diff --git a/services/terraform/self-host/aws_db.tf b/services/terraform/self-host/aws_db.tf
--- a/services/terraform/self-host/aws_db.tf
+++ b/services/terraform/self-host/aws_db.tf
@@ -2,7 +2,7 @@
resource "aws_security_group" "keyserver_mariadb_security_group" {
name = "keyserver-mariadb-sg"
description = "Allow inbound traffic on port 3307 and all outbound traffic"
- vpc_id = aws_vpc.default.id
+ vpc_id = local.vpc_id
# Inbound rules
ingress {
@@ -21,7 +21,6 @@
}
}
-
# MariaDB RDS Instance
resource "aws_db_instance" "mariadb" {
allocated_storage = 100
diff --git a/services/terraform/self-host/aws_vpc.tf b/services/terraform/self-host/aws_vpc.tf
--- a/services/terraform/self-host/aws_vpc.tf
+++ b/services/terraform/self-host/aws_vpc.tf
@@ -1,54 +1,78 @@
-# VPC
+# Default VPC Data
+
+data "aws_vpc" "default" {
+ default = true
+}
+
+data "aws_subnets" "default" {
+ filter {
+ name = "vpc-id"
+ values = [data.aws_vpc.default.id]
+ }
+}
+
+data "aws_internet_gateway" "default" {
+ filter {
+ name = "attachment.vpc-id"
+ values = [data.aws_vpc.default.id]
+ }
+}
+
+
+# User Created VPC
resource "aws_vpc" "default" {
+ count = var.user_created_vpc ? 1 : 0
cidr_block = "172.31.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
}
-# Public Subnets
resource "aws_subnet" "public_1" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
cidr_block = "172.31.0.0/20"
availability_zone = var.availability_zone_1
map_public_ip_on_launch = true
}
resource "aws_subnet" "public_2" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
cidr_block = "172.31.16.0/20"
availability_zone = var.availability_zone_2
map_public_ip_on_launch = true
}
-# Internet Gateway
+
resource "aws_internet_gateway" "default" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
}
# Route Table for Internet Gateway
resource "aws_route_table" "public_igw_route_table" {
- vpc_id = aws_vpc.default.id
+ vpc_id = local.vpc_id
route {
- cidr_block = "${var.allowed_ip}/32"
- gateway_id = aws_internet_gateway.default.id
+ cidr_block = "0.0.0.0/0"
+ gateway_id = var.user_created_vpc ? aws_internet_gateway.default[0].id : data.aws_internet_gateway.default.id
}
}
resource "aws_route_table_association" "public_1_igw_route_association" {
- subnet_id = aws_subnet.public_1.id
+ subnet_id = local.vpc_subnets[0]
route_table_id = aws_route_table.public_igw_route_table.id
}
resource "aws_route_table_association" "public_2_igw_route_association" {
- subnet_id = aws_subnet.public_2.id
+ subnet_id = local.vpc_subnets[1]
route_table_id = aws_route_table.public_igw_route_table.id
}
# DB Subnet Group
resource "aws_db_subnet_group" "public_db_subnet_group" {
name = "public-db-subnet-group"
- subnet_ids = [aws_subnet.public_1.id, aws_subnet.public_2.id]
+ subnet_ids = local.vpc_subnets
tags = {
Name = "DB subnet group associated with private vpc subnet"
diff --git a/services/terraform/self-host/main.tf b/services/terraform/self-host/main.tf
--- a/services/terraform/self-host/main.tf
+++ b/services/terraform/self-host/main.tf
@@ -1,3 +1,8 @@
+locals {
+ vpc_id = var.user_created_vpc ? aws_vpc.default[0].id : data.aws_vpc.default.id
+ vpc_subnets = var.user_created_vpc ? [aws_subnet.public_1[0].id, aws_subnet.public_2[0].id] : [data.aws_subnets.default.ids[0], data.aws_subnets.default.ids[1]]
+}
+
provider "aws" {
region = var.region
diff --git a/services/terraform/self-host/terraform.tfvars.example b/services/terraform/self-host/terraform.tfvars.example
--- a/services/terraform/self-host/terraform.tfvars.example
+++ b/services/terraform/self-host/terraform.tfvars.example
@@ -1,6 +1,4 @@
mariadb_username = "username"
mariadb_password = "password"
region = "us-west-1"
-availability_zone_1 = "us-west-1b"
-availability_zone_2 = "us-west-1c"
allowed_ip = "0.0.0.0"
diff --git a/services/terraform/self-host/variables.tf b/services/terraform/self-host/variables.tf
--- a/services/terraform/self-host/variables.tf
+++ b/services/terraform/self-host/variables.tf
@@ -21,14 +21,20 @@
type = string
}
+variable "user_created_vpc" {
+ description = "Use non-default vpc and subnets"
+ type = bool
+ default = false
+}
+
variable "availability_zone_1" {
- description = "First availability zone for vpc subnet"
+ description = "First availability zone for vpc subnet if user created vpc"
type = string
default = "us-west-1b"
}
variable "availability_zone_2" {
- description = "Second availability zone for vpc subnet"
+ description = "Second availability zone for vpc subnet if user created vpc"
type = string
default = "us-west-1c"
}