-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathnat.tf
51 lines (46 loc) · 2.35 KB
/
nat.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# ------------------------------------------------------------------------------
# Trivadis - Part of Accenture, Platform Factory - Data Platforms
# Saegereistrasse 29, 8152 Glattbrugg, Switzerland
# -----------------------------------------------------------------------------
# Name.......: nat.tf
# Author.....: Stefan Oehrli (oes) [email protected]
# Editor.....: Stefan Oehrli
# Date.......: 2023.04.19
# Revision...:
# Purpose....: Define NAT resources for the terraform module tvdlab vcn.
# Notes......: --
# Reference..: --
# License....: Apache License Version 2.0, January 2004 as shown
# at http://www.apache.org/licenses/
# ------------------------------------------------------------------------------
# create the nat gateway resource ----------------------------------------------
resource "oci_core_nat_gateway" "natgw" {
count = var.nat_gateway_enabled == true ? var.numberOf_labs : 0
compartment_id = var.compartment_id
display_name = var.label_prefix == "none" ? format("${local.resource_shortname}%02d_natgw", count.index) : format("${var.label_prefix} ${local.resource_shortname}%02d_natgw", count.index)
vcn_id = oci_core_vcn.vcn[count.index].id
block_traffic = false
freeform_tags = var.tags
}
# create a default routing table -----------------------------------------------
resource "oci_core_route_table" "private_route_table" {
count = var.nat_gateway_enabled == true ? var.numberOf_labs : 0
compartment_id = var.compartment_id
display_name = var.label_prefix == "none" ? format("${local.resource_shortname}%02d private route", count.index) : format("${var.label_prefix} ${local.resource_shortname}%02d private route", count.index)
vcn_id = oci_core_vcn.vcn[count.index].id
freeform_tags = var.tags
route_rules {
destination = local.anywhere
destination_type = "CIDR_BLOCK"
network_entity_id = oci_core_nat_gateway.natgw[count.index].id
}
dynamic "route_rules" {
for_each = var.service_gateway_enabled == true ? list(1) : []
content {
destination = lookup(data.oci_core_services.all_oci_services[0].services[0], "cidr_block")
destination_type = "SERVICE_CIDR_BLOCK"
network_entity_id = oci_core_service_gateway.service_gateway[0].id
}
}
}
# --- EOF ----------------------------------------------------------------------