summaryrefslogtreecommitdiff
path: root/Terraform/AWS/ha-instances-with-configs/network.tf
diff options
context:
space:
mode:
Diffstat (limited to 'Terraform/AWS/ha-instances-with-configs/network.tf')
-rw-r--r--Terraform/AWS/ha-instances-with-configs/network.tf326
1 files changed, 326 insertions, 0 deletions
diff --git a/Terraform/AWS/ha-instances-with-configs/network.tf b/Terraform/AWS/ha-instances-with-configs/network.tf
new file mode 100644
index 0000000..8de8576
--- /dev/null
+++ b/Terraform/AWS/ha-instances-with-configs/network.tf
@@ -0,0 +1,326 @@
+# VPC AND PEERING
+
+resource "aws_vpc" "transit_vpc" {
+ cidr_block = var.transit_vpc_cidr
+ instance_tenancy = "default"
+
+ tags = {
+ Name = "${var.prefix}-${var.transit_vpc_name}"
+ }
+}
+
+resource "aws_vpc" "data_vpc" {
+ cidr_block = var.data_vpc_cidr
+ instance_tenancy = "default"
+
+ tags = {
+ Name = "${var.prefix}-${var.data_vpc_name}"
+ }
+}
+
+# PUBLIC AND PRIVATE SUBNETS FOR TRANSIT VPC
+
+resource "aws_subnet" "transit_vpc_public_subnet_01" {
+ vpc_id = aws_vpc.transit_vpc.id
+ cidr_block = var.transit_vpc_public_subnet_01_cidr
+ availability_zone = var.availability_zone_01
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.transit_vpc_name}-${var.transit_vpc_public_subnet_name}-01"
+ }
+
+ depends_on = [aws_internet_gateway.transit_vpc_igw]
+}
+
+resource "aws_subnet" "transit_vpc_public_subnet_02" {
+ vpc_id = aws_vpc.transit_vpc.id
+ cidr_block = var.transit_vpc_public_subnet_02_cidr
+ availability_zone = var.availability_zone_02
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.transit_vpc_name}-${var.transit_vpc_public_subnet_name}-02"
+ }
+
+ depends_on = [aws_internet_gateway.transit_vpc_igw]
+}
+
+resource "aws_subnet" "transit_vpc_private_subnet_01" {
+ vpc_id = aws_vpc.transit_vpc.id
+ cidr_block = var.transit_vpc_private_subnet_01_cidr
+ availability_zone = var.availability_zone_01
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.transit_vpc_name}-${var.transit_vpc_private_subnet_name}-01"
+ }
+}
+
+resource "aws_subnet" "transit_vpc_private_subnet_02" {
+ vpc_id = aws_vpc.transit_vpc.id
+ cidr_block = var.transit_vpc_private_subnet_02_cidr
+ availability_zone = var.availability_zone_02
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.transit_vpc_name}-${var.transit_vpc_private_subnet_name}-02"
+ }
+}
+
+
+# PUBLIC AND PRIVATE SUBNETS FOR DATA VPC
+
+resource "aws_subnet" "data_vpc_public_subnet" {
+ vpc_id = aws_vpc.data_vpc.id
+ cidr_block = var.data_vpc_public_subnet_cidr
+ availability_zone = var.availability_zone_01
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.data_vpc_name}-${var.data_vpc_public_subnet_name}"
+ }
+
+ depends_on = [aws_internet_gateway.data_vpc_igw]
+}
+
+resource "aws_subnet" "data_vpc_private_subnet" {
+ vpc_id = aws_vpc.data_vpc.id
+ cidr_block = var.data_vpc_private_subnet_cidr
+ availability_zone = var.availability_zone_01
+ map_public_ip_on_launch = false
+
+ tags = {
+ Name = "${var.prefix}-${var.data_vpc_name}-${var.data_vpc_private_subnet_name}"
+ }
+}
+
+
+# INTERNET GATEWAYS
+
+resource "aws_internet_gateway" "transit_vpc_igw" {
+ vpc_id = aws_vpc.transit_vpc.id
+
+ tags = {
+ Name = join("-", [var.prefix, var.transit_vpc_igw_name])
+ }
+}
+
+resource "aws_internet_gateway" "data_vpc_igw" {
+ vpc_id = aws_vpc.data_vpc.id
+
+ tags = {
+ Name = join("-", [var.prefix, var.data_vpc_igw_name])
+ }
+}
+
+
+# ELASTICS IP FOR VYOS INSTANCES
+
+resource "aws_eip" "vyos_01_eip" {
+ domain = "vpc"
+
+ tags = {
+ Name = join("-", [var.prefix, var.vyos_eip_name, "01"])
+ }
+}
+
+resource "aws_eip_association" "vyos_eip_association_01" {
+ allocation_id = aws_eip.vyos_01_eip.id
+ network_interface_id = aws_network_interface.vyos_01_public_nic.id
+}
+
+resource "aws_eip" "vyos_02_eip" {
+ domain = "vpc"
+
+ tags = {
+ Name = join("-", [var.prefix, var.vyos_eip_name, "02"])
+ }
+}
+
+resource "aws_eip_association" "vyos_eip_association_02" {
+ allocation_id = aws_eip.vyos_02_eip.id
+ network_interface_id = aws_network_interface.vyos_02_public_nic.id
+}
+
+
+# ELASTICS IP FOR TEST INSTANCE
+
+resource "aws_eip" "data_vpc_instance_eip" {
+ domain = "vpc"
+ depends_on = [aws_internet_gateway.data_vpc_igw]
+
+ tags = {
+ Name = "${var.prefix}-data-vpc-instance-eip"
+ }
+}
+
+resource "aws_eip_association" "data_vpc_instance_eip_assoc" {
+ allocation_id = aws_eip.data_vpc_instance_eip.id
+ network_interface_id = aws_network_interface.data_vpc_instance_nic.id
+}
+
+
+# TRANSIT VPC ROUTE PUBLIC TABLES
+
+resource "aws_route_table" "transit_vpc_public_rtb_01" {
+ vpc_id = aws_vpc.transit_vpc.id
+
+ route {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.transit_vpc_igw.id
+ }
+
+ route {
+ cidr_block = var.data_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ route {
+ cidr_block = var.on_prem_subnet_cidr
+ network_interface_id = aws_network_interface.vyos_02_public_nic.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.transit_vpc_public_rtb_01_name])
+ }
+
+}
+
+resource "aws_route_table_association" "transit_vpc_public_rtb_01_assn" {
+ subnet_id = aws_subnet.transit_vpc_public_subnet_01.id
+ route_table_id = aws_route_table.transit_vpc_public_rtb_01.id
+}
+
+
+resource "aws_route_table" "transit_vpc_public_rtb_02" {
+ vpc_id = aws_vpc.transit_vpc.id
+
+ route {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.transit_vpc_igw.id
+ }
+
+ route {
+ cidr_block = var.data_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ route {
+ cidr_block = var.on_prem_subnet_cidr
+ network_interface_id = aws_network_interface.vyos_01_public_nic.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.transit_vpc_public_rtb_02_name])
+ }
+
+}
+
+resource "aws_route_table_association" "transit_vpc_public_rtb_02_assn" {
+ subnet_id = aws_subnet.transit_vpc_public_subnet_02.id
+ route_table_id = aws_route_table.transit_vpc_public_rtb_02.id
+}
+
+
+# TRANSIT VPC ROUTE PRIVATE TABLES
+
+resource "aws_route_table" "transit_vpc_private_rtb_01" {
+ vpc_id = aws_vpc.transit_vpc.id
+
+
+ route {
+ cidr_block = var.data_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.transit_vpc_private_rtb_01_name])
+ }
+
+}
+
+resource "aws_route_table_association" "transit_vpc_private_rtb_01_assn" {
+ subnet_id = aws_subnet.transit_vpc_private_subnet_01.id
+ route_table_id = aws_route_table.transit_vpc_private_rtb_01.id
+}
+
+
+resource "aws_route_table" "transit_vpc_private_rtb_02" {
+ vpc_id = aws_vpc.transit_vpc.id
+
+
+ route {
+ cidr_block = var.data_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.transit_vpc_private_rtb_02_name])
+ }
+
+}
+
+resource "aws_route_table_association" "transit_vpc_private_rtb_02_assn" {
+ subnet_id = aws_subnet.transit_vpc_private_subnet_02.id
+ route_table_id = aws_route_table.transit_vpc_private_rtb_02.id
+}
+
+
+# DATA VPC PUBLIC ROUTE TABLE
+
+resource "aws_route_table" "data_vpc_public_rtb" {
+ vpc_id = aws_vpc.data_vpc.id
+
+ route {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.data_vpc_igw.id
+ }
+
+ route {
+ cidr_block = var.transit_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ route {
+ cidr_block = var.on_prem_subnet_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.data_vpc_public_rtb_name])
+ }
+
+}
+
+resource "aws_route_table_association" "data_vpc_public_rtb_assn" {
+ subnet_id = aws_subnet.data_vpc_public_subnet.id
+ route_table_id = aws_route_table.data_vpc_public_rtb.id
+}
+
+
+# DATA VPC PRIVATE ROUTE TABLE
+
+resource "aws_route_table" "data_vpc_private_rtb" {
+ vpc_id = aws_vpc.data_vpc.id
+
+ route {
+ cidr_block = var.transit_vpc_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ route {
+ cidr_block = var.on_prem_subnet_cidr
+ transit_gateway_id = aws_ec2_transit_gateway.tgw.id
+ }
+
+ tags = {
+ Name = join("-", [var.prefix, var.data_vpc_private_rtb_name])
+ }
+
+}
+
+resource "aws_route_table_association" "data_vpc_private_rtb_assn" {
+ subnet_id = aws_subnet.data_vpc_private_subnet.id
+ route_table_id = aws_route_table.data_vpc_private_rtb.id
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-09 05:12:33 +0000