main.tf

#
# Create the VPC 
# using directions from https://clouddocs.f5.com/cloud/public/v1/aws/AWS_multiNIC.html
#
## TODO Temporary local var for eks cluster name
locals {
  cluster_name = format("%s-eks_cluster-%s", var.tags.prefix, var.tags.random)
}

module "vpc_min" {
  count = var.create_min && !var.create_max ? 1 : 0

  source               = "terraform-aws-modules/vpc/aws"
  name                 = format("%s-min-%s", var.tags.prefix, var.tags.random)
  cidr                 = var.aws_vpc_parameters.public_cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  azs = var.aws_vpc_parameters.azs

  # vpc public subnet used for external interface
  public_subnets = [for num in range(length(var.aws_vpc_parameters.azs)) :
    cidrsubnet(var.aws_vpc_parameters.public_cidr, 8, num + var.aws_subnet_offset.external)
  ]
  public_subnet_tags = {
    Mode                                          = "public"
    Cluster                                       = local.cluster_name
    "kubernetes.io/role/elb"                      = 1
    "kubernetes.io/cluster/${local.cluster_name}" = "shared"
  }

  # vpc private subnet used for internal 
  private_subnets = [
    for num in range(length(var.aws_vpc_parameters.azs)) :
    cidrsubnet(var.aws_vpc_parameters.public_cidr, 8, num + var.aws_subnet_offset.internal)
  ]
  private_subnet_tags = {
    Mode                                          = "private"
    Cluster                                       = format("%s-eks-%s", var.tags.prefix, var.tags.random)
    "kubernetes.io/role/internal-elb"             = 1
    "kubernetes.io/cluster/${local.cluster_name}" = "shared"
  }

  enable_nat_gateway = true

  # using the database subnet method since it allows a public route
  database_subnets = [
    for num in range(length(var.aws_vpc_parameters.azs)) :
    cidrsubnet(var.aws_vpc_parameters.public_cidr, 8, num + var.aws_subnet_offset.management)
  ]
  create_database_subnet_group           = true
  create_database_subnet_route_table     = true
  create_database_internet_gateway_route = true

  tags = {
    Name        = format("%s-min-%s", var.tags.prefix, var.tags.random)
    Terraform   = "true"
    Environment = var.tags.environment
  }
}

module "vpc_max" {
  # count = var.create_max && !var.create_min ? 1 : 0
  # count = var.create_max ? 1 : 0

  source   = "terraform-aws-modules/vpc/aws"
  for_each = local.zones

  name            = each.key
  cidr            = each.value["cidr"]
  public_subnets  = each.value["public_subnets"]
  private_subnets = each.value["private_subnets"]

  enable_dns_hostnames = true
  enable_dns_support   = true

  azs = var.aws_vpc_parameters.azs

  tags = {
    Name        = format("%s-max_vpc-%s", var.tags.prefix, var.tags.random)
    Terraform   = "true"
    Environment = var.tags.environment
  }
}

locals {
  zones = {
    "public" = {
      name = format("%s-max_public-%s", var.tags.prefix, var.tags.random)
      cidr = var.aws_vpc_parameters.public_cidr
      public_subnets = [for num in range(length(var.aws_vpc_parameters.azs)) :
        cidrsubnet(var.aws_vpc_parameters.public_cidr, 8, num + var.aws_subnet_offset.external)
      ]
    },
    "private" = {
      name = format("%s-max_private-%s", var.tags.prefix, var.tags.random)
      cidr = var.aws_vpc_parameters.private_cidr
      private_subnets = [for num in range(length(var.aws_vpc_parameters.azs)) :
        cidrsubnet(var.aws_vpc_parameters.private_cidr, 8, num + var.aws_subnet_offset.internal)
      ]
    },
    "mgmt" = {
      name = format("%s-max_mgmt-%s", var.tags.prefix, var.tags.random)
      cidr = var.aws_vpc_parameters.management_cidr
      public_subnets = [for num in range(length(var.aws_vpc_parameters.azs)) :
        cidrsubnet(var.aws_vpc_parameters.management_cidr, 8, num + var.aws_subnet_offset.management)
      ]
    }
  }
}

/*
module "vpc_max_private" {
  count = var.create_max ? 1 : 0
  source = "terraform-aws-modules/vpc/aws"

  name                 = format("%s-max-%s", var.tags.prefix, var.tags.random)
  cidr                 = var.aws_vpc_parameters.cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  azs = var.aws_vpc_parameters.azs

  # vpc private subnet used for internal
  private_subnets = [
    for num in range(length(var.aws_vpc_parameters.azs)) :
    cidrsubnet(var.aws_vpc_parameters.cidr, 8, num + var.internal_subnet_offset)
  ]
  private_subnet_tags = {
    Mode                                    = "private"
    Cluster                                 = format("%s-eks-%s", var.tags.prefix, var.tags.random)
    "kubernetes.io/role/internal-elb"       = 1
    "kubernetes.io/cluster/${local.cluster_name}"     = "shared"
  }

  tags = {
    Name        = format("%s-max-private-%s", var.tags.prefix, var.tags.random)
    Terraform   = "true"
    Environment = var.tags.environment
  }
}

module "vpc_max_management" {
  count = var.create_max ? 1 : 0
  source = "terraform-aws-modules/vpc/aws"

  name                 = format("%s-max-%s", var.tags.prefix, var.tags.random)
  cidr                 = var.aws_vpc_parameters.cidr
  enable_dns_hostnames = true
  enable_dns_support   = true

  azs = var.aws_vpc_parameters.azs
  public_subnets = [for num in range(length(var.aws_vpc_parameters.azs)) :
    cidrsubnet(var.aws_vpc_parameters.cidr, 8, num + var.management_subnet_offset)
  ]
  tags = {
    Name        = format("%s-max-mgmt-%s", var.tags.prefix, var.tags.random)
    Terraform   = "true"
    Environment = var.tags.environment
  }
}
*/