feat(vpc): add dev-vpc environment and vpc module

iac-template/terraform-standard/config/accounts/dev.yaml

@@ -12,6 +12,7 @@ tags:
   Environment: dev
   Owner: Platform
   CostCenter: "DEV"
+  Project: "modern-container-app"
 
 backend:
   bucket: svc-plus-iac-state

iac-template/terraform-standard/config/resources/vpc/dev.yaml

@@ -1,9 +1,19 @@
+name_prefix: "dev-vpc"
+
 vpc_cidr: "10.0.0.0/16"
 
 public_subnets:
-  - { cidr: "10.0.1.0/24", az: "ap-northeast-1a" }
-  - { cidr: "10.0.2.0/24", az: "ap-northeast-1c" }
+  - cidr: "10.0.1.0/24"
+    az: "ap-northeast-1a"
+    name: "dev-public-1"
+  - cidr: "10.0.2.0/24"
+    az: "ap-northeast-1c"
+    name: "dev-public-2"
 
 private_subnets:
-  - { cidr: "10.0.3.0/24", az: "ap-northeast-1a" }
-  - { cidr: "10.0.4.0/24", az: "ap-northeast-1c" }
+  - cidr: "10.0.11.0/24"
+    az: "ap-northeast-1a"
+    name: "dev-private-1"
+  - cidr: "10.0.12.0/24"
+    az: "ap-northeast-1c"
+    name: "dev-private-2"

iac-template/terraform-standard/envs/dev-vpc/.terraform.lock.hcl

@@ -0,0 +1,25 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.92.0"
+  constraints = "~> 5.92.0"
+  hashes = [
+    "h1:KS0bRFXK4N1Do9Y6olKtu4cMhcHvgGYYRHpN+VNfsnM=",
+    "zh:1d3a0b40831360e8e988aee74a9ff3d69d95cb541c2eae5cb843c64303a091ba",
+    "zh:3d29cbced6c708be2041a708d25c7c0fc22d09e4d0b174360ed113bfae786137",
+    "zh:4341a203cf5820a0ca18bb514ae10a6c113bc6a728fb432acbf817d232e8eff4",
+    "zh:4a49e2d91e4d92b6b93ccbcbdcfa2d67935ce62e33b939656766bb81b3fd9a2c",
+    "zh:54c7189358b37fd895dedbabf84e509c1980a8c404a1ee5b29b06e40497b8655",
+    "zh:5d8bb1ff089c37cb65c83b4647f1981fded993e87d8132915d92d79f29e2fcd8",
+    "zh:618f2eb87cd65b245aefba03991ad714a51ff3b841016ef68e2da2b85d0b2325",
+    "zh:7bce07bc542d0588ca42bac5098dd4f8af715417cd30166b4fb97cedd44ab109",
+    "zh:81419eab2d8810beb114b1ff5cbb592d21edc21b809dc12bb066e4b88fdd184a",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:9dea39d4748eeeebe2e76ca59bca4ccd161c2687050878c47289a98407a23372",
+    "zh:d692fc33b67ac89e916c8f9233d39eacab8c438fe10172990ee9d94fba5ca372",
+    "zh:d9075c7da48947c029ba47d5985e1e8e3bf92367bfee8ca1ff0e747765e779a1",
+    "zh:e81c62db317f3b640b2e04eba0ada8aa606bcbae0152c09f6242e86b86ef5889",
+    "zh:f68562e073722c378d2f3529eb80ad463f12c44aa5523d558ae3b69f4de5ca1f",
+  ]
+}

iac-template/terraform-standard/envs/dev-vpc/backend.tf

@@ -0,0 +1,9 @@
+terraform {
+  backend "s3" {
+    bucket         = "svc-plus-iac-state"
+    key            = "account/dev/iam/terraform.tfstate"
+    region         = "ap-northeast-1"
+    dynamodb_table = "svc-plus-iac-state-dynamodb-lock"
+  }
+}
+

iac-template/terraform-standard/envs/dev-vpc/main.tf

@@ -0,0 +1,20 @@
+locals {
+  account = yamldecode(
+    file("${path.root}/../../config/accounts/dev.yaml")
+  )
+
+  vpc_conf = yamldecode(
+    file("${path.root}/../../config/resources/vpc/dev.yaml")
+  )
+}
+
+module "dev_vpc" {
+  source = "../../modules/vpc"
+
+  vpc_cidr        = local.vpc_conf.vpc_cidr
+  public_subnets  = local.vpc_conf.public_subnets
+  private_subnets = local.vpc_conf.private_subnets
+  name_prefix     = local.vpc_conf.name_prefix
+
+  tags = local.account.tags
+}

iac-template/terraform-standard/envs/dev-vpc/outputs.tf

@@ -0,0 +1,19 @@
+output "vpc_id" {
+  value       = module.dev_vpc.vpc_id
+  description = "VPC ID for dev environment"
+}
+
+output "public_subnet_ids" {
+  value       = module.dev_vpc.public_subnet_ids
+  description = "Public Subnets for dev"
+}
+
+output "private_subnet_ids" {
+  value       = module.dev_vpc.private_subnet_ids
+  description = "Private Subnets for dev"
+}
+
+output "nat_gateway_id" {
+  value       = module.dev_vpc.nat_gateway_id
+  description = "NAT Gateway for dev"
+}

iac-template/terraform-standard/envs/dev-vpc/provider.tf

@@ -0,0 +1,20 @@
+terraform {
+  required_version = ">= 1.2"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.92.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = local.account.region
+
+  assume_role {
+    role_arn     = "arn:aws:iam::730335654753:role/TerraformDeployRole-Dev"
+    session_name = "TerraformDevSession"
+  }
+}
+

iac-template/terraform-standard/modules/vpc/main.tf

@@ -0,0 +1,102 @@
+resource "aws_vpc" "this" {
+  cidr_block           = var.vpc_cidr
+  enable_dns_support   = true
+  enable_dns_hostnames = true
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}"
+  })
+}
+
+resource "aws_internet_gateway" "igw" {
+  vpc_id = aws_vpc.this.id
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-igw"
+  })
+}
+
+resource "aws_subnet" "public" {
+  for_each = { for i, s in var.public_subnets : i => s }
+
+  vpc_id            = aws_vpc.this.id
+  cidr_block        = each.value.cidr
+  availability_zone = each.value.az
+
+  map_public_ip_on_launch = true
+
+  tags = merge(var.tags, {
+    Name = each.value.name
+  })
+}
+
+resource "aws_subnet" "private" {
+  for_each = { for i, s in var.private_subnets : i => s }
+
+  vpc_id            = aws_vpc.this.id
+  cidr_block        = each.value.cidr
+  availability_zone = each.value.az
+
+  tags = merge(var.tags, {
+    Name = each.value.name
+  })
+}
+
+resource "aws_eip" "nat" {
+  vpc = true
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-nat-eip"
+  })
+}
+
+resource "aws_nat_gateway" "nat" {
+  allocation_id = aws_eip.nat.id
+  subnet_id     = aws_subnet.public[0].id
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-nat"
+  })
+}
+
+resource "aws_route_table" "public" {
+  vpc_id = aws_vpc.this.id
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-public-rt"
+  })
+}
+
+resource "aws_route" "public_internet" {
+  route_table_id         = aws_route_table.public.id
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = aws_internet_gateway.igw.id
+}
+
+resource "aws_route_table_association" "public_assoc" {
+  for_each = aws_subnet.public
+
+  subnet_id      = each.value.id
+  route_table_id = aws_route_table.public.id
+}
+
+resource "aws_route_table" "private" {
+  vpc_id = aws_vpc.this.id
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-private-rt"
+  })
+}
+
+resource "aws_route" "private_nat" {
+  route_table_id         = aws_route_table.private.id
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = aws_nat_gateway.nat.id
+}
+
+resource "aws_route_table_association" "private_assoc" {
+  for_each = aws_subnet.private
+
+  subnet_id      = each.value.id
+  route_table_id = aws_route_table.private.id
+}

iac-template/terraform-standard/modules/vpc/outputs.tf

@@ -0,0 +1,39 @@
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = aws_vpc.this.id
+}
+
+output "vpc_cidr" {
+  description = "CIDR block of the VPC"
+  value       = aws_vpc.this.cidr_block
+}
+
+output "public_subnet_ids" {
+  description = "List of public subnet IDs"
+  value       = [for s in aws_subnet.public : s.id]
+}
+
+output "private_subnet_ids" {
+  description = "List of private subnet IDs"
+  value       = [for s in aws_subnet.private : s.id]
+}
+
+output "internet_gateway_id" {
+  description = "ID of the Internet Gateway"
+  value       = aws_internet_gateway.igw.id
+}
+
+output "nat_gateway_id" {
+  description = "ID of the NAT Gateway"
+  value       = aws_nat_gateway.nat.id
+}
+
+output "public_route_table_id" {
+  description = "ID of the public route table"
+  value       = aws_route_table.public.id
+}
+
+output "private_route_table_id" {
+  description = "ID of the private route table"
+  value       = aws_route_table.private.id
+}

iac-template/terraform-standard/modules/vpc/variables.tf

@@ -0,0 +1,5 @@
+variable "vpc_cidr" {}
+variable "public_subnets" {}
+variable "private_subnets" {}
+variable "name_prefix" {}
+variable "tags" {}