deploy/terraform/terraform-units/modules/sap_landscape/nat_gateway.tf (60 lines of code) (raw):

# Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # https://github.com/hashicorp/terraform-provider-azurerm/issues/18741 # public IP address for the natGateway resource "azurerm_public_ip" "ng_pip" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 name = format("%s%s", local.nat_gateway_name, "-pip") location = local.region resource_group_name = azurerm_resource_group.resource_group[0].name idle_timeout_in_minutes = local.nat_gateway_idle_timeout_in_minutes zones = local.nat_gateway_public_ip_zones ip_tags = var.infrastructure.nat_gateway.ip_tags # tags = local.nat_gateway_public_ip_tags allocation_method = "Static" sku = "Standard" lifecycle { create_before_destroy = true } } # NAT Gateway # Currently only Standard SKU is supported. # https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview#availability-zones # Only one Availability Zone can be defined. We will not provide a zone for now. resource "azurerm_nat_gateway" "ng" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 name = local.nat_gateway_name location = local.region resource_group_name = azurerm_resource_group.resource_group[0].name idle_timeout_in_minutes = local.nat_gateway_idle_timeout_in_minutes sku_name = "Standard" depends_on = [ azurerm_public_ip.ng_pip ] } # NAT Gateway IP Configuration resource "azurerm_nat_gateway_public_ip_association" "ng_pip_assoc" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 nat_gateway_id = azurerm_nat_gateway.ng[0].id public_ip_address_id = azurerm_public_ip.ng_pip[0].id } # NAT Gateway subnet association with app subnet resource "azurerm_subnet_nat_gateway_association" "ng_subnet_assoc" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 nat_gateway_id = azurerm_nat_gateway.ng[0].id subnet_id = azurerm_subnet.app[0].id depends_on = [ azurerm_subnet.app ] } # NAT Gateway subnet association with db subnet resource "azurerm_subnet_nat_gateway_association" "ng_subnet_assoc_db" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 nat_gateway_id = azurerm_nat_gateway.ng[0].id subnet_id = azurerm_subnet.db[0].id depends_on = [ azurerm_subnet.db ] } # NAT Gateway subnet association with web subnet resource "azurerm_subnet_nat_gateway_association" "ng_subnet_assoc_web" { provider = azurerm.main count = local.create_nat_gateway ? 1 : 0 nat_gateway_id = azurerm_nat_gateway.ng[0].id subnet_id = azurerm_subnet.web[0].id depends_on = [ azurerm_subnet.web ] }