5.1 KiB
5.1 KiB
Overview
This module performs the following tasks:
- Create VPC, vpcflow log
- Create subnets in multiple AZ
- Create IGW, NGW
- Create s3 and ddb endpoints which are free
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| aws | >= 5.0 |
Providers
| Name | Version |
|---|---|
| aws | >= 5.0 |
| random | n/a |
Modules
| Name | Source | Version |
|---|---|---|
| vpc-ep | ../vpc-endpoints | n/a |
Resources
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.vpcflowlog-loggroup | resource |
| aws_default_security_group.default-sg | resource |
| aws_eip.ngw-eip | resource |
| aws_flow_log.vpc-flowlog | resource |
| aws_iam_role.vpcflowlog-role | resource |
| aws_iam_role_policy.vpcflowlog-role-policy | resource |
| aws_internet_gateway.igw | resource |
| aws_nat_gateway.ngw | resource |
| aws_route.private-routes | resource |
| aws_route.public-routes | resource |
| aws_route_table.private-route-table | resource |
| aws_route_table.public-route-table | resource |
| aws_route_table_association.private_route_association | resource |
| aws_route_table_association.public_route_association | resource |
| aws_subnet.private-subnets | resource |
| aws_subnet.public-subnets | resource |
| aws_vpc.vpc | resource |
| aws_vpc_ipv4_cidr_block_association.additional_cidr | resource |
| random_id.rid | resource |
| aws_availability_zones.available-az | data source |
| aws_caller_identity.this | data source |
| aws_default_tags.this | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| create-free-vpc-endpoints | Set true to deploy s3 and dynamodb endpoints, which are free | bool |
true |
no |
| create-nat-gateway | Set true to deploy NAT gateway | bool |
false |
no |
| enable-flow-log | Set true to deploy vpc flowlog | bool |
true |
no |
| log-group-class | Log group class for flowlog cloudwatch log group, which can be STANDARD or INFREQUENT_ACCESS | string |
"STANDARD" |
no |
| num_azs | By default, use 2 AZs for redundancy | number |
2 |
no |
| private-subnet-cidrs | List of private subnet cidrs | list(string) |
n/a | yes |
| public-subnet-cidrs | List of public subnet cidrs | list(string) |
n/a | yes |
| resource-prefix | n/a | any |
n/a | yes |
| secondary_cidr_blocks | Additional cidr blocks | list(string) |
[] |
no |
| vpc-cidr | CIDR of VPC to be created | string |
n/a | yes |
| vpcflowlog-cwl-loggroup-key-arn | CWL log group encryption key arn | string |
n/a | yes |
| vpcflowlog-retain-days | Days to retain flowlog | number |
90 |
no |
Outputs
| Name | Description |
|---|---|
| private-route-table-id | n/a |
| private-subnet-ids | n/a |
| private_subnets | n/a |
| public-route-table-id | n/a |
| public-subnet-ids | n/a |
| public_subnets | n/a |
| route_tables_for_gateway_endpoints | n/a |
| secondary_cidr_blocks | n/a |
| vpc-cidr | n/a |
| vpc_id | n/a |
Authorship
This module was developed by UPDATE_THIS.