adding option to create a route to nat gateway in database subnets

ebarault · ebarault · commit 01601169c00c · 2019-01-18T11:59:39.000+01:00
diff --git a/main.tf b/main.tf
@@ -122,7 +122,7 @@ resource "aws_route_table" "database" {
 }
 
 resource "aws_route" "database_internet_gateway" {
-  count = "${var.create_vpc && var.create_database_subnet_route_table && length(var.database_subnets) > 0 && var.create_database_internet_gateway_route ? 1 : 0}"
+  count = "${var.create_vpc && var.create_database_subnet_route_table && length(var.database_subnets) > 0 && var.create_database_internet_gateway_route && !var.create_database_nat_gateway_route ? 1 : 0}"
 
   route_table_id         = "${aws_route_table.database.id}"
   destination_cidr_block = "0.0.0.0/0"
@@ -133,6 +133,17 @@ resource "aws_route" "database_internet_gateway" {
   }
 }
 
+resource "aws_route" "database_nat_gateway" {
+  count = "${var.create_vpc && var.enable_nat_gateway && var.create_database_subnet_route_table && length(var.database_subnets) > 0 && var.create_database_nat_gateway_route && !var.create_database_internet_gateway_route ? local.nat_gateway_count : 0}"
+  route_table_id         = "${element(aws_route_table.private.*.id, count.index)}"
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = "${element(aws_nat_gateway.this.*.id, count.index)}"
+
+  timeouts {
+    create = "5m"
+  }
+}
+
 #################
 # Redshift routes
 #################
diff --git a/variables.tf b/variables.tf
@@ -122,6 +122,11 @@ variable "create_database_internet_gateway_route" {
   default     = false
 }
 
+variable "create_database_nat_gateway_route" {
+  description = "Controls if a nat gateway route should be created to give internet access to the database subnets"
+  default     = false
+}
+
 variable "azs" {
   description = "A list of availability zones in the region"
   default     = []
