initial migration from batcave-landing-zone

Author: UncleGedd

main.tf

@@ -0,0 +1,101 @@
+# vpc id
+data "aws_vpc" "batcave_vpc" {
+  tags = {
+    Name = "batcave-*-${var.env}"
+  }
+}
+
+# private subnets
+data "aws_subnet_ids" "private" {
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "batcave-*-${var.env}-private-*"
+    ]
+  }
+}
+
+# public subnets
+data "aws_subnet_ids" "public" {
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "batcave-*-${var.env}-public-*"
+    ]
+  }
+}
+
+# container subnets
+data "aws_subnet_ids" "container" {
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "batcave-*-${var.env}-unroutable-*"
+    ]
+  }
+}
+
+# transport subnets
+data "aws_subnet_ids" "transport" {
+  count  = var.transport_subnets_exist ? 1 : 0
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "batcave-*-${var.env}-transport-*"
+    ]
+  }
+}
+
+## subnet resources
+data "aws_subnet" "private" {
+  for_each = data.aws_subnet_ids.private.ids
+  id       = each.value
+}
+
+data "aws_subnet" "public" {
+  for_each = data.aws_subnet_ids.public.ids
+  id       = each.value
+}
+
+data "aws_subnet" "container" {
+  for_each = data.aws_subnet_ids.container.ids
+  id       = each.value
+}
+
+data "aws_subnet" "transport" {
+  for_each = try(data.aws_subnet_ids.transport[0].ids, toset([]))
+  id       = each.value
+}
+
+data "aws_security_group" "shared_services_sg" {
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "cmscloud-shared-services"
+    ]
+  }
+}
+
+data "aws_security_group" "cmscloud_vpn" {
+  vpc_id = data.aws_vpc.batcave_vpc.id
+  filter {
+    name = "tag:Name"
+    values = [
+      "cmscloud-vpn"
+    ]
+  }
+}
+
+data "aws_ec2_managed_prefix_list" "vpn_prefix_list" {
+  name = "cmscloud-vpn"
+}
+
+data "aws_ec2_managed_prefix_list" "cmscloud_shared_services_pl"{
+  name = "cmscloud-shared-services"
+}
+

outputs.tf

@@ -0,0 +1,59 @@
+## VPC Data
+
+output "vpc" {
+  value = data.aws_vpc.batcave_vpc.cidr_block_associations.*.cidr_block
+}
+
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = data.aws_vpc.batcave_vpc.id
+}
+
+output "vpc_arn" {
+  description = "The ARN of the VPC"
+  value       = data.aws_vpc.batcave_vpc.arn
+}
+
+
+output "private_subnets" {
+  description = "List of IDs of private subnets"
+  value       = data.aws_subnet_ids.private.ids
+}
+
+output "public_subnets" {
+  description = "List of IDs of public subnets"
+  value       = data.aws_subnet_ids.public.ids
+}
+
+output "container_subnets" {
+  description = "List of IDs of container subnets"
+  value       = data.aws_subnet_ids.container.ids
+}
+
+output "transport_subnets" {
+  description = "List of IDs of transport subnets"
+  value       = try(data.aws_subnet_ids.transport[0].ids, [])
+}
+output "transport_subnet_cidr_blocks" {
+  description = "map of IDs to transport subnet cidrs"
+  value       = { for subnet in data.aws_subnet.transport : subnet.id => subnet.cidr_block }
+}
+
+output "shared_services_sg" {
+  description = "ID of the shared services security group"
+  value       = data.aws_security_group.shared_services_sg.id
+}
+
+output "cmscloud_vpn_sg" {
+  description = "ID of the cmscloud vpn security group"
+  value       = data.aws_security_group.cmscloud_vpn.id
+}
+
+output "cmscloud_vpn_pl" {
+  description = "Prefix list of cmscloud vpn"
+  value = data.aws_ec2_managed_prefix_list.vpn_prefix_list.id
+}
+
+output "cmscloud_shared_services_pl" {
+  value = data.aws_ec2_managed_prefix_list.cmscloud_shared_services_pl.id
+}

variables.tf

@@ -0,0 +1,9 @@
+variable "env" {
+  default = "dev"
+}
+
+variable "transport_subnets_exist" {
+  description = "Transport subnets are used to house the NLB in situations where a service is required to be exposed to VDI users"
+  default     = false
+  type        = bool
+}