NEW: vpc-subnet

2020-04-23 10:36:56 +08:00 · 2020-04-23 10:36:56 +08:00 · 59baac926e
commit 59baac926e
parent d34a298bd1
5 changed files with 753 additions and 0 deletions
--- a/terraform/aws-vpc/README.md
+++ b/terraform/aws-vpc/README.md
@ -0,0 +1,26 @@
+# Terraform config for creating VPC and subnets
+
+These config will create the following resources on AWS. The VPC CIDR is hard-coded as 10.0.0.0/16. The number of subnets are also hard-coded. The subnets will sit in different availablity zones for redundancy. 
+
+* 1 VPC
+* 2 public subnets
+* 2 private subnets
+* 1 internet gateway
+* 1 nat gateway
+
+## Variables to TF
+These are required variables:
+
+```
+aws_access_key = "redacted"
+aws_secret_key = "redacted"
+aws_region = "ap-southeast-1"
+resource_prefix = "project1-dev"
+```
+
+## TF graph
+Here is what the graph looks like
+![tf graph](https://raw.githubusercontent.com/xpertkn/terraform/master/tfgraph.png?raw=true)
+
+## Revision notes
+* Previously terraform plan would fail to compute the count for routing table association. This is now corrected by hard-coding count to 2.
--- a/terraform/aws-vpc/provider.tf
+++ b/terraform/aws-vpc/provider.tf
@ -0,0 +1,9 @@
+variable "aws_access_key" {}
+variable "aws_secret_key" {}
+variable "aws_region" {}
+
+provider "aws" {
+  access_key = "${var.aws_access_key}"
+  secret_key = "${var.aws_secret_key}"
+  region     = "${var.aws_region}"
+}
--- a/terraform/aws-vpc/terraform.tfstate.backup
+++ b/terraform/aws-vpc/terraform.tfstate.backup
@ -0,0 +1,595 @@
+{
+    "version": 3,
+    "terraform_version": "0.11.13",
+    "serial": 4,
+    "lineage": "2078336f-aaf6-375a-bfc8-045cd3bf03c2",
+    "modules": [
+        {
+            "path": [
+                "root"
+            ],
+            "outputs": {
+                "NGW IP": {
+                    "sensitive": false,
+                    "type": "string",
+                    "value": "18.163.252.7"
+                }
+            },
+            "resources": {
+                "aws_eip.ngw1-eip": {
+                    "type": "aws_eip",
+                    "depends_on": [],
+                    "primary": {
+                        "id": "eipalloc-04938bc3a57bce4a2",
+                        "attributes": {
+                            "association_id": "eipassoc-bc0224fa",
+                            "domain": "vpc",
+                            "id": "eipalloc-04938bc3a57bce4a2",
+                            "instance": "",
+                            "network_interface": "eni-0b1dbb3b71e054dbd",
+                            "private_dns": "ip-10-10-1-250.ap-east-1.compute.internal",
+                            "private_ip": "10.10.1.250",
+                            "public_dns": "ec2-18-163-252-7.ap-east-1.compute.amazonaws.com",
+                            "public_ip": "18.163.252.7",
+                            "public_ipv4_pool": "amazon",
+                            "tags.%": "4",
+                            "tags.Environment": "KFLAB",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc": "true"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "delete": 180000000000,
+                                "read": 900000000000,
+                                "update": 300000000000
+                            }
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_internet_gateway.igw1": {
+                    "type": "aws_internet_gateway",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1"
+                    ],
+                    "primary": {
+                        "id": "igw-06ca78478fe064251",
+                        "attributes": {
+                            "id": "igw-06ca78478fe064251",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "IGW1",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_nat_gateway.ngw1": {
+                    "type": "aws_nat_gateway",
+                    "depends_on": [
+                        "aws_eip.ngw1-eip",
+                        "aws_subnet.PublicSubnet"
+                    ],
+                    "primary": {
+                        "id": "nat-0a0f567a7b2be1693",
+                        "attributes": {
+                            "allocation_id": "eipalloc-04938bc3a57bce4a2",
+                            "id": "nat-0a0f567a7b2be1693",
+                            "network_interface_id": "eni-0b1dbb3b71e054dbd",
+                            "private_ip": "10.10.1.250",
+                            "public_ip": "18.163.252.7",
+                            "subnet_id": "subnet-0359e673c34f253ba",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "NGW1",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table.PrivateRouteTable": {
+                    "type": "aws_route_table",
+                    "depends_on": [
+                        "aws_nat_gateway.ngw1",
+                        "aws_vpc.tf-vpc1"
+                    ],
+                    "primary": {
+                        "id": "rtb-035602b170ef6604c",
+                        "attributes": {
+                            "id": "rtb-035602b170ef6604c",
+                            "owner_id": "531700196402",
+                            "propagating_vgws.#": "0",
+                            "route.#": "1",
+                            "route.435226165.cidr_block": "0.0.0.0/0",
+                            "route.435226165.egress_only_gateway_id": "",
+                            "route.435226165.gateway_id": "",
+                            "route.435226165.instance_id": "",
+                            "route.435226165.ipv6_cidr_block": "",
+                            "route.435226165.nat_gateway_id": "nat-0a0f567a7b2be1693",
+                            "route.435226165.network_interface_id": "",
+                            "route.435226165.transit_gateway_id": "",
+                            "route.435226165.vpc_peering_connection_id": "",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PrivateRouteTable",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table.PublicRouteTable": {
+                    "type": "aws_route_table",
+                    "depends_on": [
+                        "aws_internet_gateway.igw1",
+                        "aws_vpc.tf-vpc1"
+                    ],
+                    "primary": {
+                        "id": "rtb-02bcab1779560cc51",
+                        "attributes": {
+                            "id": "rtb-02bcab1779560cc51",
+                            "owner_id": "531700196402",
+                            "propagating_vgws.#": "0",
+                            "route.#": "1",
+                            "route.3444604364.cidr_block": "0.0.0.0/0",
+                            "route.3444604364.egress_only_gateway_id": "",
+                            "route.3444604364.gateway_id": "igw-06ca78478fe064251",
+                            "route.3444604364.instance_id": "",
+                            "route.3444604364.ipv6_cidr_block": "",
+                            "route.3444604364.nat_gateway_id": "",
+                            "route.3444604364.network_interface_id": "",
+                            "route.3444604364.transit_gateway_id": "",
+                            "route.3444604364.vpc_peering_connection_id": "",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PublicRouteTable",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PrivateRTAsso.0": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PrivateRouteTable",
+                        "aws_subnet.PrivateSubnet.*",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-05a88207c27bee9da",
+                        "attributes": {
+                            "id": "rtbassoc-05a88207c27bee9da",
+                            "route_table_id": "rtb-035602b170ef6604c",
+                            "subnet_id": "subnet-0c82a60f32ae2f8ad"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PrivateRTAsso.1": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PrivateRouteTable",
+                        "aws_subnet.PrivateSubnet.*",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-002a15064a0083a05",
+                        "attributes": {
+                            "id": "rtbassoc-002a15064a0083a05",
+                            "route_table_id": "rtb-035602b170ef6604c",
+                            "subnet_id": "subnet-0d6211fd610aa8938"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PrivateRTAsso.2": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PrivateRouteTable",
+                        "aws_subnet.PrivateSubnet.*",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-0da9a81f34ac78df0",
+                        "attributes": {
+                            "id": "rtbassoc-0da9a81f34ac78df0",
+                            "route_table_id": "rtb-035602b170ef6604c",
+                            "subnet_id": "subnet-060093578727b2058"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PublicRTAsso.0": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PublicRouteTable",
+                        "aws_subnet.PublicSubnet.*"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-0b7bfd24daa7a7622",
+                        "attributes": {
+                            "id": "rtbassoc-0b7bfd24daa7a7622",
+                            "route_table_id": "rtb-02bcab1779560cc51",
+                            "subnet_id": "subnet-0359e673c34f253ba"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PublicRTAsso.1": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PublicRouteTable",
+                        "aws_subnet.PublicSubnet.*"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-06e5d4202f2b6c0af",
+                        "attributes": {
+                            "id": "rtbassoc-06e5d4202f2b6c0af",
+                            "route_table_id": "rtb-02bcab1779560cc51",
+                            "subnet_id": "subnet-09cd2a7b42b29f665"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_route_table_association.PublicRTAsso.2": {
+                    "type": "aws_route_table_association",
+                    "depends_on": [
+                        "aws_route_table.PublicRouteTable",
+                        "aws_subnet.PublicSubnet.*",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "rtbassoc-00a613ac12fdbec34",
+                        "attributes": {
+                            "id": "rtbassoc-00a613ac12fdbec34",
+                            "route_table_id": "rtb-02bcab1779560cc51",
+                            "subnet_id": "subnet-08e99844e0eef17c1"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PrivateSubnet.0": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-0c82a60f32ae2f8ad",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-0c82a60f32ae2f8ad",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1a",
+                            "availability_zone_id": "ape1-az1",
+                            "cidr_block": "10.10.21.0/24",
+                            "id": "subnet-0c82a60f32ae2f8ad",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PrivateSubnet-1",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PrivateSubnet.1": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-0d6211fd610aa8938",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-0d6211fd610aa8938",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1b",
+                            "availability_zone_id": "ape1-az2",
+                            "cidr_block": "10.10.22.0/24",
+                            "id": "subnet-0d6211fd610aa8938",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PrivateSubnet-2",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PrivateSubnet.2": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-060093578727b2058",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-060093578727b2058",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1c",
+                            "availability_zone_id": "ape1-az3",
+                            "cidr_block": "10.10.23.0/24",
+                            "id": "subnet-060093578727b2058",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PrivateSubnet-3",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PublicSubnet.0": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-0359e673c34f253ba",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-0359e673c34f253ba",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1a",
+                            "availability_zone_id": "ape1-az1",
+                            "cidr_block": "10.10.1.0/24",
+                            "id": "subnet-0359e673c34f253ba",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PublicSubnet-1",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PublicSubnet.1": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-09cd2a7b42b29f665",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-09cd2a7b42b29f665",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1b",
+                            "availability_zone_id": "ape1-az2",
+                            "cidr_block": "10.10.2.0/24",
+                            "id": "subnet-09cd2a7b42b29f665",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PublicSubnet-2",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_subnet.PublicSubnet.2": {
+                    "type": "aws_subnet",
+                    "depends_on": [
+                        "aws_vpc.tf-vpc1",
+                        "data.aws_availability_zones.available"
+                    ],
+                    "primary": {
+                        "id": "subnet-08e99844e0eef17c1",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:subnet/subnet-08e99844e0eef17c1",
+                            "assign_ipv6_address_on_creation": "false",
+                            "availability_zone": "ap-east-1c",
+                            "availability_zone_id": "ape1-az3",
+                            "cidr_block": "10.10.3.0/24",
+                            "id": "subnet-08e99844e0eef17c1",
+                            "ipv6_cidr_block": "",
+                            "ipv6_cidr_block_association_id": "",
+                            "map_public_ip_on_launch": "false",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "PublicSubnet-3",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable",
+                            "vpc_id": "vpc-0c53cfb832bc0d080"
+                        },
+                        "meta": {
+                            "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
+                                "create": 600000000000,
+                                "delete": 1200000000000
+                            },
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "aws_vpc.tf-vpc1": {
+                    "type": "aws_vpc",
+                    "depends_on": [],
+                    "primary": {
+                        "id": "vpc-0c53cfb832bc0d080",
+                        "attributes": {
+                            "arn": "arn:aws:ec2:ap-east-1:531700196402:vpc/vpc-0c53cfb832bc0d080",
+                            "assign_generated_ipv6_cidr_block": "false",
+                            "cidr_block": "10.10.0.0/16",
+                            "default_network_acl_id": "acl-0619fe30f30c120f7",
+                            "default_route_table_id": "rtb-01ddf6c0372c94c6e",
+                            "default_security_group_id": "sg-00650318d4a720af8",
+                            "dhcp_options_id": "dopt-72e2071b",
+                            "enable_dns_hostnames": "false",
+                            "enable_dns_support": "true",
+                            "id": "vpc-0c53cfb832bc0d080",
+                            "instance_tenancy": "default",
+                            "ipv6_association_id": "",
+                            "ipv6_cidr_block": "",
+                            "main_route_table_id": "rtb-01ddf6c0372c94c6e",
+                            "owner_id": "531700196402",
+                            "tags.%": "5",
+                            "tags.Environment": "KFLAB",
+                            "tags.Name": "KFLAB",
+                            "tags.TerraformMode": "InitialDeploymentOnly",
+                            "tags.TerraformiCliVersion": "0.12.24",
+                            "tags.Ticket": "NotApplicable"
+                        },
+                        "meta": {
+                            "schema_version": "1"
+                        },
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                },
+                "data.aws_availability_zones.available": {
+                    "type": "aws_availability_zones",
+                    "depends_on": [],
+                    "primary": {
+                        "id": "2020-04-23 02:00:46.293950735 +0000 UTC",
+                        "attributes": {
+                            "group_names.#": "1",
+                            "group_names.1219861030": "ap-east-1",
+                            "id": "2020-04-23 02:00:46.293950735 +0000 UTC",
+                            "names.#": "3",
+                            "names.0": "ap-east-1a",
+                            "names.1": "ap-east-1b",
+                            "names.2": "ap-east-1c",
+                            "state": "available",
+                            "zone_ids.#": "3",
+                            "zone_ids.0": "ape1-az1",
+                            "zone_ids.1": "ape1-az2",
+                            "zone_ids.2": "ape1-az3"
+                        },
+                        "meta": {},
+                        "tainted": false
+                    },
+                    "deposed": [],
+                    "provider": "provider.aws"
+                }
+            },
+            "depends_on": []
+        }
+    ]
+}
--- a/terraform/aws-vpc/tfgraph.png
+++ b/terraform/aws-vpc/tfgraph.png
--- a/terraform/aws-vpc/vpc-subnets.tf
+++ b/terraform/aws-vpc/vpc-subnets.tf
@ -0,0 +1,123 @@
+/* Hard coded values
+DPTicket tag
+Terraform version
+VPC name tag
+VPC CIDR
+Subnet octets
+*/
+
+terraform {
+  required_version = ">= 0.9.9"
+}
+
+variable "globalTags" {
+  type = "map"
+
+  default {
+    "Environment"      = "KFLAB"
+    "TerraformiCliVersion" = "0.12.24"
+    "TerraformMode" = "InitialDeploymentOnly"
+    "Ticket" = "NotApplicable"
+  }
+}
+
+variable "resource_prefix" {
+  default = "unspecified"
+}
+
+# VPC
+resource "aws_vpc" "tf-vpc1" {
+  cidr_block = "10.10.0.0/16"
+
+  tags = "${merge(var.globalTags, map("Name","KFLAB"))}"
+}
+
+# Get all AZs
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+# 2 az, 1 public subnet in each
+resource "aws_subnet" "PublicSubnet" {
+  vpc_id            = "${aws_vpc.tf-vpc1.id}"
+  cidr_block        = "10.10.${count.index + 1}.0/24"
+  availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
+
+  tags = "${merge(var.globalTags, map("Name","PublicSubnet-${count.index + 1}"))}"
+
+  count = "${length(data.aws_availability_zones.available.names)}"
+}
+
+
+# 2 az, 1 private subnet in each
+resource "aws_subnet" "PrivateSubnet" {
+  vpc_id            = "${aws_vpc.tf-vpc1.id}"
+  cidr_block        = "10.10.${count.index + 21}.0/24"
+  availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
+
+  tags = "${merge(var.globalTags, map("Name","PrivateSubnet-${count.index + 1}"))}"
+
+  count = "${length(data.aws_availability_zones.available.names)}"
+}
+
+# IGW
+resource "aws_internet_gateway" "igw1" {
+  vpc_id = "${aws_vpc.tf-vpc1.id}"
+
+  tags = "${merge(var.globalTags, map("Name","IGW1"))}"
+}
+
+# Public RT
+resource "aws_route_table" "PublicRouteTable" {
+  vpc_id = "${aws_vpc.tf-vpc1.id}"
+
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = "${aws_internet_gateway.igw1.id}"
+  }
+
+  tags = "${merge(var.globalTags, map("Name","PublicRouteTable"))}"
+}
+
+# Associate Public RT
+resource "aws_route_table_association" "PublicRTAsso" {
+  subnet_id      = "${element(aws_subnet.PublicSubnet.*.id, count.index)}"
+  route_table_id = "${aws_route_table.PublicRouteTable.id}"
+  count = "${length(data.aws_availability_zones.available.names)}"
+}
+
+# NAT Gateway
+resource "aws_eip" "ngw1-eip" {
+	vpc = true
+	tags = "${var.globalTags}"
+}
+
+resource "aws_nat_gateway" "ngw1" {
+  allocation_id = "${aws_eip.ngw1-eip.id}"
+  subnet_id     = "${aws_subnet.PublicSubnet.0.id}"
+  tags = "${merge(var.globalTags, map("Name","NGW1"))}"
+}
+
+# Private RT
+resource "aws_route_table" "PrivateRouteTable" {
+  vpc_id = "${aws_vpc.tf-vpc1.id}"
+
+  route {
+    cidr_block     = "0.0.0.0/0"
+    nat_gateway_id = "${aws_nat_gateway.ngw1.id}"
+  }
+
+  tags = "${merge(var.globalTags, map("Name","PrivateRouteTable"))}"
+}
+
+# Associate Private RT
+resource "aws_route_table_association" "PrivateRTAsso" {
+  subnet_id      = "${element(aws_subnet.PrivateSubnet.*.id, count.index)}"
+  route_table_id = "${aws_route_table.PrivateRouteTable.id}"
+  count = "${length(data.aws_availability_zones.available.names)}"
+}
+
+output "NGW IP" {
+  value = "${aws_nat_gateway.ngw1.public_ip}"
+}
+