Skip to content

Latest commit

 

History

History
76 lines (64 loc) · 8.07 KB

Readme.md

File metadata and controls

76 lines (64 loc) · 8.07 KB

terraform-aws-network module

This module helps you create a Network (VPC), with public, private and db subnets along with VPC Flow logging in s3 bucket. Adds NAT gateway to your subnet and optionally helps you with multi-az NAT gatway.

Requirements

Name Version
terraform >=1.20

Providers

Name Version
aws n/a

Modules

No modules.

Resources

Name Type
aws_eip.this resource
aws_flow_log.vpc resource
aws_internet_gateway.this resource
aws_nat_gateway.this resource
aws_route.igw resource
aws_route.natgw_route resource
aws_route_table.db resource
aws_route_table.private resource
aws_route_table.public resource
aws_route_table_association.db resource
aws_route_table_association.private_rt resource
aws_route_table_association.pub_rt resource
aws_s3_bucket.flog_log resource
aws_s3_bucket_policy.policy resource
aws_subnet.db_subnet resource
aws_subnet.private_subnet resource
aws_subnet.public_subnet resource
aws_vpc.this resource
aws_caller_identity.this data source
aws_iam_policy_document.bucket data source
aws_partition.current data source
aws_region.this data source

Inputs

Name Description Type Default Required
additional_tags Tags as Key/Value pair map. These tags are attached all the resources created by module map(string) {} no
auto_assign_public_ips_to_public_subnet_resources When set to true, resources created in public subnets will be associated with public ip address by default. Default is to true. This can be overriden during the individual resources creation like EC2 bool true no
aws_region Default AWS Region where this module should create resources string "us-east-1" no
azs Availability Zones as list, default is empty. If not provided, AZs will be autoassigned during subnet creation list(string) [] no
enable_dns_hostnamed This allows your resources to be accessed via aws allocated internal dns names, default is true bool true no
enable_multiaz_nat_gateway Weather to create multiple NAT Gateways per AZ for high availability. Default is set to false. Number of NAT Gateways Created are equal to the numebr AZS available or Public subnet, Whichever is less bool false no
enable_vpc_flow_logs Enables VPC Flow logs. Default is false. You should enable this for audit and compliance bool false no
ipv4_db_subnet_cidrs List of IPv4 CIDR Block for DB subnets. Default is empty list, No DB subnets will be created list(string) [] no
ipv4_primary_cidr_block Primary VPC CIDR Block. Example 10.30.0.0/16 string n/a yes
ipv4_private_subnet_cidrs List of IPv4 CIDR Block for Private subnets. Default is empty list, No private subnets will be created list(string) [] no
ipv4_public_subnet_cidrs List of IPv4 CIDR Block for Public subnets. Default is empty list, No public subnets will be created list(string) [] no
namespace Namespace used as one of the combination for tags prefix. Usually goes to Name tag string "example" no
stage Stage used as one of the combination for tags prefix. Usually goes to Name tag and helps identify environment. Default is set to dev string "dev" no
use_nat_gateway If NAT gateway should be created be Private subnet. Default is set to true bool true no
vpc_flow_logs_default_bucket VPC flow logs bucket to be used, if enable_vpc_flow_logs is set to true. If not set bucket name will be prefixed by ${local.tag_prefix}-${data.aws_caller_identity.this.account_id} string "" no
vpc_flow_logs_traffic_type The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL string "ALL" no

Outputs

Name Description
db_subnet returns the map with list of id and ipv4_cidrs. Example accessing first db subnet id: module.<modulename>.db_subnet.id[0]
private_subnet returns the map with list of id and ipv4_cidrs. Example accessing first private subnet id: module.<modulename>.private_subnet.id[0]
public_subnet returns the map with list of id and ipv4_cidrs. Example accessing first public subnet id: module.<modulename>.public_subnet.id[0]
vpc returns the map with id and primary_vpc_cidr. Example accessing vpc id: module.<modulename>.vpc.id