From 5a78ea196078599524f76b522544f28f5a0686a4 Mon Sep 17 00:00:00 2001 From: Lukas Wolter Date: Mon, 27 Apr 2026 15:49:01 +0200 Subject: [PATCH 1/2] added routing tables --- modules/landing-zone/3-network.tf | 44 ++++++++++++++++++++++++++++--- modules/landing-zone/variables.tf | 17 ++++++++++++ 2 files changed, 57 insertions(+), 4 deletions(-) diff --git a/modules/landing-zone/3-network.tf b/modules/landing-zone/3-network.tf index 6ace280..d0aec6e 100644 --- a/modules/landing-zone/3-network.tf +++ b/modules/landing-zone/3-network.tf @@ -1,12 +1,48 @@ ############# -## NETWORK ## +## ROUTING ## ############# +resource "stackit_routing_table" "this" { + count = var.network_area_id != null ? 1 : 0 + organization_id = var.organization_id + network_area_id = var.network_area_id + name = var.naming_pattern + system_routes = false + + labels = local.labels +} + +resource "stackit_routing_table_route" "this" { + count = var.network_area_id != null ? 1 : 0 + routing_table_id = stackit_routing_table.this[0].routing_table_id + + organization_id = var.organization_id + network_area_id = var.network_area_id + + destination = { + type = "cidrv4" + value = "0.0.0.0/0" + } + + next_hop = { + type = "ipv4" + value = var.firewall_next_hop_ip + } + labels = local.labels +} + +############# +## NETWORK ## +############# resource "stackit_network" "this" { - count = var.network_area_id != null ? 1 : 0 + count = var.network_area_id != null ? 1 : 0 + project_id = stackit_resourcemanager_project.this.project_id - project_id = stackit_resourcemanager_project.this.project_id name = "${var.naming_pattern}-routed" ipv4_prefix_length = var.network_prefix_length routed = true -} \ No newline at end of file + ipv4_nameservers = var.ipv4_nameservers + routing_table_id = stackit_routing_table.this[0].routing_table_id + + labels = local.labels +} diff --git a/modules/landing-zone/variables.tf b/modules/landing-zone/variables.tf index 1f52b6b..39962b3 100644 --- a/modules/landing-zone/variables.tf +++ b/modules/landing-zone/variables.tf @@ -1,3 +1,8 @@ +variable "organization_id" { + type = string + description = "Container ID of the root organization." +} + variable "custom_roles" { type = list(object({ name = string @@ -53,4 +58,16 @@ variable "role_assignments" { })) description = "List of role assignments for the project. Subject can be a user email or service account email." default = [] +} + +variable "firewall_next_hop_ip" { + type = string + description = "IP address of the firewall next hop." + default = null +} + +variable "ipv4_nameservers" { + type = list(string) + description = "List of IPv4 nameservers for the network. Required if network_area_id is null." + default = null } \ No newline at end of file From 4fdebf36d18cef8d69c73e3843e415f1b966f1f3 Mon Sep 17 00:00:00 2001 From: Lukas Wolter Date: Mon, 27 Apr 2026 15:50:14 +0200 Subject: [PATCH 2/2] added routing tables --- modules/landing-zone/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/landing-zone/variables.tf b/modules/landing-zone/variables.tf index 39962b3..30d04df 100644 --- a/modules/landing-zone/variables.tf +++ b/modules/landing-zone/variables.tf @@ -68,6 +68,6 @@ variable "firewall_next_hop_ip" { variable "ipv4_nameservers" { type = list(string) - description = "List of IPv4 nameservers for the network. Required if network_area_id is null." + description = "List of IPv4 nameservers for the network." default = null } \ No newline at end of file