Merge pull request #30 from mdr-engineering/feature/ftd_MSOCI-1273_remove_NAT_gateway_from_standard_vpc

Removes NAT Gateway and Updates Private DNS Zone

base/qualys_scanners/main.tf

@@ -36,7 +36,7 @@ module "vpc" {
   ec2_endpoint_private_dns_enabled = true
   ec2_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
 
-  dhcp_options_domain_name = var.inside_domain
+  dhcp_options_domain_name = var.dns_info["private"]["zone"]
 
   tags = merge(var.standard_tags, var.tags)
 

base/qualys_scanners/vars.tf

@@ -36,7 +36,7 @@ variable "personalization_codes" {
 # Below this line are variables inherited from higher levels, so they
 # do not need to be explicitly passed to this module.
 variable "standard_tags" { type = map }
-variable "inside_domain" { type = string }
+variable "vpn_info" { type = map }
 variable "aws_region" { type = string }
 variable "aws_partition" { type = string }
 variable "aws_account_id" { type = string }

base/security_vpc/main.tf

@@ -53,7 +53,7 @@ module "vpc" {
   enable_ec2_endpoint              = true # PA likes a local ec2 endpoint
   ec2_endpoint_security_group_ids  = [ module.aws_endpoints_sg.this_security_group_id ]
 
-  dhcp_options_domain_name = var.inside_domain
+  dhcp_options_domain_name = var.dns_info["private"]["zone"]
 
   tags = merge(var.standard_tags, var.tags)
 }

base/security_vpc/vars.tf

@@ -17,7 +17,7 @@ variable "tags" {
 # do not need to be explicitly passed to this module.
 variable "is_legacy" { type = bool }
 variable "standard_tags" { type = map }
-variable "inside_domain" { type = string }
+variable "dns_info" { type = map }
 variable "aws_account_id" { type = string }
 variable "aws_region" { type = string }
 variable "environment" { type = string }

base/standard_vpc/main.tf

@@ -29,7 +29,7 @@ module "vpc" {
       "${cidrsubnet(var.cidr,3,6)}",
   ]
 
-  enable_nat_gateway = true
+  enable_nat_gateway = false
   enable_vpn_gateway = false
   enable_dns_hostnames = true
   enable_s3_endpoint = true
@@ -46,7 +46,7 @@ module "vpc" {
   kms_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
   sts_endpoint_security_group_ids  =  [ "${module.aws_endpoints_sg.this_security_group_id}" ]
 
-  dhcp_options_domain_name = var.inside_domain
+  dhcp_options_domain_name = var.dns_info["private"]["zone"]
 
   tags = merge(var.standard_tags, var.tags)
 

base/standard_vpc/vars.tf

@@ -15,8 +15,8 @@ variable "tags" {
 }
 
 # Inherited
+variable "dns_info" { type = map }
 variable "standard_tags" { type = map }
-variable "inside_domain" { type = string }
 variable "aws_region" { type = string }
 variable "aws_account_id" { type = string }
 variable "aws_partition" { type = string }

base/test_instance/main.tf

@@ -54,7 +54,7 @@ data "template_file" "cloud-init" {
 
   vars = {
     hostname = "test_instance"
-    fqdn = "test_instance.${var.inside_domain}"
+    fqdn = "test_instance.${var.dns_info["private"]["zone"]}"
     environment = var.environment
   }
 }

base/test_instance/vars.tf

@@ -19,18 +19,6 @@ variable "create_test_instance" {
   type        = bool
 }
 
-variable "standard_tags" {
-  type        = map
-}
-
-variable "inside_domain" {
-  type        = string
-}
-
-variable "environment" {
-  type        = string
-}
-
 variable "aws_marketplace_ubuntu_owner_id" {
   type = string
 }
@@ -39,24 +27,8 @@ variable "test_instance_key_name" {
   type = string
 }
 
-# ----------------------------------
-# Required for remote state, though they can be used elsewhere
-variable "remote_state_bucket" {
-  type = string
-}
-
-variable "aws_region" {
-  type = string
-}
-
-variable "aws_partition" {
-  type = string
-}
-
-variable "common_services_account" {
-  type = string
-}
-
-variable "common_profile" {
-  type = string
-}
+variable "dns_info" { type = map }
+variable "standard_tags" { type = map }
+variable "environment" { type = string }
+variable "aws_region" { type = string }
+variable "aws_partition" { type = string }

base/vmray_instances/vars.tf

@@ -27,49 +27,19 @@ variable "tags" {
 # ----------------------------------
 # Below this line are variables inherited from higher levels, so they
 # do not need to be explicitly passed to this module.
-variable "instance_termination_protection" {
-  type        = bool
-}
-
-variable "standard_tags" {
-  type        = map
-}
-
-variable "inside_domain" {
-  type        = string
-}
-
-variable "aws_marketplace_ubuntu_owner_id" {
-  type        = string
-}
-
-variable "environment" {
-  type        = string
-}
-
-variable "portal_test_whitelist" {
-  type        = list
-}
-
+variable "instance_termination_protection" { type = bool }
+variable "standard_tags" { type = map }
+variable "dns_info" { type = map }
+variable "aws_marketplace_ubuntu_owner_id" { type = string }
+variable "environment" { type = string }
+variable "portal_test_whitelist" { type = list }
 
 # ----------------------------------
 # Required for remote state, though they can be used elsewhere
-variable "remote_state_bucket" {
-  type = string
-}
-
-variable "aws_region" {
-  type = string
-}
-
-variable "aws_partition" {
-  type = string
-}
 
-variable "common_services_account" {
-  type = string
-}
-
-variable "common_profile" {
-  type = string
-}
+# TODO: Use terragrunt dependencies instead
+variable "remote_state_bucket" { type = string }
+variable "aws_region" { type = string }
+variable "aws_partition" { type = string }
+variable "common_services_account" { type = string }
+variable "common_profile" { type = string }