xpk/terraform.aws-baseline-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7023e71fb5
terraform.aws-baseline-infra/modules/networking/vpc_subnets
History
xpk 15942ee76c
UPD: took back the last change, subnet cidrs are now calculated by this module. See README.md for more details
2022-12-12 12:56:33 +08:00
..
main.tf NEW: added vpc and subnet code 2021-01-28 15:04:01 +08:00
outputs.tf UPD: added headdesk code and security group module 2022-10-06 15:20:42 +08:00
README.md UPD: took back the last change, subnet cidrs are now calculated by this module. See README.md for more details 2022-12-12 12:56:33 +08:00
variables.tf UPD: took back the last change, subnet cidrs are now calculated by this module. See README.md for more details 2022-12-12 12:56:33 +08:00
vpc-flowlog.tf DOC: added readme 2021-01-28 16:36:32 +08:00
vpc.tf UPD: took back the last change, subnet cidrs are now calculated by this module. See README.md for more details 2022-12-12 12:56:33 +08:00

README.md

Overview

This module performs the following tasks:

  • Create VPC, vpcflow log
  • Create subnets in every AZ
  • Create IGW, NGW

Subnet addressing

Subnet cidrs are calculated automatically. Due to the design of terraform's cidrsubnets, this module has limitations:

  • supports 2, 4, 6, or 8 subnets in total.
  • hard-coded to work with 2 AZs, regardless of number of AZs available in the region.

Based on the input variables, it will create subnet cidrs using the following function

Private Subnets per az Public Subnets per az Function Example if a /24 is used on VPC
1 0 cidrsubnets(local.vpc-cidr, 1,1) 2 * /25
1 1 cidrsubnets(local.vpc-cidr, 2,2,2,2) 4 * /26
2 1 cidrsubnets(local.vpc-cidr, 3,3,3,3,3,3) 6 * /27
2 2 cidrsubnets(local.vpc-cidr, 4,4,4,4,4,4,4,4) 8 * /28

simple-divide = local.total-no-subnets >=8 ? cidrsubnets(local.vpc-cidr, 4,4,4,4,4,4,4,4) : local.total-no-subnets >=6 ? cidrsubnets(local.vpc-cidr, 3,3,3,3,3,3) : local.total-no-subnets >=4 ? cidrsubnets(local.vpc-cidr, 2,2,2,2) : local.total-no-subnets >=2 ? cidrsubnets(local.vpc-cidr, 1,1) : null

Inputs:

Name Description Type Default Required
application name of application string none yes
environment capacity of environment (prd/dev/lab) string none yes
customer-name owner of aws resources string none yes
project name of project string none yes
default-tags tags to be added to resources list none yes
number-of-private-subnets-per-az number of private subnets per az number 0 yes
number-of-public-subnets-per-az number of public subnets per az number 0 yes
create-nat-gateway whether to deploy NAT gateway for private subnets bool true yes
vpc-cidr VPC cidr string none yes
enable-flowlog whether to enable vpc flowlog bool true yes
vpcflowlog-retain-days number of days to retain vpc cloudwatch log number 90 yes
aws-region-short short name of aws region (e.g. apne1) string none yes
aws-region aws region (e.g. ap-northeast-1) string none yes
vpcflowlog-cwl-loggroup-key-arn kms key alias arn for log group encryption string none yes

Outputs:

Name Description Type
vpc_id vpc id string
public_subnets list of cidr blocks list
private_subnets list of cidr blocks list