update settings for single cgw

terraform-modules · Oct 17, 2022 · ad8d31b · ad8d31b
1 parent bd943bf
commit ad8d31b
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/vpn-transit-gateway/vpn-config.tf b/vpn-transit-gateway/vpn-config.tf
@@ -1,4 +1,6 @@
 locals {
+  single_vpn_tunnel_loopback   = one([for k, v in local.vpn_settings : v.tunnel_loopback])
+  single_vpn_tunnel_ip_address = one([for k, v in local.vpn_settings : v.ip_address])
   vpn_tunnel_outputs = { for k, v in local.vpn_settings : k => {
     vpn_name          = k
     site              = v.site
@@ -26,7 +28,7 @@ locals {
     tunnel1_vgw_inside_address = aws_vpn_connection.vpn[k].tunnel1_vgw_inside_address
     tunnel1_interface_number   = length(v.tunnel_interfaces) == 2 ? v.tunnel_interfaces[0] : ""
     tunnel1_track_number       = length(v.tunnel_track) == 2 ? v.tunnel_track[0] : ""
-    tunnel1_loopback           = v.tunnel_loopback != null ? v.tunnel_loopback : ""
+    tunnel1_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? local.single_vpn_tunnel_loopback : v.tunnel_loopback) : ""
 
     tunnel2_label              = format("%v %v %v %v %v", aws_vpn_connection.vpn[k].tunnel2_inside_cidr, local.account_id, local.region_short, var.vpc_short_name, v.label)
     tunnel2_bgp_asn            = aws_vpn_connection.vpn[k].tunnel2_bgp_asn
@@ -36,7 +38,7 @@ locals {
     tunnel2_vgw_inside_address = aws_vpn_connection.vpn[k].tunnel2_vgw_inside_address
     tunnel2_interface_number   = length(v.tunnel_interfaces) == 2 ? v.tunnel_interfaces[1] : ""
     tunnel2_track_number       = length(v.tunnel_track) == 2 ? v.tunnel_track[1] : ""
-    tunnel2_loopback           = v.tunnel_loopback != null ? v.tunnel_loopback : ""
+    tunnel2_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? local.single_vpn_tunnel_loopback : v.tunnel_loopback) : ""
     }
   }
   vpn_tunnel_secrets = { for k, v in local.vpn_settings : k => {
@@ -49,6 +51,11 @@ locals {
   vpn_site_tunnel_outputs = { for s in local.vpn_tunnel_sites : s => flatten([for k, v in local.vpn_tunnel_outputs : merge(v, local.vpn_tunnel_secrets[k]) if v.site == s]) }
   # vpn_site_tunnel_outputs  = { for s in local.vpn_tunnel_sites : s => flatten([for k, v in local.vpn_tunnel_outputs : v if v.site == s]) }
   vpn_site_common_settings = ["account_alias", "account_id", "region", "region_short", "vpc_cidr_block", "vpc_name", "vpc_short_name", "vpn_environment"]
+  single_cgw_settings = {
+    single_cgw       = var.use_single_cgw ? true : false
+    customer_address = var.use_single_cgw ? local.single_vpn_tunnel_ip_address : ""
+    loopback         = var.use_single_cgw ? local.single_vpn_tunnel_loopback : ""
+  }
 }
 
 
@@ -99,14 +106,14 @@ resource "local_sensitive_file" "vpn_details_yaml" {
 resource "local_sensitive_file" "vpn_site_details_json" {
   for_each = var.generate_json_files ? local.vpn_site_tunnel_outputs : {}
   #  content         = yamlencode({ version = local._module_version, site = each.key, vpns = each.value })
-  content         = jsonencode(merge({ version = local._module_version, site = each.key, vpns = each.value }, { for k in local.vpn_site_common_settings : k => each.value[0][k] }))
+  content         = jsonencode(merge({ version = local._module_version, site = each.key, vpns = each.value }, local.single_cgw_settings, { for k in local.vpn_site_common_settings : k => each.value[0][k] }))
   filename        = format("%v/%v/site.%v.%v.%v.json", path.root, null_resource.directory_setup.triggers.name, local.account_id, local.region, each.key)
   file_permission = "0644"
 }
 
 resource "local_sensitive_file" "vpn_site_details_yaml" {
   for_each        = var.generate_yaml_files ? local.vpn_site_tunnel_outputs : {}
-  content         = yamlencode(merge({ version = local._module_version, site = each.key, vpns = each.value }, { for k in local.vpn_site_common_settings : k => each.value[0][k] }))
+  content         = yamlencode(merge({ version = local._module_version, site = each.key, vpns = each.value }, local.single_cgw_settings, { for k in local.vpn_site_common_settings : k => each.value[0][k] }))
   filename        = format("%v/%v/site.%v.%v.%v.yml", path.root, null_resource.directory_setup.triggers.name, local.account_id, local.region, each.key)
   file_permission = "0644"
 }