feat: utilize new routes resource (#121)

Co-authored-by: Adam Geiger <ageiger@us.ibm.com> Co-authored-by: Conall Ó Cofaigh <ocofaigh@ie.ibm.com>
terraform-ibm-modules · Oct 4, 2022 · 277085d · 277085d
1 parent 4d561b9
commit 277085d
Show file tree

Hide file tree

Showing 9 changed files with 109 additions and 35 deletions.
diff --git a/README.md b/README.md
@@ -152,7 +152,8 @@ You need the following permissions to run this module.
 | [ibm_is_vpc.vpc](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc) | resource |
 | [ibm_is_vpc_address_prefix.address_prefixes](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc_address_prefix) | resource |
 | [ibm_is_vpc_address_prefix.subnet_prefix](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc_address_prefix) | resource |
-| [ibm_is_vpc_route.route](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc_route) | resource |
+| [ibm_is_vpc_routing_table.route_table](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc_routing_table) | resource |
+| [ibm_is_vpc_routing_table_route.routing_table_routes](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc_routing_table_route) | resource |
 
 ## Inputs
 
@@ -169,7 +170,7 @@ You need the following permissions to run this module.
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | The prefix that you would like to append to your resources | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The region to which to deploy the VPC | `string` | n/a | yes |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the VPC to be created | `string` | n/a | yes |
-| <a name="input_routes"></a> [routes](#input\_routes) | OPTIONAL - Allows you to specify the next hop for packets based on their destination address | <pre>list(<br>    object({<br>      name        = string<br>      zone        = number<br>      destination = string<br>      next_hop    = string<br>    })<br>  )</pre> | `[]` | no |
+| <a name="input_routes"></a> [routes](#input\_routes) | OPTIONAL - Allows you to specify the next hop for packets based on their destination address | <pre>list(<br>    object({<br>      name                          = string<br>      route_direct_link_ingress     = optional(bool)<br>      route_transit_gateway_ingress = optional(bool)<br>      route_vpc_zone_ingress        = optional(bool)<br>      routes = optional(<br>        list(<br>          object({<br>            action      = optional(string)<br>            zone        = number<br>            destination = string<br>            next_hop    = string<br>          })<br>      ))<br>    })<br>  )</pre> | `[]` | no |
 | <a name="input_security_group_rules"></a> [security\_group\_rules](#input\_security\_group\_rules) | A list of security group rules to be added to the default vpc security group | <pre>list(<br>    object({<br>      name      = string<br>      direction = string<br>      remote    = string<br>      tcp = optional(<br>        object({<br>          port_max = optional(number)<br>          port_min = optional(number)<br>        })<br>      )<br>      udp = optional(<br>        object({<br>          port_max = optional(number)<br>          port_min = optional(number)<br>        })<br>      )<br>      icmp = optional(<br>        object({<br>          type = optional(number)<br>          code = optional(number)<br>        })<br>      )<br>    })<br>  )</pre> | <pre>[<br>  {<br>    "direction": "inbound",<br>    "name": "default-sgr",<br>    "remote": "10.0.0.0/8"<br>  }<br>]</pre> | no |
 | <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addressess. Public gateways will be enabled only in zones where a gateway has been created | <pre>object({<br>    zone-1 = list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    }))<br>    zone-2 = list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    }))<br>    zone-3 = list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    }))<br>  })</pre> | <pre>{<br>  "zone-1": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.10.10.0/24",<br>      "name": "subnet-a",<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-2": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.20.10.0/24",<br>      "name": "subnet-b",<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-3": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.30.10.0/24",<br>      "name": "subnet-c",<br>      "public_gateway": false<br>    }<br>  ]<br>}</pre> | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | List of Tags for the resource created | `list(string)` | `null` | no |

diff --git a/dynamic_values.tf b/dynamic_values.tf
@@ -34,10 +34,14 @@ module "unit_tests" {
   }
   routes = [
     {
-      name        = "test-route"
-      zone        = 1
-      destination = "test"
-      next_hop    = "test"
+      name = "test-route"
+      routes = [
+        {
+          zone        = 1
+          destination = "10.2.14.1/32"
+          next_hop    = "1.1.1.1"
+        }
+      ]
     }
   ]
   use_public_gateways = {

diff --git a/dynamic_values.unit_tests.tf b/dynamic_values.unit_tests.tf
@@ -23,7 +23,7 @@ locals {
   # tflint-ignore: terraform_unused_declarations
   assert_route_key_exists = lookup(module.unit_tests.routes, "test-route")
   # tflint-ignore: terraform_unused_declarations
-  assert_route_has_correct_next_hop = regex("test", module.unit_tests.routes["test-route"].next_hop)
+  assert_route_has_route_table = lookup(module.unit_tests.routing_table_route_map, "ut-test-route-route-1")
 }
 
 ##############################################################################

diff --git a/dynamic_values/outputs.tf b/dynamic_values/outputs.tf
@@ -79,3 +79,17 @@ output "subnet_map" {
 }
 
 ##############################################################################
+
+##############################################################################
+# Routing table
+##############################################################################
+
+output "routing_table_map" {
+  description = "Routing table as map"
+  value       = module.routes.value
+}
+
+output "routing_table_route_map" {
+  description = "Routing table routes as map"
+  value       = local.routing_table_route_map
+}
diff --git a/dynamic_values/routes.tf b/dynamic_values/routes.tf
@@ -0,0 +1,19 @@
+module "routes" {
+  source = "./config_modules/list_to_map"
+  list   = var.routes
+}
+
+locals {
+  routing_table_route_list = flatten(
+    [for route_table in module.routes.value : [
+      for rt in(lookup(route_table, "routes", null) == null ? [] : route_table.routes) :
+      merge(rt, { route_table = route_table.name, route_index = index(route_table.routes, rt) + 1 })
+      ]
+    ]
+  )
+
+  routing_table_route_map = {
+    for route in local.routing_table_route_list :
+    ("${var.prefix}-${route.route_table}-route-${route.route_index}") => route
+  }
+}
diff --git a/dynamic_values/variables.tf b/dynamic_values/variables.tf
@@ -37,10 +37,19 @@ variable "routes" {
   description = "direct reference to routes variable"
   type = list(
     object({
-      name        = string
-      zone        = number
-      destination = string
-      next_hop    = string
+      name                          = string
+      route_direct_link_ingress     = optional(bool)
+      route_transit_gateway_ingress = optional(bool)
+      route_vpc_zone_ingress        = optional(bool)
+      routes = optional(
+        list(
+          object({
+            action      = optional(string)
+            zone        = number
+            destination = string
+            next_hop    = string
+          })
+      ))
     })
   )
 }

diff --git a/main.tf b/main.tf
@@ -40,24 +40,27 @@ resource "ibm_is_vpc_address_prefix" "address_prefixes" {
 
 
 ##############################################################################
-# ibm_is_vpc_route: Create vpc route resource
+# Create vpc route resource
 ##############################################################################
 
-locals {
-  routes_map = {
-    # Convert routes from list to map
-    for route in var.routes :
-    (route.name) => route
-  }
+resource "ibm_is_vpc_routing_table" "route_table" {
+  for_each                      = module.dynamic_values.routing_table_map
+  name                          = "${var.prefix}-${var.name}-route-${each.value.name}"
+  vpc                           = ibm_is_vpc.vpc.id
+  route_direct_link_ingress     = each.value.route_direct_link_ingress
+  route_transit_gateway_ingress = each.value.route_transit_gateway_ingress
+  route_vpc_zone_ingress        = each.value.route_vpc_zone_ingress
 }
 
-resource "ibm_is_vpc_route" "route" {
-  for_each    = local.routes_map
-  name        = "${var.prefix}-${var.name}-route-${each.value.name}"
-  vpc         = ibm_is_vpc.vpc.id
-  zone        = each.value.zone
-  destination = each.value.destination
-  next_hop    = each.value.next_hop
+resource "ibm_is_vpc_routing_table_route" "routing_table_routes" {
+  for_each      = module.dynamic_values.routing_table_route_map
+  vpc           = ibm_is_vpc.vpc.id
+  routing_table = ibm_is_vpc_routing_table.route_table[each.value.route_table].routing_table
+  zone          = "${var.region}-${each.value.zone}"
+  name          = each.key
+  destination   = each.value.destination
+  action        = each.value.action
+  next_hop      = each.value.next_hop
 }
 
 ##############################################################################

diff --git a/module-metadata.json b/module-metadata.json
@@ -135,7 +135,7 @@
     },
     "routes": {
       "name": "routes",
-      "type": "list(\n    object({\n      name        = string\n      zone        = number\n      destination = string\n      next_hop    = string\n    })\n  )",
+      "type": "list(\n    object({\n      name                          = string\n      route_direct_link_ingress     = optional(bool)\n      route_transit_gateway_ingress = optional(bool)\n      route_vpc_zone_ingress        = optional(bool)\n      routes = optional(\n        list(\n          object({\n            action      = optional(string)\n            zone        = number\n            destination = string\n            next_hop    = string\n          })\n      ))\n    })\n  )",
       "description": "OPTIONAL - Allows you to specify the next hop for packets based on their destination address",
       "default": [],
       "pos": {
@@ -336,7 +336,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 78
+        "line": 81
       }
     },
     "ibm_is_security_group_rule.default_vpc_rule": {
@@ -413,10 +413,10 @@
         "line": 16
       }
     },
-    "ibm_is_vpc_route.route": {
+    "ibm_is_vpc_routing_table.route_table": {
       "mode": "managed",
-      "type": "ibm_is_vpc_route",
-      "name": "route",
+      "type": "ibm_is_vpc_routing_table",
+      "name": "route_table",
       "attributes": {
         "name": "prefix"
       },
@@ -425,7 +425,22 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 54
+        "line": 46
+      }
+    },
+    "ibm_is_vpc_routing_table_route.routing_table_routes": {
+      "mode": "managed",
+      "type": "ibm_is_vpc_routing_table_route",
+      "name": "routing_table_routes",
+      "attributes": {
+        "zone": "region"
+      },
+      "provider": {
+        "name": "ibm"
+      },
+      "pos": {
+        "filename": "main.tf",
+        "line": 55
       }
     }
   },

diff --git a/variables.tf b/variables.tf
@@ -399,10 +399,19 @@ variable "routes" {
   description = "OPTIONAL - Allows you to specify the next hop for packets based on their destination address"
   type = list(
     object({
-      name        = string
-      zone        = number
-      destination = string
-      next_hop    = string
+      name                          = string
+      route_direct_link_ingress     = optional(bool)
+      route_transit_gateway_ingress = optional(bool)
+      route_vpc_zone_ingress        = optional(bool)
+      routes = optional(
+        list(
+          object({
+            action      = optional(string)
+            zone        = number
+            destination = string
+            next_hop    = string
+          })
+      ))
     })
   )
   default = []