Merge pull request #1 from NicGorod/feat/networking

Feat: implement networking module

Author: NicGorod

.gitignore

@@ -0,0 +1,7 @@
+
+*.tfstate
+*.tfstate.*
+
+./terraform.tfstate
+.terraform/.terraform.lock*
+

terraform.tfstate

@@ -0,0 +1,43 @@
+# VNet module
+
+This module creates a VNet and subnets in Azure.
+It also creates a network security group and associates it with the subnets.
+
+## Module usage
+
+Note: keep in mind this module calculates VNet address space based on the subnets provided.
+
+
+```hcl
+module "vnet" {
+  source            = "./modules/network"
+  name              = "my-vnet"
+  resource_group_id = azurerm_resource_group.example.id
+  location          = "canadaeast"
+  subnets = {
+    "subnet1" = {
+      address_prefixes = ["10.0.1.0/24"]
+      service_endpoints = ["Microsoft.Storage", "Microsoft.Sql"]
+    }
+    "subnet2" = {
+      address_prefixes = ["10.0.2.0/24"]
+      delegate = [
+        {
+          name    = "delegation"
+          service = "Microsoft.Web/serverFarms"
+          actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
+        }
+      ]
+    }
+    "subnet3" = {
+      address_prefixes = ["10.0.3.0/24"]
+      private_endpoint_network_policies_enabled = false
+    }
+  }
+  tags = {
+    Environment = "Production"
+    Project     = "MyProject"
+  }
+}
+```
+

terraform/.terraform.lock.hcl

@@ -0,0 +1,58 @@
+
+
+locals {
+  resource_group_name = split("/", var.resource_group_id)[4]
+
+  # Calculate VNet address space from subnet prefixes
+  # 1. Collects all subnet address prefixes into a flat list
+  # 2. Calculates the smallest possible CIDR block that can contain all subnets
+  # 3. Uses this calculated CIDR as the VNet's address space
+  all_subnet_prefixes = flatten([
+    for subnet in values(var.subnets) : subnet.address_prefixes
+  ])
+  # Get the smallest network that contains all subnets
+  vnet_cidr = [cidrhost(
+    format("%s/%s",
+      cidrhost(local.all_subnet_prefixes[0], 0),
+      tonumber(split("/", local.all_subnet_prefixes[0])[1]) - 1
+    ),
+    0
+  )]
+
+}
+
+resource "azurerm_virtual_network" "vnet" {
+  name                = var.vnet_name
+  location            = var.location
+  resource_group_name = local.resource_group_name
+  address_space       = local.vnet_cidr
+  tags                = var.tags
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+resource "azurerm_subnet" "subnets" {
+  for_each = var.subnets
+
+  name                                           = each.key
+  resource_group_name                            = local.resource_group_name
+  virtual_network_name                           = azurerm_virtual_network.vnet.name
+  address_prefixes                               = each.value.address_prefixes
+  service_endpoints                              = each.value.service_endpoints
+  private_endpoint_network_policies_enabled      = each.value.private_endpoint_network_policies_enabled
+  private_link_service_network_policies_enabled  = each.value.private_link_service_network_policies_enabled
+
+  dynamic "delegation" {
+    for_each = each.value.delegate
+    content {
+      name = delegation.value.name
+      service_delegation {
+        name    = delegation.value.service
+        actions = delegation.value.actions
+      }
+    }
+  }
+}
+

terraform/modules/network/README.md

@@ -0,0 +1,22 @@
+
+output "vnet_id" {
+  description = "The ID of the Virtual Network"
+  value       = azurerm_virtual_network.vnet.id
+}
+
+output "vnet_name" {
+  description = "The name of the Virtual Network"
+  value       = azurerm_virtual_network.vnet.name
+}
+
+output "vnet_address_space" {
+  description = "The address space of the Virtual Network"
+  value       = azurerm_virtual_network.vnet.address_space
+}
+
+output "subnet_ids" {
+  description = "Map of subnet names and their IDs"
+  value = {
+    for subnet_name, subnet in azurerm_subnet.subnets : subnet_name => subnet.id
+  }
+}

terraform/modules/network/networking.tf

@@ -0,0 +1,36 @@
+variable "vnet_name" {
+  description = "The name of VNet"
+  type        = string
+}
+
+variable "resource_group_id" {
+  description = "The ID of the resource group"
+  type        = string
+}
+
+variable "location" {
+  description = "The Azure region where the Virtual Network should be created"
+  type        = string
+}
+
+variable "tags" {
+  description = "A mapping of tags to assign to the Virtual Network"
+  type        = map(string)
+  default     = {}
+}
+
+variable "subnets" {
+  description = "Map of subnet configurations"
+  type = map(object({
+    address_prefixes                               = list(string)
+    service_endpoints                              = optional(list(string), [])
+    private_endpoint_network_policies_enabled      = optional(bool, true)
+    private_link_service_network_policies_enabled  = optional(bool, true)
+    delegate = optional(list(object({
+      name    = string
+      service = string
+      actions = list(string)
+    })), [])
+  }))
+}
+