From fdb7726076cd01934f1b4cabd00bdb0b228c25cb Mon Sep 17 00:00:00 2001
From: Patrick de Ruiter <patrick.deruijter@leaseplan.com>
Date: Wed, 24 Jun 2020 13:39:14 +0200
Subject: [PATCH] first commit

---
 README.md    | 42 ++++++++++++++++++++++++++++++
 main.tf      | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 outputs.tf   | 27 ++++++++++++++++++++
 variables.tf | 65 +++++++++++++++++++++++++++++++++++++++++++++++
 versions.tf  | 10 ++++++++
 5 files changed, 216 insertions(+)
 create mode 100644 README.md
 create mode 100644 main.tf
 create mode 100644 outputs.tf
 create mode 100644 variables.tf
 create mode 100644 versions.tf

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..a3a3110
--- /dev/null
+++ b/README.md
@@ -0,0 +1,42 @@
+# Terraform Base Infra Modules
+
+By using this module you can quickly configure a new account and deploy the basic infrastructure into it making adding accounts and configuring them a relative breeze
+
+* This module consists only of other modules, no actual end resources like EC2 hosts or security groups are defined here, only references to these resources are defined here. All modules that make up this base_infra module are all individualy versioned to make sure that environments are all configured alike without losing the ability to make changes to the individual accounts.
+
+Currently this modules is consuming several other modules, below a list of all these modules;
+- label module (simplifies the labeling and naming of resources)
+- vpc module (Creates the VPC's and related resources like internet gateways, nat gateways, route tables, routes, peerings etc)
+- bastion module (Creates a bastion host and the required security groups)
+- subnets module (Creates the public and private subnets in the availability zones you specified)
+- eks_cluster module (Creates all resources to get an EKS cluster backend up and running)
+- eks_node_group module (Creates and configures the eks workernodes that will run the workloads )
+- flow_logs module (Enables all the network resources in the account to enable flowlogs)
+-
+Using this module is actualy very simple and consists only of adding the following piece of code to a file with the .tf extension and define the variables in one of the following files; terraform.tfvars or variables.tf
+
+```
+module "base_infra" {
+  source = "../../platform"
+  # Variables go beneath this line
+  name                   = var.name
+  vpc_cidr_block        = var.vpc_cidr_block
+  stage                 = var.stage
+  prefix                = var.prefix
+  availability_zones    = var.availability_zones
+  keyname               = var.keyname
+  public_keyname        = var.public_keyname
+  region                = var.region
+  instance_types        = var.instance_types
+  bastion_instance_type = var.bastion_instance_type
+  bastion_ami           = var.bastion_ami
+  disk_size             = var.disk_size
+  max_size              = var.max_size
+  min_size              = var.min_size
+  kubernetes_labels     = var.kubernetes_labels
+  kubeconfig_path       = var.kubeconfig_path
+  desired_size          = var.desired_size
+  aws_eks_update_kubeconfig_additional_arguments = var.aws_eks_update_kubeconfig_additional_arguments
+}
+```
+
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..dd47b52
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,72 @@
+module "label" {
+  #source     = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/terraform-null-label.git?ref=tags/0.16.0"
+  source     = "github.com/cloudposse/terraform-null-label.git?ref=tags/0.16.0"
+  name       = var.name
+  stage      = var.stage
+  delimiter  = var.delimiter
+  attributes = compact(concat(var.attributes, list("cluster")))
+  tags       = var.tags
+}
+
+locals {
+  tags = merge(module.label.tags, map("kubernetes.io/cluster/${module.label.id}", "shared"))
+}
+
+module "carnext_poc-day0-deploy" {
+  #source      = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/day0-roles.git?ref=tags/0.0.2"
+  source      = "github.com/webuildyourcloud/terraform-aws-day0-roles.git"
+}
+
+module "carnext_poc-asume-role" {
+  #source      = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/asume-role.git?ref=tags/0.0.2"
+  source      = "github.com/webuildyourcloud/terraform-aws-assume-role.git"
+}
+
+
+module "vpc" {
+  #source     = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/terraform-aws-vpc.git?ref=tags/0.8.1"
+  source     = "github.com:cloudposse/terraform-aws-vpc.git?ref=tags/0.8.1"
+  stage      = var.stage
+  name       = var.name
+  attributes = var.attributes
+  cidr_block = var.vpc_cidr_block
+  tags       = local.tags
+}
+
+module "flow_logs" {
+  #source    = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/terraform-aws-cloudwatch-flow-logs.git?ref=tags/0.3.3"
+  source    = "github.com:cloudposse/terraform-aws-cloudwatch-flow_logs.git"
+  vpc_id    = module.vpc.vpc_id
+  stage     = var.stage
+}
+
+module "subnets" {
+  #source               = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/terraform-aws-dynamic-subnets.git?ref=tags/0.18.1"
+  source               = "github.com:cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.18.1"
+  availability_zones   = var.availability_zones
+  stage                = var.stage
+  name                 = var.name
+  attributes           = var.attributes
+  vpc_id               = module.vpc.vpc_id
+  igw_id               = module.vpc.igw_id
+  cidr_block           = module.vpc.vpc_cidr_block
+  nat_gateway_enabled  = true
+  nat_instance_enabled = false
+  tags                 = local.tags
+}
+
+module "bastion" {
+  source         = "git::https://terraform:czf1xEsPje-nCsyuyUby@gitlab.carnext.io/infra/terraform/modules/bastion.git"
+  enable_bastion = true
+  environment    = var.stage
+  project        = var.prefix
+  aws_region     = var.region
+  key_name       = var.keyname
+  instance_type  = var.bastion_instance_type
+  subnet_id      = element(module.subnets.public_subnet_ids, 0)
+  vpc_id         = module.vpc.vpc_id
+
+  tags = {
+    Name = "${var.prefix}-${var.stage}-bastion"
+  }
+}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..1a4eb79
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,27 @@
+output "public_subnet_cidrs" {
+  value       = module.subnets.public_subnet_cidrs
+  description = "Public subnet CIDRs"
+}
+
+output "private_subnet_cidrs" {
+  value       = module.subnets.private_subnet_cidrs
+  description = "Private subnet CIDRs"
+}
+
+output "public_subnet_ids" {
+  value       = module.subnets.public_subnet_ids
+}
+
+output "private_subnet_ids" {
+  value       = module.subnets.private_subnet_ids
+}
+
+output "vpc_cidr_block" {
+  value       = module.vpc.vpc_cidr_block
+  description = "VPC ID"
+}
+
+output "vpc_id" {
+  value       = module.vpc.vpc_id
+  description = "VPC ID Main VPC"
+}  
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..27e156b
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,65 @@
+variable "region" {
+  type        = string
+  description = "AWS Region"
+}
+
+variable "availability_zones" {
+  type    = list(string)
+}
+
+variable "vpc_cidr_block" {
+  type        = string
+  description = "VPC CIDR block"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Namespace, which could be your organization name, e.g. 'eg' or 'cp'"
+}
+
+variable "stage" {
+  type        = string
+  description = "Stage, e.g. 'prod', 'staging', 'dev' or 'testing'"
+}
+
+variable "name" {
+  type        = string
+  description = "Solution name, e.g. 'app' or 'cluster'"
+}
+
+variable "delimiter" {
+  type        = string
+  default     = "-"
+  description = "Delimiter to be used between `name`, `namespace`, `stage`, etc."
+}
+
+variable "attributes" {
+  type        = list(string)
+  default     = []
+  description = "Additional attributes (e.g. `1`)"
+}
+
+variable "tags" {
+  type        = map(string)
+  default     = {}
+  description = "Additional tags (e.g. `map('BusinessUnit`,`XYZ`)"
+}
+
+### Bastion Server Settings ###
+variable "bastion_instance_type" {
+  type    = string
+  description = "EC2 type for bastion"
+}
+
+variable "bastion_ami" {
+  type    = string
+}
+
+variable "keyname" {
+  type    = string
+  default = ""
+}
+
+variable "public_keyname" {
+  default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDboPfi18b0We79c6mqQui+iPPL0KqUWIdm02hb6RyQ67buYPik6KRAin8hiwvgVHyBF3sdnDsaP9snSFq2QQXUtdB5MxHplIJSbdd/oREtTXHCc9OfhGEuJDqQ8ViHj1ApYlLNIohHAhJkVywkpMhLUHqLZ2DXhwVjM9XDHx0aoImwcyczzU9e4T8jtvLB+PlDRNxvCrKuf6Ir6sd1u9vHWQYR4kV61T3Z/VaeRPSF5Y50IF5ECTrNoQeR0NSRIrY6g4/hZzMisLxpybtO44jkZ7OPVwhAjfZgTTZYnrrSkdoL8HYbaEuKZC/WPvoCOfq5eF4ydpwUQomzeCD9pnOX pderuiter@MacBook-Pro-van-Patrick.local"
+}
diff --git a/versions.tf b/versions.tf
new file mode 100644
index 0000000..9840ed7
--- /dev/null
+++ b/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 0.12.0"
+
+  required_providers {
+    aws      = "~> 2.0"
+    template = "~> 2.0"
+    null     = "~> 2.0"
+    local    = "~> 1.3"
+  }
+}