aws tf: terraform automation to create subnets in Wavelength Zones

Adding terraform automation to create resources subnet and route
table associations in AWS Wavelength zones.

The AWS Wavelength Zones are identified as edge zones by installer.

The Wavelength Zones does not support Nat Gateway, for that reason
the terraform will create only subnet and associations to the
route table from the parent region, when exists, otherwise
the first private route table will be used in the association.

The subnets in Wavelength Zones will be created only when the zone
names are supplied in the install-config.yaml in the edge compute pool.

AWS Wavelength requires an different type of gateway when ingress/egress
traffic from the zone: Carrier Gateway.

When installer creates the VPC, the terraform creates:
- the Carrier Gateway associating to the VPC
- public edge route table
- public subnet in Wavelength Zone, associating to the public edge route
  table

The installer odes not create Machine Set configuration to launch edge
nodes to public subnets, but the user can do it in install time, for
that reason an different feature is required to support MAPI AWS
Provider, not covered and not blockes the full automation delivered by
installer.

data/data/aws/cluster/main.tf

@@ -107,6 +107,7 @@ module "vpc" {
 
   edge_zones         = distinct(var.aws_edge_local_zones)
   edge_parent_gw_map = var.aws_edge_parent_zones_index
+  edge_zones_type    = var.aws_edge_zones_type
 
   tags = local.tags
 }

data/data/aws/cluster/vpc/variables.tf

@@ -15,6 +15,12 @@ variable "edge_parent_gw_map" {
   description = "The parent zone index used to lookup the NAT gateway for private subnets in Local Zone."
 }
 
+variable "edge_zones_type" {
+  type        = map(string)
+  default     = {}
+  description = "A map with types of Edge (Local or Wavelength) zones."
+}
+
 variable "cidr_blocks" {
   type        = list(string)
   description = "A list of IPv4 CIDRs with 0 index being the main CIDR."

data/data/aws/cluster/vpc/vpc-public.tf

@@ -1,3 +1,7 @@
+locals {
+  has_wavelength_zones = contains(values(var.edge_zones_type), "wavelength-zone")
+}
+
 resource "aws_internet_gateway" "igw" {
   count = var.vpc == null ? 1 : 0
 
@@ -71,7 +75,6 @@ resource "aws_subnet" "edge_public_subnet" {
     },
     var.tags,
   )
-
 }
 
 resource "aws_route_table_association" "route_net" {
@@ -84,7 +87,7 @@ resource "aws_route_table_association" "route_net" {
 resource "aws_route_table_association" "edge_public_routing" {
   count = var.edge_zones == null ? 0 : length(var.edge_zones)
 
-  route_table_id = aws_route_table.default[0].id
+  route_table_id = lookup(var.edge_zones_type, aws_subnet.edge_public_subnet[count.index].availability_zone, "") == "wavelength-zone" ? aws_route_table.carrier[0].id : aws_route_table.default[0].id
   subnet_id      = aws_subnet.edge_public_subnet[count.index].id
 }
 
@@ -121,3 +124,43 @@ resource "aws_nat_gateway" "nat_gw" {
   # https://issues.redhat.com/browse/OCPBUGS-891
   depends_on = [aws_eip.nat_eip, aws_subnet.public_subnet]
 }
+
+// Carrier Gateway for Wavelength Zones
+
+resource "aws_ec2_carrier_gateway" "carrier" {
+  count = local.has_wavelength_zones ? 1 : 0
+
+  vpc_id = data.aws_vpc.cluster_vpc.id
+
+  tags = merge(
+    {
+      "Name" = "${var.cluster_id}-cagw"
+    },
+    var.tags,
+  )
+}
+
+resource "aws_route_table" "carrier" {
+  count = local.has_wavelength_zones ? 1 : 0
+
+  vpc_id = data.aws_vpc.cluster_vpc.id
+
+  tags = merge(
+    {
+      "Name" = "${var.cluster_id}-public-carrier"
+    },
+    var.tags,
+  )
+}
+
+resource "aws_route" "carrier_default_route" {
+  count = local.has_wavelength_zones ? 1 : 0
+
+  destination_cidr_block = "0.0.0.0/0"
+  route_table_id         = aws_route_table.carrier[0].id
+  carrier_gateway_id     = aws_ec2_carrier_gateway.carrier[0].id
+
+  timeouts {
+    create = "20m"
+  }
+}

data/data/aws/cluster/vpc/vpc.tf

@@ -21,6 +21,7 @@ resource "aws_vpc_endpoint" "s3" {
   route_table_ids = concat(
     aws_route_table.private_routes.*.id,
     aws_route_table.default.*.id,
+    aws_route_table.carrier.*.id,
   )
 
   tags = var.tags