Feature/allow to deploy in existing vpc (#12)

* Added creating eks in existing VPC

* added public_subnet variable

* fixed outputs

* terraform fmt

* terraform-docs: automated action

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

Author: Sztigar

README.md

@@ -18,8 +18,8 @@ No requirements.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.48.0 |
-| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.16.1 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.55.0 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.18.1 |
 
 ## Modules
 
@@ -37,12 +37,14 @@ No requirements.
 | [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
+| [aws_vpc.selected](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tags"></a> [additional\_tags](#input\_additional\_tags) | Additional tags to include | `map(string)` | `{}` | no |
+| <a name="input_create_vpc"></a> [create\_vpc](#input\_create\_vpc) | Specifies if new VPC be created, if not `vpc_id` and `subnet_ids` variables need to be provided | `bool` | `true` | no |
 | <a name="input_eks_additional_cluster_addons"></a> [eks\_additional\_cluster\_addons](#input\_eks\_additional\_cluster\_addons) | Map of additional cluster addon configurations to enable for the cluster. | `any` | `{}` | no |
 | <a name="input_eks_cluster_auth_role"></a> [eks\_cluster\_auth\_role](#input\_eks\_cluster\_auth\_role) | AWS roles with access permission to EKS cluster | <pre>list(object({<br>    rolearn : string<br>    username : string<br>    groups = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_eks_cluster_auth_user"></a> [eks\_cluster\_auth\_user](#input\_eks\_cluster\_auth\_user) | AWS users with access permission to EKS cluster | <pre>list(object({<br>    userarn : string<br>    username : string<br>    groups = list(string)<br>  }))</pre> | `[]` | no |
@@ -61,8 +63,11 @@ No requirements.
 | <a name="input_environment"></a> [environment](#input\_environment) | Environment name | `string` | n/a | yes |
 | <a name="input_logs_retention_days"></a> [logs\_retention\_days](#input\_logs\_retention\_days) | Log retention in days | `number` | `14` | no |
 | <a name="input_org"></a> [org](#input\_org) | Organization name - part of other resource names | `string` | `"terraform"` | no |
+| <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of IDs of existing private subnets, only used when `create_vpc` is set to `false` | `list(string)` | `[]` | no |
+| <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of IDs of existing public subnets, only used when `create_vpc` is set to `false` | `list(string)` | `[]` | no |
 | <a name="input_region"></a> [region](#input\_region) | n/a | `string` | `"eu-central-1"` | no |
 | <a name="input_vpc_cidr"></a> [vpc\_cidr](#input\_vpc\_cidr) | VPC CIDR address | `string` | `"10.0.0.0/16"` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of existing VPC, only used when `create_vpc` is set to `false` | `string` | `""` | no |
 | <a name="input_vpc_nat_setting"></a> [vpc\_nat\_setting](#input\_vpc\_nat\_setting) | Enable NAT Gateway | <pre>object({<br>    enable_nat_gateway : bool<br>    multi_az_nat_gateway : bool<br>  })</pre> | <pre>{<br>  "enable_nat_gateway": true,<br>  "multi_az_nat_gateway": false<br>}</pre> | no |
 
 ## Outputs

locals.tf

@@ -8,7 +8,8 @@ locals {
   azs_count                       = length(local.azs_names)
   public_subnet_cidrs             = [for step in range(local.azs_count) : cidrsubnet(var.vpc_cidr, 5, step)]
   private_subnet_cidrs            = [for step in range(local.azs_count) : cidrsubnet(var.vpc_cidr, 5, step + local.azs_count)]
-  eks_managed_node_group_defaults = var.eks_single_az ? merge(var.eks_cluster_node_groups_default_configuration, { subnet_ids = slice(module.vpc.private_subnets, 0, 1) }) : merge(var.eks_cluster_node_groups_default_configuration, { subnet_ids = module.vpc.private_subnets })
+  private_subnets                 = var.create_vpc ? module.vpc[0].private_subnets : var.private_subnet_ids
+  eks_managed_node_group_defaults = var.eks_single_az ? merge(var.eks_cluster_node_groups_default_configuration, { subnet_ids = slice(local.private_subnets, 0, 1) }) : merge(var.eks_cluster_node_groups_default_configuration, { subnet_ids = local.private_subnets })
 
   tags = merge({
     environment = var.environment

main.tf

@@ -1,4 +1,5 @@
 module "vpc" {
+  count   = var.create_vpc ? 1 : 0
   source  = "terraform-aws-modules/vpc/aws"
   version = "~> 3.0"
 
@@ -30,6 +31,11 @@ module "vpc" {
   tags = local.tags
 }
 
+data "aws_vpc" "selected" {
+  count = var.create_vpc ? 0 : 1
+  id    = var.vpc_id
+}
+
 module "kubernetes_secrets_encryption_key" {
   source      = "./modules/encryption"
   org         = var.org
@@ -45,8 +51,8 @@ module "eks" {
   cluster_name    = var.eks_cluster_name
   cluster_version = var.eks_cluster_version
 
-  vpc_id     = module.vpc.vpc_id
-  subnet_ids = concat(module.vpc.public_subnets, module.vpc.private_subnets)
+  vpc_id     = var.create_vpc ? module.vpc[0].vpc_id : var.vpc_id
+  subnet_ids = var.create_vpc ? concat(module.vpc[0].public_subnets, module.vpc[0].private_subnets) : concat(var.public_subnet_ids, var.private_subnet_ids)
 
   cluster_endpoint_private_access = var.eks_cluster_endpoint_access.enable_private_access
   cluster_endpoint_public_access  = var.eks_cluster_endpoint_access.enable_public_access

outputs.tf

@@ -3,38 +3,37 @@
 ############################
 
 output "vpc_name" {
-  value       = module.vpc.name
+  value       = try(module.vpc.name, null)
   description = "The name of the VPC"
 }
 
 output "vpc_id" {
-  value       = module.vpc.vpc_id
+  value       = try(module.vpc.vpc_id, null)
   description = "The VPC ID"
 }
 
 output "vpc_public_subnets_ids" {
-  value = module.vpc.public_subnets
-
+  value       = try(module.vpc.public_subnets, null)
   description = "The list of public subnets IDs associated with the VPC"
 }
 
 output "vpc_private_subnets_ids" {
-  value       = module.vpc.private_subnets
+  value       = try(module.vpc.private_subnets, null)
   description = "The list of private subnets IDs associated with the VPC"
 }
 
 output "vpc_nats_ids" {
-  value       = module.vpc.nat_ids
+  value       = try(module.vpc.nat_ids, null)
   description = "The list of allocation ID for Elastic IPs"
 }
 
 output "vpc_public_route_table_ids" {
-  value       = module.vpc.public_route_table_ids
+  value       = try(module.vpc.public_route_table_ids, null)
   description = "The list of IDs of public route tables"
 }
 
 output "vpc_private_route_table_ids" {
-  value       = module.vpc.private_route_table_ids
+  value       = try(module.vpc.private_route_table_ids, null)
   description = "The list of IDs of private route tables"
 }
 

variables.tf

@@ -185,3 +185,27 @@ variable "eks_single_az" {
   type        = bool
   default     = false
 }
+
+variable "create_vpc" {
+  description = "Specifies if new VPC be created, if not `vpc_id` and `subnet_ids` variables need to be provided"
+  type        = bool
+  default     = true
+}
+
+variable "vpc_id" {
+  description = "ID of existing VPC, only used when `create_vpc` is set to `false`"
+  type        = string
+  default     = ""
+}
+
+variable "private_subnet_ids" {
+  description = "List of IDs of existing private subnets, only used when `create_vpc` is set to `false`"
+  type        = list(string)
+  default     = []
+}
+
+variable "public_subnet_ids" {
+  description = "List of IDs of existing public subnets, only used when `create_vpc` is set to `false`"
+  type        = list(string)
+  default     = []
+}