ec2_transit_gateway.main[0].id
-
   tags = merge(
     module.labels.tags,
     { Name = var.name },

diff --git a/variables.tf b/variables.tf
@@ -187,3 +187,9 @@ variable "appliance_mode_support" {
   default     = "enable"
   description = "Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. Valid values: disable, enable. Default value: disable."
 }
+
+variable "timeouts" {
+  description = "Create, update, and delete timeout configurations for the transit gateway"
+  type        = map(string)
+  default     = {}
+}