terraform.aws-baseline-infra/modules/networking/vpc_subnets

Overview

This module performs the following tasks:

• Create VPC, vpcflow log
• Create subnets in every AZ
• Create IGW, NGW

Subnet addressing

This module takes in the VPC cidr. Then add 4 bits to the netmask and divide the cidr into 2 ranges. First range will be used for private subnet and second for public subnets. Another 4 bits are added to these ranges for each subnet.

For example, if the VPC cidr is 10.2.0.0/16, the following subnets will be created:

Subnet Type	Subnet AZ1	Subnet AZ2	Subnet AZ3
Private	10.2.0.0/24	10.2.1.0/24	10.2.2.0/24
Public	10.2.16.0/24	10.2.17.0/24	10.2.18.0/24

The VPC cidr netmask should be /20 or above, to produce subnets with /28 netmasks or above. Subnet smaller than /28 is unlikely useful.

Inputs:

Name	Description	Type	Default	Required
application	name of application	string	none	yes
environment	capacity of environment (prd/dev/lab)	string	none	yes
customer-name	owner of aws resources	string	none	yes
project	name of project	string	none	yes
default-tags	tags to be added to resources	list	none	yes
number-of-private-subnets-per-az	number of private subnets per az	number	0	yes
number-of-public-subnets-per-az	number of public subnets per az	number	0	yes
create-nat-gateway	whether to deploy NAT gateway for private subnets	bool	true	yes
vpc-cidr	VPC cidr	string	none	yes
enable-flowlog	whether to enable vpc flowlog	bool	true	yes
vpcflowlog-retain-days	number of days to retain vpc cloudwatch log	number	90	yes
aws-region-short	short name of aws region (e.g. apne1)	string	none	yes
aws-region	aws region (e.g. ap-northeast-1)	string	none	yes
vpcflowlog-cwl-loggroup-key-arn	kms key alias arn for log group encryption	string	none	yes

Outputs:

Name	Description	Type
vpc_id	vpc id	string
public_subnets	list of cidr blocks	list
private_subnets	list of cidr blocks	list