add nat_gateway and add ref

main.tf

@@ -1,7 +1,14 @@
 terraform {
-  backend "local" {
-    path = "terraform.tfstate"
-  }
+  required_version = ">= 0.14.0"
+}
+
+variable "project_id" {
+  description = "The ID of the GCP project."
+}
+
+variable "region" {
+  description = "The region to create resources in."
+  default = "us-central1"
 }
 
 provider "google" {
@@ -10,22 +17,31 @@ provider "google" {
 }
 
 module "network" {
-  source     = "./modules/network"
-  project_id = var.project_id
-  region     = var.region
-  network    = var.network
-  subnet     = var.subnet
+  source = "./modules/network"
 }
 
 module "backend" {
   source = "./modules/backend"
+  startup_script = module.network.startup_script
+}
+
+module "nat_gateway" {
+  source = "./modules/network/nat_gateway"
+  network_name = module.network.network_name
+  region = var.region
+}
+
+module "firewall" {
+  source = "./modules/firewall"
+  network_name = module.network.network_name
 }
 
 module "frontend" {
-  source        = "./modules/frontend"
-  project_id    = var.project_id
-  region        = var.region
-  instance_type = var.instance_type
-  backend_ip    = module.network.backend_ip
-  subnet_ip     = module.network.subnet_ip
+  source = "./modules/frontend"
+  backend_service_name = module.backend.backend_service_name
+  network_name = module.network.network_name
+}
+
+output "frontend_external_ip" {
+  value = module.frontend.external_ip
 }

modules/nat_gateway/main.tf

@@ -0,0 +1,71 @@
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+resource "google_compute_network" "vpc_network" {
+  name                    = var.vpc_name
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "subnet" {
+  name          = var.subnet_name
+  network       = google_compute_network.vpc_network.self_link
+  ip_cidr_range = var.subnet_cidr_range
+}
+
+resource "google_compute_router" "router" {
+  name    = var.router_name
+  region  = var.region
+  network = google_compute_network.vpc_network.self_link
+
+  bgp {
+    asn = 64514
+  }
+
+  dynamic "interface" {
+    for_each = var.router_interfaces
+    content {
+      name               = interface.value.name
+      ip_address         = interface.value.ip_address
+      management        = interface.value.management
+      management_config = interface.value.management_config
+    }
+  }
+}
+
+resource "google_compute_address" "nat_ip" {
+  name         = var.nat_ip_name
+  region       = var.region
+  address_type = "EXTERNAL"
+}
+
+resource "google_compute_instance" "nat_instance" {
+  name         = var.nat_instance_name
+  machine_type = var.machine_type
+  zone         = var.zone
+  tags         = ["nat"]
+  boot_disk {
+    initialize_params {
+      image = var.image_name
+    }
+  }
+  network_interface {
+    network = google_compute_network.vpc_network.self_link
+    access_config {
+      nat_ip = google_compute_address.nat_ip.address
+    }
+  }
+}
+
+resource "google_compute_route" "nat_route" {
+  name                   = var.nat_route_name
+  destination_range      = var.destination_range
+  next_hop_instance      = google_compute_instance.nat_instance.self_link
+  next_hop_instance_zone = var.zone
+  tags                   = ["nat"]
+}
+
+output "nat_ip_address" {
+  value = google_compute_address.nat_ip.address
+}

modules/nat_gateway/variables.tf

@@ -0,0 +1,96 @@
+# Variables for network module
+variable "region" {
+  description = "The region where the network will be created"
+  type        = string
+}
+
+variable "project_id" {
+  description = "The project id where the network will be created"
+  type        = string
+}
+
+variable "network_name" {
+  description = "The name of the VPC network"
+  type        = string
+}
+
+variable "subnet_name" {
+  description = "The name of the subnet within the VPC network"
+  type        = string
+}
+
+variable "subnet_ip_cidr_range" {
+  description = "The IP CIDR range of the subnet within the VPC network"
+  type        = string
+}
+
+# Variables for backend module
+variable "bucket_name" {
+  description = "The name of the GCS bucket"
+  type        = string
+}
+
+# Variables for frontend module
+variable "instance_name" {
+  description = "The name of the instance"
+  type        = string
+}
+
+variable "instance_zone" {
+  description = "The zone where the instance will be created"
+  type        = string
+}
+
+variable "machine_type" {
+  description = "The machine type of the instance"
+  type        = string
+}
+
+variable "instance_startup_script" {
+  description = "The startup script for the instance"
+  type        = string
+}
+
+variable "firewall_allow_80" {
+  description = "Whether or not to allow incoming traffic on port 80"
+  type        = bool
+}
+
+# Variables for nat_gateway module
+variable "nat_gateway_name" {
+  description = "The name of the NAT gateway instance"
+  type        = string
+}
+
+variable "nat_gateway_zone" {
+  description = "The zone where the NAT gateway instance will be created"
+  type        = string
+}
+
+variable "nat_gateway_machine_type" {
+  description = "The machine type of the NAT gateway instance"
+  type        = string
+}
+
+variable "nat_gateway_startup_script" {
+  description = "The startup script for the NAT gateway instance"
+  type        = string
+}
+
+variable "nat_subnet_name" {
+  description = "The name of the subnet in which to deploy the NAT gateway"
+  type        = string
+}
+
+# Variables for firewall module
+variable "allowed_ingress_ports" {
+  description = "The list of ingress ports allowed to access the instance"
+  type        = list(number)
+  default     = [22, 80]
+}
+
+variable "allowed_egress_ports" {
+  description = "The list of egress ports allowed to leave the instance"
+  type        = list(number)
+  default     = []
+}