terraform.aws-baseline-infra/modules/networking/vpc-subnet-manual
2024-02-09 10:35:15 +08:00
..
example NEW: adding example root module 2024-02-09 10:31:57 +08:00
main.tf UPD: module now supports more than 2 AZs. Still defaults to 2 for compatibility 2023-12-07 18:02:39 +08:00
outputs.tf UPD: updated vpc and vpcep modules to support provider default tags 2023-07-12 20:37:30 +08:00
README.md NEW: added versions.tf and updated read me once again 2024-02-09 10:35:15 +08:00
variables.tf UPD: updated variables and readme file 2024-02-09 10:31:43 +08:00
versions.tf NEW: added versions.tf and updated read me once again 2024-02-09 10:35:15 +08:00
vpc-flowlog.tf UPD: adding cwl log group class variable for flowlog 2024-02-09 10:27:12 +08:00

Overview

This module performs the following tasks:

  • Create VPC, vpcflow log
  • Create subnets in multiple AZ
  • Create IGW, NGW
  • Create s3 and ddb endpoints which are free

Requirements

Name Version
terraform >= 1.3.0
aws >= 5.0

Providers

Name Version
aws >= 5.0
random n/a

Modules

Name Source Version
vpc-ep ../vpc-endpoints n/a

Resources

Name Type
aws_cloudwatch_log_group.vpcflowlog-loggroup resource
aws_default_security_group.default-sg resource
aws_eip.ngw-eip resource
aws_flow_log.vpc-flowlog resource
aws_iam_role.vpcflowlog-role resource
aws_iam_role_policy.vpcflowlog-role-policy resource
aws_internet_gateway.igw resource
aws_nat_gateway.ngw resource
aws_route.private-routes resource
aws_route.public-routes resource
aws_route_table.private-route-table resource
aws_route_table.public-route-table resource
aws_route_table_association.private_route_association resource
aws_route_table_association.public_route_association resource
aws_subnet.private-subnets resource
aws_subnet.public-subnets resource
aws_vpc.vpc resource
aws_vpc_ipv4_cidr_block_association.additional_cidr resource
random_id.rid resource
aws_availability_zones.available-az data source
aws_caller_identity.this data source
aws_default_tags.this data source

Inputs

Name Description Type Default Required
create-free-vpc-endpoints Set true to deploy s3 and dynamodb endpoints, which are free bool true no
create-nat-gateway Set true to deploy NAT gateway bool false no
enable-flow-log Set true to deploy vpc flowlog bool true no
log-group-class Log group class for flowlog cloudwatch log group, which can be STANDARD or INFREQUENT_ACCESS string "STANDARD" no
num_azs By default, use 2 AZs for redundancy number 2 no
private-subnet-cidrs List of private subnet cidrs list(string) n/a yes
public-subnet-cidrs List of public subnet cidrs list(string) n/a yes
resource-prefix n/a any n/a yes
secondary_cidr_blocks Additional cidr blocks list(string) [] no
vpc-cidr CIDR of VPC to be created string n/a yes
vpcflowlog-cwl-loggroup-key-arn CWL log group encryption key arn string n/a yes
vpcflowlog-retain-days Days to retain flowlog number 90 no

Outputs

Name Description
private-route-table-id n/a
private-subnet-ids n/a
private_subnets n/a
public-route-table-id n/a
public-subnet-ids n/a
public_subnets n/a
route_tables_for_gateway_endpoints n/a
secondary_cidr_blocks n/a
vpc-cidr n/a
vpc_id n/a

Authorship

This module was developed by UPDATE_THIS.