X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/9b0de8314d6297df506734844bb2b833ba7d022c..2c2308f4161cfbb3eecfbf87e8decdfe3e128f6d:/tools/salt-install/terraform/aws/vpc/main.tf

diff --git a/tools/salt-install/terraform/aws/vpc/main.tf b/tools/salt-install/terraform/aws/vpc/main.tf
index 6e21139241..eba48b9f9e 100644
--- a/tools/salt-install/terraform/aws/vpc/main.tf
+++ b/tools/salt-install/terraform/aws/vpc/main.tf
@@ -24,12 +24,12 @@ resource "aws_vpc" "arvados_vpc" {
   enable_dns_hostnames = true
   enable_dns_support = true
 }
-resource "aws_subnet" "arvados_subnet" {
+resource "aws_subnet" "public_subnet" {
   vpc_id = aws_vpc.arvados_vpc.id
   availability_zone = local.availability_zone
   cidr_block = "10.1.1.0/24"
 }
-resource "aws_subnet" "compute_subnet" {
+resource "aws_subnet" "private_subnet" {
   vpc_id = aws_vpc.arvados_vpc.id
   availability_zone = local.availability_zone
   cidr_block = "10.1.2.0/24"
@@ -42,62 +42,58 @@ resource "aws_vpc_endpoint" "s3" {
   vpc_id = aws_vpc.arvados_vpc.id
   service_name = "com.amazonaws.${var.region_name}.s3"
 }
-resource "aws_vpc_endpoint_route_table_association" "arvados_s3_route" {
-  vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id = aws_route_table.arvados_subnet_rt.id
-}
 resource "aws_vpc_endpoint_route_table_association" "compute_s3_route" {
   vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id = aws_route_table.compute_subnet_rt.id
+  route_table_id = aws_route_table.private_subnet_rt.id
 }
 
 #
 # Internet access for Public IP instances
 #
-resource "aws_internet_gateway" "arvados_gw" {
+resource "aws_internet_gateway" "internet_gw" {
   vpc_id = aws_vpc.arvados_vpc.id
 }
 resource "aws_eip" "arvados_eip" {
-  for_each = toset(local.hostnames)
+  for_each = toset(local.public_hosts)
   depends_on = [
-    aws_internet_gateway.arvados_gw
+    aws_internet_gateway.internet_gw
   ]
 }
-resource "aws_route_table" "arvados_subnet_rt" {
+resource "aws_route_table" "public_subnet_rt" {
   vpc_id = aws_vpc.arvados_vpc.id
   route {
     cidr_block = "0.0.0.0/0"
-    gateway_id = aws_internet_gateway.arvados_gw.id
+    gateway_id = aws_internet_gateway.internet_gw.id
   }
 }
-resource "aws_route_table_association" "arvados_subnet_assoc" {
-  subnet_id = aws_subnet.arvados_subnet.id
-  route_table_id = aws_route_table.arvados_subnet_rt.id
+resource "aws_route_table_association" "public_subnet_assoc" {
+  subnet_id = aws_subnet.public_subnet.id
+  route_table_id = aws_route_table.public_subnet_rt.id
 }
 
 #
 # Internet access for Private IP instances
 #
-resource "aws_eip" "compute_nat_gw_eip" {
+resource "aws_eip" "nat_gw_eip" {
   depends_on = [
-    aws_internet_gateway.arvados_gw
+    aws_internet_gateway.internet_gw
   ]
 }
-resource "aws_nat_gateway" "compute_nat_gw" {
+resource "aws_nat_gateway" "nat_gw" {
   # A NAT gateway should be placed on a subnet with an internet gateway
-  subnet_id = aws_subnet.arvados_subnet.id
-  allocation_id = aws_eip.compute_nat_gw_eip.id
+  subnet_id = aws_subnet.public_subnet.id
+  allocation_id = aws_eip.nat_gw_eip.id
 }
-resource "aws_route_table" "compute_subnet_rt" {
+resource "aws_route_table" "private_subnet_rt" {
   vpc_id = aws_vpc.arvados_vpc.id
   route {
     cidr_block = "0.0.0.0/0"
-    nat_gateway_id = aws_nat_gateway.compute_nat_gw.id
+    nat_gateway_id = aws_nat_gateway.nat_gw.id
   }
 }
-resource "aws_route_table_association" "compute_subnet_assoc" {
-  subnet_id = aws_subnet.compute_subnet.id
-  route_table_id = aws_route_table.compute_subnet_rt.id
+resource "aws_route_table_association" "private_subnet_assoc" {
+  subnet_id = aws_subnet.private_subnet.id
+  route_table_id = aws_route_table.private_subnet_rt.id
 }
 
 resource "aws_security_group" "arvados_sg" {