Skip to content

neticdk/tf-aws-vpc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
renovate.json
renovate.json
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Netic AWS VPC Terraform Module

Supported Terraform Versions

Terraform 0.12

Usage

module "vpc" {
  source = "github.com/neticdk/tf-aws-vpc"

  name = "my-vpc"
  cidr_block = "10.0.0.0/16"

  availability_zone_names = [ "eu-west-1a",    "eu-west-1b",    "eu-west-1c"    ]
  private_subnets         = [ "10.0.0.0/19",   "10.0.32.0/19",  "10.0.64.0/19"  ]
  protected_subnets       = [ "10.0.128.0/21", "10.0.136.0/21", "10.0.240.0/21" ]
  public_subnets          = [ "10.0.160.0/21", "10.0.168.0/21", "10.0.176.0/21" ]

  enable_dns_support      = true
  enable_dns_hostnames    = true
  map_public_ip_on_launch = false
  enable_s3_endpoint      = true
}

Subnets

Three types of subnets can be created:

  • public - used for resources that need routed public ip adresses
  • private - used for resources that need access through a NAT gateway
  • protected - used for resources without internet access

Public Subnets

If specifying any public subnets, the following resources will be created:

  • an internet gateway
  • a route table
  • a route on the public route tabel routing traffic to 0.0.0.0/0 through the internet gateway
  • a subnet for each cidr specified in public_subnets. Each subnet will be created in the availability corresponding to the position of the cidr in the availability_zone_names list
  • a route table association between each subnet and the public route table
  • a NAT gateway placed in each public subnet/availability zone with a corresponding elastic ip address

Private Subnets

If specifying any private subnets, the following resources will be created:

  • a route table for each availability zone specified in availability_zone_names
  • a subnet for each cidr specified in private_subnets. Each subnet will be created in the availability corresponding to the position of the cidr in the availability_zone_names list
  • a route table association between each subnet and the corresponding private route table
  • a route for each private subnet to 0.0.0.0/0 through the corresponding NAT gateway in the public subnet of the same availability zone

Protected Subnets

If specifying any protected subnets, the following resources will be created:

  • a route table for each availability zone specified in availability_zone_names
  • a subnet for each cidr specified in protected_subnets. Each subnet will be created in the availability corresponding to the position of the cidr in the availability_zone_names list
  • a route table association between each subnet and the corresponding protected route table

S3 Endpoints

If enabled_s3_endpoint is true, the following resources are created:

  • an S3 endpoint
  • a route table association between each public subnet and the s3 endpoint
  • a route table association between each private subnet and the s3 endpoint

Inputs

Name Description Type Default Required
assign_generated_ipv6_cidr_block Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC string "false" no
availability_zone_names A list of availability zone names in which resources will be created list <list> no
cidr_block The CIDR block for the VPC string "null" no
enable_dns_hostnames Should be true to enable DNS hostnames in the VPC string "false" no
enable_dns_support Should be true to enable DNS support in the VPC string "true" no
enable_nat_gateway Create NAT gateway(s) in public subnets bool "true" no
enable_s3_endpoint Should be true if you want to provision an S3 endpoint to the VPC string "false" no
enable_dynamodb_endpoint Should be true if you want to provision a DynamoDB endpoint to the VPC string "false" no
external_nat_ip_ids List of EIP IDs to be assigned to the NAT Gateways (used in combination with reuse_nat_ips) list(string) <list> no
igw_tags Additional tags for the internet gateway map <map> no
instance_tenancy A tenancy option for instances launched into the VPC string "null" no
map_public_ip_on_launch Should be false if you do not want to auto-assign public IP on launch string "true" no
name Name to be used on all the resources as identifier string "" no
nat_eip_tags Additional tags for the NAT EIP map <map> no
nat_gateway_tags Additional tags for the NAT gateways map <map> no
one_nat_gateway_per_az Use one NAT gateway in each availability zone specified in availability_zone_names bool "true" no
private_route_table_tags Additional tags for the private route tables map <map> no
private_subnet_suffix Suffix to privateend to private subnets name string "private" no
private_subnet_tags Additional tags for the private subnets map <map> no
private_subnets A list of private subnets inside the VPC list <list> no
protected_route_table_tags Additional tags for the protected route tables map <map> no
protected_subnet_group_tags Additional tags for the protected subnet group map <map> no
protected_subnet_suffix Suffix to append to protected subnets name string "protected" no
protected_subnet_tags Additional tags for the protected subnets map <map> no
protected_subnets A list of protected subnets inside the VPC list <list> no
public_route_table_tags Additional tags for the public route tables map <map> no
public_subnet_suffix Suffix to append to public subnets name string "public" no
public_subnet_tags Additional tags for the public subnets map <map> no
public_subnets A list of public subnets inside the VPC list <list> no
reuse_nat_ips Should be true if you don't want EIPs to be created for your NAT Gateways and will instead pass them in via the 'external_nat_ip_ids' variable bool "false" no
single_nat_gateway Use a single NAT gateway for all private subnets. Will be placed on the subnet in public_subnets. bool "false" no
tags A map of tags to add to all resources map <map> no
vpc_tags Additional tags for the VPC map <map> no

Outputs

Name Description
private_subnets The private subnets created in the VPC
protected_subnets The protected subnets
public_subnets The public subnets created in the VPC
vpc_arn Amazon Resource Name (ARN) of VPC
vpc_cidr_block The CIDR block of the VPC
vpc_id The ID of the VPC
private_route_table_ids Route table ids for private subnets
public_route_table_ids Route table ids for public subnets
protected_route_table_ids Route table ids for protected subnets

Copyright

Copyright (c) 2019 Netic A/S. All rights reserved.

License

MIT Licened. See LICENSE for full details.

About

Terraform module for managing VPCs in AWS

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages