Feat/adding peering (#13)

feat: working vpc peering --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
GlueOps · Apr 21, 2023 · a2cb0f9 · a2cb0f9
1 parent a569fee
commit a2cb0f9
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -55,6 +55,7 @@ module "captain" {
 | <a name="module_node_pool"></a> [node\_pool](#module\_node\_pool) | cloudposse/eks-node-group/aws | 2.9.0 |
 | <a name="module_subnets"></a> [subnets](#module\_subnets) | cloudposse/dynamic-subnets/aws | 2.0.4 |
 | <a name="module_vpc"></a> [vpc](#module\_vpc) | cloudposse/vpc/aws | 2.0.0 |
+| <a name="module_vpc_peering_accepter_with_routes"></a> [vpc\_peering\_accepter\_with\_routes](#module\_vpc\_peering\_accepter\_with\_routes) | ./modules/vpc_peering_accepter_with_routes | n/a |
 
 ## Resources
 
@@ -79,6 +80,7 @@ module "captain" {
 | <a name="input_eks_version"></a> [eks\_version](#input\_eks\_version) | The version of EKS to deploy | `string` | `"1.26"` | no |
 | <a name="input_iam_role_to_assume"></a> [iam\_role\_to\_assume](#input\_iam\_role\_to\_assume) | The full ARN of the IAM role to assume | `string` | n/a | yes |
 | <a name="input_node_pools"></a> [node\_pools](#input\_node\_pools) | node pool configurations:<br>  - name (string): Name of the node pool. MUST BE UNIQUE! Recommended to use YYYYMMDD in the name<br>  - node\_count (number): number of nodes to create in the node pool.<br>  - instance\_type (string): Instance type to use for the nodes. ref: https://instances.vantage.sh/<br>  - ami\_image\_id (string): AMI to use for EKS worker nodes. ref: https://github.com/awslabs/amazon-eks-ami/releases<br>  - spot (bool): Enable spot instances for the nodes. DO NOT ENABLE IN PROD!<br>  - disk\_size\_gb (number): Disk size in GB for the nodes. | <pre>list(object({<br>    name          = string<br>    node_count    = number<br>    instance_type = string<br>    ami_image_id  = string<br>    spot          = bool<br>    disk_size_gb  = number<br>  }))</pre> | <pre>[<br>  {<br>    "ami_image_id": "amazon-eks-node-1.24-v20230406",<br>    "disk_size_gb": 20,<br>    "instance_type": "t3a.large",<br>    "name": "default-pool",<br>    "node_count": 1,<br>    "spot": false<br>  }<br>]</pre> | no |
+| <a name="input_peering_configs"></a> [peering\_configs](#input\_peering\_configs) | A list of maps containing VPC peering configuration details | <pre>list(object({<br>    vpc_peering_connection_id = string<br>    destination_cidr_block    = string<br>  }))</pre> | `[]` | no |
 | <a name="input_region"></a> [region](#input\_region) | The AWS region to deploy into | `string` | n/a | yes |
 | <a name="input_vpc_cidr_block"></a> [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | The CIDR block for the VPC | `string` | `"10.65.0.0/16"` | no |
 

diff --git a/modules/vpc_peering_accepter_with_routes/main.tf b/modules/vpc_peering_accepter_with_routes/main.tf
@@ -0,0 +1,51 @@
+variable "peering_configs" {
+  description = "A list of maps containing VPC peering configuration details"
+  type = list(object({
+    vpc_peering_connection_id = string
+    destination_cidr_block    = string
+  }))
+  default = []
+}
+
+variable "route_table_ids" {
+  description = "A list of route table ids"
+  type        = list(string)
+}
+
+locals {
+  peering_configs_map = {
+    for pc in var.peering_configs :
+    pc.vpc_peering_connection_id => pc
+  }
+}
+
+resource "aws_vpc_peering_connection_accepter" "accepter" {
+  for_each = local.peering_configs_map
+
+  vpc_peering_connection_id = each.key
+  auto_accept               = true
+}
+
+locals {
+  peering_routes = flatten([
+    for pc in var.peering_configs : [
+      for rt_id in var.route_table_ids : {
+        vpc_peering_connection_id = pc.vpc_peering_connection_id
+        destination_cidr_block    = pc.destination_cidr_block
+        route_table_id            = rt_id
+      }
+    ]
+  ])
+}
+
+resource "aws_route" "peering_routes" {
+  for_each = {
+    for pr in local.peering_routes :
+    "${pr.vpc_peering_connection_id}-${pr.route_table_id}" => pr
+  }
+
+  route_table_id            = each.value.route_table_id
+  destination_cidr_block    = each.value.destination_cidr_block
+  vpc_peering_connection_id = each.value.vpc_peering_connection_id
+}
+
diff --git a/peering.tf b/peering.tf
@@ -0,0 +1,8 @@
+
+
+
+module "vpc_peering_accepter_with_routes" {
+  source              = "./modules/vpc_peering_accepter_with_routes"
+  route_table_ids     = concat(module.subnets.private_route_table_ids, module.subnets.public_route_table_ids)
+  peering_configs     = var.peering_configs
+}
diff --git a/variables.tf b/variables.tf
@@ -61,6 +61,15 @@ variable "iam_role_to_assume" {
   description = "The full ARN of the IAM role to assume"
 }
 
+variable "peering_configs" {
+  description = "A list of maps containing VPC peering configuration details"
+  type = list(object({
+    vpc_peering_connection_id = string
+    destination_cidr_block    = string
+  }))
+  default = []
+}
+
 locals {
   vpc = {
     cidr_block = var.vpc_cidr_block