Improve nat-gateway (#52)

README.md

@@ -43,6 +43,12 @@ Terraform Modules from [this package](https://github.com/tedilabs/terraform-aws-
 - [vpc-simple](./examples/vpc-simple)
 - [vpc-with-ipam](./examples/vpc-with-ipam)
 
+### NAT Gateway
+
+- [nat-gateway-public](./examples/nat-gateway-public/)
+- [nat-gateway-private](./examples/nat-gateway-private/)
+- [nat-gateway-private-secondary-ip-addresses](./examples/nat-gateway-private-secondary-ip-addresses)
+
 
 ## Other Terraform Modules from Tedilabs
 

examples/nat-gateway-private-secondary-ip-addresses/main.tf

@@ -0,0 +1,84 @@
+provider "aws" {
+  region = "us-east-1"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+data "aws_subnets" "default" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.default.id]
+  }
+}
+
+
+###################################################
+# Public NAT Gateway
+###################################################
+
+module "nat_gateway" {
+  source = "../../modules/nat-gateway"
+  # source  = "tedilabs/network/aws//modules/nat-gateway"
+  # version = "~> 0.2.0"
+
+  name       = "test-count"
+  is_private = true
+  subnet     = data.aws_subnets.default.ids[0]
+
+
+  ## Primary IP Address
+  primary_ip_assignment = {
+    # Automatically assign a public IP address to the NAT Gateway
+    private_ip = null
+  }
+
+
+  ## Secondary IP Addresses
+  secondary_ip_count = 7
+
+
+  tags = {
+    "project" = "terraform-aws-network-examples"
+  }
+}
+
+module "nat_gateway_2" {
+  source = "../../modules/nat-gateway"
+  # source  = "tedilabs/network/aws//modules/nat-gateway"
+  # version = "~> 0.2.0"
+
+  name       = "test-assingments"
+  is_private = true
+  subnet     = data.aws_subnets.default.ids[0]
+
+
+  ## Primary IP Address
+  primary_ip_assignment = {
+    # Automatically assign a public IP address to the NAT Gateway
+    private_ip = "172.31.51.100"
+  }
+
+
+  ## Secondary IP Addresses
+  secondary_ip_assignments = [
+    {
+      private_ip = "172.31.51.101"
+    },
+    {
+      private_ip = "172.31.51.102"
+    },
+    {
+      private_ip = "172.31.51.103"
+    },
+    {
+      private_ip = "172.31.51.104"
+    },
+  ]
+
+
+  tags = {
+    "project" = "terraform-aws-network-examples"
+  }
+}

examples/nat-gateway-private-secondary-ip-addresses/outputs.tf

@@ -0,0 +1,7 @@
+output "nat_gateway" {
+  description = "The NAT Gateways."
+  value = {
+    count       = module.nat_gateway
+    assignments = module.nat_gateway_2
+  }
+}

examples/nat-gateway-private-secondary-ip-addresses/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 1.5"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}

examples/nat-gateway-private/main.tf

@@ -0,0 +1,41 @@
+provider "aws" {
+  region = "us-east-1"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+data "aws_subnets" "default" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.default.id]
+  }
+}
+
+
+###################################################
+# Public NAT Gateway
+###################################################
+
+module "nat_gateway" {
+  source = "../../modules/nat-gateway"
+  # source  = "tedilabs/network/aws//modules/nat-gateway"
+  # version = "~> 0.2.0"
+
+  name       = "test/az1"
+  is_private = true
+  subnet     = data.aws_subnets.default.ids[0]
+
+
+  ## Primary IP Address
+  primary_ip_assignment = {
+    # Automatically assign a public IP address to the NAT Gateway
+    private_ip = null
+  }
+
+
+  tags = {
+    "project" = "terraform-aws-network-examples"
+  }
+}

examples/nat-gateway-private/outputs.tf

@@ -0,0 +1,4 @@
+output "nat_gateway" {
+  description = "The NAT Gateway."
+  value       = module.nat_gateway
+}

examples/nat-gateway-private/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 1.5"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}

examples/nat-gateway-public/main.tf

@@ -0,0 +1,57 @@
+provider "aws" {
+  region = "us-east-1"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+data "aws_subnets" "default" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.default.id]
+  }
+}
+
+
+###################################################
+# Elastic IP
+###################################################
+
+module "elastic_ip" {
+  source  = "tedilabs/ipam/aws//modules/elastic-ip"
+  version = "~> 0.3.0"
+
+  name = "nat-gw-public"
+  type = "AMAZON"
+
+  tags = {
+    "project" = "terraform-aws-network-examples"
+  }
+}
+
+
+###################################################
+# Public NAT Gateway
+###################################################
+
+module "nat_gateway" {
+  source = "../../modules/nat-gateway"
+  # source  = "tedilabs/network/aws//modules/nat-gateway"
+  # version = "~> 0.2.0"
+
+  name       = "test/az1"
+  is_private = false
+  subnet     = data.aws_subnets.default.ids[0]
+
+
+  ## Primary IP Address
+  primary_ip_assignment = {
+    elastic_ip = module.elastic_ip.id
+  }
+
+
+  tags = {
+    "project" = "terraform-aws-network-examples"
+  }
+}

examples/nat-gateway-public/outputs.tf

@@ -0,0 +1,9 @@
+output "elastic_ip" {
+  description = "The Elastic IP."
+  value       = module.elastic_ip
+}
+
+output "nat_gateway" {
+  description = "The NAT Gateway."
+  value       = module.nat_gateway
+}

examples/nat-gateway-public/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 1.5"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}

modules/nat-gateway/README.md

@@ -10,14 +10,14 @@ This module creates following resources.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.45 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.10 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.19.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.22.0 |
 
 ## Modules
 
@@ -29,32 +29,39 @@ This module creates following resources.
 
 | Name | Type |
 |------|------|
-| [aws_eip.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
 | [aws_nat_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/nat_gateway) | resource |
+| [aws_subnet.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_name"></a> [name](#input\_name) | Desired name for the NAT Gateway resources. | `string` | n/a | yes |
-| <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | The ID of the subnet which the NAT Gateway belongs to. | `string` | n/a | yes |
-| <a name="input_assign_eip_on_create"></a> [assign\_eip\_on\_create](#input\_assign\_eip\_on\_create) | Assign a new Elastic IP to NAT Gateway on create. Set false if you want to provide existing Elastic IP. | `bool` | `false` | no |
-| <a name="input_eip_id"></a> [eip\_id](#input\_eip\_id) | The Allocation ID of the Elastic IP address for the gateway. Create a new Elastic IP if not provided. | `string` | `""` | no |
-| <a name="input_is_private"></a> [is\_private](#input\_is\_private) | Whether to create the gateway as private or public connectivity type. Defaults to public(false). | `bool` | `false` | no |
-| <a name="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled) | Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no |
-| <a name="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description) | The description of Resource Group. | `string` | `"Managed by Terraform."` | no |
-| <a name="input_resource_group_enabled"></a> [resource\_group\_enabled](#input\_resource\_group\_enabled) | Whether to create Resource Group to find and group AWS resources which are created by this module. | `bool` | `true` | no |
-| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. | `string` | `""` | no |
-| <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources. | `map(string)` | `{}` | no |
+| <a name="input_name"></a> [name](#input\_name) | (Required) Desired name for the NAT Gateway resources. | `string` | n/a | yes |
+| <a name="input_subnet"></a> [subnet](#input\_subnet) | (Required) The Subnet ID of the subnet in which to place the NAT Gateway. | `string` | n/a | yes |
+| <a name="input_is_private"></a> [is\_private](#input\_is\_private) | (Optional) Whether to create the NAT gateway as private or public connectivity type. Defaults to `false` (public). | `bool` | `false` | no |
+| <a name="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no |
+| <a name="input_primary_ip_assignment"></a> [primary\_ip\_assignment](#input\_primary\_ip\_assignment) | (Optional) A configuration to assign primary ip address with the NAT Gateway. `primary_ip_assignment` as defined below.<br>    (Optional) `elastic_ip` - The allocation ID of Elastic IP address to associate with the NAT Gateway.<br>    (Optional) `private_ip` - The private IP address to associate with the NAT Gateway. If you dont't provide an address, a private IPv4 address will be automatically assigned. | <pre>object({<br>    elastic_ip = optional(string)<br>    private_ip = optional(string)<br>  })</pre> | `{}` | no |
+| <a name="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no |
+| <a name="input_resource_group_enabled"></a> [resource\_group\_enabled](#input\_resource\_group\_enabled) | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | `bool` | `true` | no |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. | `string` | `""` | no |
+| <a name="input_secondary_ip_assignments"></a> [secondary\_ip\_assignments](#input\_secondary\_ip\_assignments) | (Optional) A configuration to assign secondary ip addresses with the NAT Gateway. Each block of `secondary_ip_assignments` as defined below.<br>    (Optional) `elastic_ip` - The allocation ID of Elastic IP address to associate with the NAT Gateway.<br>    (Optional) `private_ip` - The private IP address to associate with the NAT Gateway. If you dont't provide an address, a private IPv4 address will be automatically assigned. | <pre>list(object({<br>    elastic_ip = optional(string)<br>    private_ip = optional(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_secondary_ip_count"></a> [secondary\_ip\_count](#input\_secondary\_ip\_count) | (Optional) The number of secondary private IPv4 addresses to assign to the NAT Gateway. Only used with private NAT Gateway. | `number` | `null` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | (Optional) A map of tags to add to all resources. | `map(string)` | `{}` | no |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | (Optional) How long to wait for the NAT Gateway to be created/updated/deleted. | <pre>object({<br>    create = optional(string, "10m")<br>    update = optional(string, "10m")<br>    delete = optional(string, "30m")<br>  })</pre> | `{}` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_connectivity_type"></a> [connectivity\_type](#output\_connectivity\_type) | Connectivity type for the gateway. Valid values are private and public. |
-| <a name="output_eip_id"></a> [eip\_id](#output\_eip\_id) | The Allocation ID of the Elastic IP address for the gateway. |
-| <a name="output_eni_id"></a> [eni\_id](#output\_eni\_id) | The ENI ID of the network interface created by the NAT gateway. |
+| <a name="output_availability_zone"></a> [availability\_zone](#output\_availability\_zone) | The availability zone of the NAT Gateway.<br>    `id` - The ID of the availability zone.<br>    `name` - The name of the availability zone. |
+| <a name="output_elastic_ip"></a> [elastic\_ip](#output\_elastic\_ip) | The Allocation ID of the Elastic IP address for the gateway. |
 | <a name="output_id"></a> [id](#output\_id) | The ID of the NAT Gateway. |
-| <a name="output_private_ip"></a> [private\_ip](#output\_private\_ip) | The private IP address of the NAT Gateway. |
-| <a name="output_public_ip"></a> [public\_ip](#output\_public\_ip) | The public IP address of the NAT Gateway. |
+| <a name="output_is_private"></a> [is\_private](#output\_is\_private) | Whether the NAT Gateway supports public or private connectivity. |
+| <a name="output_name"></a> [name](#output\_name) | The name of the NAT Gateway. |
+| <a name="output_netework_interface"></a> [netework\_interface](#output\_netework\_interface) | The ENI ID of the network interface created by the NAT gateway. |
+| <a name="output_primary_private_ip"></a> [primary\_private\_ip](#output\_primary\_private\_ip) | The private IP address of the NAT Gateway. |
+| <a name="output_primary_public_ip"></a> [primary\_public\_ip](#output\_primary\_public\_ip) | The public IP address of the NAT Gateway. |
+| <a name="output_secondary_private_ips"></a> [secondary\_private\_ips](#output\_secondary\_private\_ips) | The secondary private IP addresses of the NAT Gateway. |
+| <a name="output_subnet"></a> [subnet](#output\_subnet) | The subnet which the NAT Gateway belongs to.<br>    `id` - The ID of the subnet.<br>    `arn` - The ARN of the subnet. |
+| <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | The VPC ID of the NAT Gateway. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->