upgraded vpc creation to terraform 0.12.5 and improved the example

Author: apolloakora

example/README.md

@@ -0,0 +1,42 @@
+
+# Example | Creating a VPC Network
+
+This example creates a VPC, subnets and the networking backbone to allow traffic to be routed in and also routed out to service endpoints on the internet.
+
+## How to Run the Example
+
+```
+# get module and go to example directory
+git clone github.com/devops4me/terraform-aws-vpc-network
+cd terraform-aws-vpc-network/example
+
+# export access information
+export TF_VAR_in_role_arn=<<role-arn>>
+export AWS_ACCESS_KEY_ID=<<access-key-id>>
+export AWS_SECRET_ACCESS_KEY=<<secret-access-key>>
+export AWS_DEFAULT_REGION=<<region-key>>
+
+# use terraform to bring up and tear down infastructure
+terraform init
+terraform apply
+terraform destroy
+```
+
+## Inputs
+
+| Input Variable             | Type    | Description                                                   | Required?      |
+|:-------------------------- |:-------:|:------------------------------------------------------------- |:--------------:|
+| **in_role_arn**            | String  | The VPC's Cidr defining the range of available IP addresses   | optional       |
+
+### What is the role arn?
+
+If you are using an IAM role as the AWS access mechanism then pass it as in_role_arn commonly through an environment variable named **TF_VAR_in_role_arn** in addition to the usual AWS access key, secret key and default region parameters.
+
+ | -- Individuals and small businesses who don't have hundreds of AWS
+ | -- accounts can omit the variable and thanks to dynamic assignment
+ | -- the assume_role block will cease to exist.
+
+
+
+## Related Modules
+

example/vpc.network-test.tf

@@ -0,0 +1,126 @@
+
+### #################### ###
+### Example VPC Networks ###
+### #################### ###
+
+module subnet-count-not-stated {
+
+    source = "./.."
+    in_ecosystem     = local.ecosystem_name
+    in_timestamp      = local.timestamp
+    in_description    = local.description
+}
+
+
+module just-two-subnets {
+
+    source                 = "./.."
+    in_vpc_cidr            = "10.240.0.0/21"
+    in_num_private_subnets = 2
+    in_num_public_subnets  = 2
+    in_subnets_max         = "7"
+
+    in_ecosystem     = "${ local.ecosystem_name }-01"
+    in_timestamp      = local.timestamp
+    in_description    = local.description
+}
+
+
+module no-private-subnets {
+
+    source                 = "./.."
+    in_vpc_cidr            = "10.241.0.0/16"
+    in_subnets_max         =  "4"
+    in_num_private_subnets = 0
+    in_num_public_subnets  = 2
+    in_create_public_gateway = false
+
+    in_ecosystem     = "${ local.ecosystem_name }-02"
+    in_timestamp      = local.timestamp
+    in_description    = local.description
+}
+
+
+module two-subnets-per-zone {
+
+    source                    = "./.."
+    in_vpc_cidr               = "10.242.0.0/16"
+    in_num_private_subnets    = 6
+    in_num_public_subnets     = 6
+    in_create_public_gateway  = false
+    in_create_private_gateway = false
+
+    in_ecosystem     = "${ local.ecosystem_name }-03"
+    in_timestamp      = local.timestamp
+    in_description    = local.description
+}
+
+
+### ########################### ###
+### Example VPC Network Outputs ###
+### ########################### ###
+
+output subnet_ids_1{ value = module.subnet-count-not-stated.out_subnet_ids }
+output private_subnet_ids_1{ value = module.subnet-count-not-stated.out_private_subnet_ids }
+output public_subnet_ids_1{ value = module.subnet-count-not-stated.out_public_subnet_ids }
+
+output subnet_ids_2{ value = module.just-two-subnets.out_subnet_ids }
+output private_subnet_ids_2{ value = module.just-two-subnets.out_private_subnet_ids }
+output public_subnet_ids_2{ value = module.just-two-subnets.out_public_subnet_ids }
+
+output subnet_ids_3{ value = module.no-private-subnets.out_subnet_ids }
+output private_subnet_ids_3{ value = module.no-private-subnets.out_private_subnet_ids }
+output public_subnet_ids_3{ value = module.no-private-subnets.out_public_subnet_ids }
+
+output subnet_ids_4{ value = module.two-subnets-per-zone.out_subnet_ids }
+output private_subnet_ids_4{ value = module.two-subnets-per-zone.out_private_subnet_ids }
+output public_subnet_ids_4{ value = module.two-subnets-per-zone.out_public_subnet_ids }
+
+
+/*
+ | --
+ | -- If you are using an IAM role as the AWS access mechanism then
+ | -- pass it as in_role_arn commonly through an environment variable
+ | -- named TF_VAR_in_role_arn in addition to the usual AWS access
+ | -- key, secret key and default region parameters.
+ | --
+ | -- Individuals and small businesses without hundreds of AWS accounts
+ | -- can omit the in_role_arn variable. and thanks to dynamic assignment
+ | --
+*/
+provider aws {
+    dynamic assume_role {
+        for_each = length( var.in_role_arn ) > 0 ? [ var.in_role_arn ] : [] 
+        content {
+            role_arn = assume_role.value
+	}
+    }
+}
+
+
+variable in_role_arn {
+    description = "The Role ARN to use when we assume role to implement the provisioning."
+    default = ""
+}
+
+
+/*
+ | --
+ | -- ### ############# ###
+ | -- ### Resource Tags ###
+ | -- ### ############# ###
+ | --
+ | -- Terraform will tag every significant resource allowing you to report and collate
+ | --
+ | --   [1] - all infrastructure in all environments dedicated to your app (ecosystem_name)
+ | --   [2] - the infrastructure dedicated to this environment instance (timestamp)
+ | --
+ | -- The human readable description reveals the when, where and what of the infrastructure.
+ | --
+*/
+locals {
+    ecosystem_name = "virtual-net"
+    timestamp = formatdate( "YYMMDDhhmmss", timestamp() )
+    date_time = formatdate( "EEEE, DD-MMM-YY hh:mm:ss ZZZ", timestamp() )
+    description = "was created by jenkins on ${ local.date_time }."
+}

integration.test.dir/vpc.network-test.tf

@@ -17,10 +17,10 @@ resource aws_vpc this_vpc {
 
     tags = {
 
-        Name   = "vpc-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Class = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc   = "This vpc for ${ var.in_ecosystem_name } ${ var.in_tag_description }"
+        Name   = "vpc-${ var.in_ecosystem }-${ var.in_timestamp }"
+        Class = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc   = "This vpc for ${ var.in_ecosystem } ${ var.in_description }"
     }
 }
 
@@ -45,10 +45,10 @@ resource aws_subnet private {
 
     tags = {
 
-        Name     = "subnet-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }-${ format( "%02d", count.index + 1 ) }-az${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) }-x"
-        Class    = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc     = "Private subnet no.${ count.index + 1 } within availability zone ${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) } ${ var.in_tag_description }"
+        Name     = "subnet-${ var.in_ecosystem }-${ var.in_timestamp }-${ format( "%02d", count.index + 1 ) }-az${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) }-x"
+        Class    = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc     = "Private subnet no.${ count.index + 1 } within availability zone ${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) } ${ var.in_description }"
     }
 
 }
@@ -74,10 +74,10 @@ resource aws_subnet public {
 
     tags = {
 
-        Name     = "subnet-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }-${ format( "%02d", var.in_num_private_subnets + count.index + 1 ) }-az${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) }-o"
-        Class    = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc     = "Public subnet no.${ var.in_num_private_subnets + count.index + 1 } within availability zone ${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) } ${ var.in_tag_description }"
+        Name     = "subnet-${ var.in_ecosystem }-${ var.in_timestamp }-${ format( "%02d", var.in_num_private_subnets + count.index + 1 ) }-az${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) }-o"
+        Class    = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc     = "Public subnet no.${ var.in_num_private_subnets + count.index + 1 } within availability zone ${ element( split( "-", element( data.aws_availability_zones.with.names, count.index ) ), 2 ) } ${ var.in_description }"
     }
 
 }
@@ -102,10 +102,10 @@ resource aws_internet_gateway this {
 
     tags = {
 
-        Name  = "net-gateway-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Class = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc  = "This internet gateway for ${ var.in_ecosystem_name } ${ var.in_tag_description }"
+        Name  = "net-gateway-${ var.in_ecosystem }-${ var.in_timestamp }"
+        Class = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc  = "This internet gateway for ${ var.in_ecosystem } ${ var.in_description }"
     }
 }
 
@@ -142,10 +142,10 @@ resource aws_nat_gateway this {
 
     tags = {
 
-        Name     = "nat-gateway-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Class    = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc     = "This NAT gateway in public subnet ${ element( aws_subnet.public.*.id, count.index ) } for ${ var.in_ecosystem_name } ${ var.in_tag_description }"
+        Name     = "nat-gateway-${ var.in_ecosystem }-${ var.in_timestamp }"
+        Class    = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc     = "This NAT gateway in public subnet ${ element( aws_subnet.public.*.id, count.index ) } for ${ var.in_ecosystem } ${ var.in_description }"
     }
 }
 
@@ -223,10 +223,10 @@ resource aws_eip nat_gw_ip {
 
     tags = {
 
-        Name  = "elastic-ip-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Class = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc  = "This elastic IP in public subnet ${ element( aws_subnet.public.*.id, count.index ) } for ${ var.in_ecosystem_name } ${ var.in_tag_description }"
+        Name  = "elastic-ip-${ var.in_ecosystem }-${ var.in_timestamp }"
+        Class = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc  = "This elastic IP in public subnet ${ element( aws_subnet.public.*.id, count.index ) } for ${ var.in_ecosystem } ${ var.in_description }"
     }
 }
 
@@ -245,10 +245,10 @@ resource aws_route_table private {
 
     tags = {
 
-        Name     = "route-table-${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Class    = "${ var.in_ecosystem_name }"
-        Instance = "${ var.in_ecosystem_name }-${ var.in_tag_timestamp }"
-        Desc     = "This route table associated with private subnet ${ element( aws_subnet.private.*.id, count.index ) } for ${ var.in_ecosystem_name } ${ var.in_tag_description }"
+        Name     = "route-table-${ var.in_ecosystem }-${ var.in_timestamp }"
+        Class    = "${ var.in_ecosystem }"
+        Instance = "${ var.in_ecosystem }-${ var.in_timestamp }"
+        Desc     = "This route table associated with private subnet ${ element( aws_subnet.private.*.id, count.index ) } for ${ var.in_ecosystem } ${ var.in_description }"
     }
 }