diff --git a/endpoints.tf b/endpoints.tf index ae2b22a..d81590a 100644 --- a/endpoints.tf +++ b/endpoints.tf @@ -5,17 +5,19 @@ module "endpoints_vpc" { source = "appvia/network/aws" version = "0.3.0" - availability_zones = var.connectivity_config.endpoints.network.availability_zones - enable_ipam = var.connectivity_config.endpoints.network.ipam_pool_id != null - enable_transit_gateway = true - enable_transit_gateway_appliance_mode = true - ipam_pool_id = var.connectivity_config.endpoints.network.ipam_pool_id - name = var.connectivity_config.endpoints.network.name - private_subnet_netmask = var.connectivity_config.endpoints.network.private_netmask - tags = var.tags - transit_gateway_id = module.tgw.ec2_transit_gateway_id - vpc_cidr = var.connectivity_config.endpoints.network.vpc_cidr - vpc_netmask = var.connectivity_config.endpoints.network.vpc_netmask + availability_zones = var.connectivity_config.endpoints.network.availability_zones + enable_default_route_table_association = false + enable_default_route_table_propagation = false + enable_ipam = var.connectivity_config.endpoints.network.ipam_pool_id != null + enable_transit_gateway = true + enable_transit_gateway_appliance_mode = true + ipam_pool_id = var.connectivity_config.endpoints.network.ipam_pool_id + name = var.connectivity_config.endpoints.network.name + private_subnet_netmask = var.connectivity_config.endpoints.network.private_netmask + tags = var.tags + transit_gateway_id = module.tgw.ec2_transit_gateway_id + vpc_cidr = var.connectivity_config.endpoints.network.vpc_cidr + vpc_netmask = var.connectivity_config.endpoints.network.vpc_netmask } ## Provision if required the shared private endpoints diff --git a/examples/central_vpc/README.md b/examples/central_vpc/README.md new file mode 100644 index 0000000..ef2fa69 --- /dev/null +++ b/examples/central_vpc/README.md @@ -0,0 +1,25 @@ + +## Requirements + +No requirements. + +## Providers + +No providers. + +## Modules + +No modules. + +## Resources + +No resources. + +## Inputs + +No inputs. + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/main.tf b/main.tf index b07f1b1..14ff974 100644 --- a/main.tf +++ b/main.tf @@ -29,20 +29,22 @@ module "egress_vpc" { source = "appvia/network/aws" version = "0.3.0" - availability_zones = var.connectivity_config.egress.network.availability_zones - enable_ipam = var.connectivity_config.egress.network.ipam_pool_id != null - enable_nat_gateway = true - enable_transit_gateway = true - enable_transit_gateway_subnet_natgw = true - ipam_pool_id = var.connectivity_config.egress.network.ipam_pool_id - name = var.connectivity_config.egress.network.name - nat_gateway_mode = "all_azs" - private_subnet_netmask = var.connectivity_config.egress.network.private_netmask - public_subnet_netmask = var.connectivity_config.egress.network.public_netmask - tags = var.tags - transit_gateway_id = module.tgw.ec2_transit_gateway_id - vpc_cidr = var.connectivity_config.egress.network.vpc_cidr - vpc_netmask = var.connectivity_config.egress.network.vpc_netmask + availability_zones = var.connectivity_config.egress.network.availability_zones + enable_default_route_table_association = false + enable_default_route_table_propagation = false + enable_ipam = var.connectivity_config.egress.network.ipam_pool_id != null + enable_nat_gateway = true + enable_transit_gateway = true + enable_transit_gateway_subnet_natgw = true + ipam_pool_id = var.connectivity_config.egress.network.ipam_pool_id + name = var.connectivity_config.egress.network.name + nat_gateway_mode = "all_azs" + private_subnet_netmask = var.connectivity_config.egress.network.private_netmask + public_subnet_netmask = var.connectivity_config.egress.network.public_netmask + tags = var.tags + transit_gateway_id = module.tgw.ec2_transit_gateway_id + vpc_cidr = var.connectivity_config.egress.network.vpc_cidr + vpc_netmask = var.connectivity_config.egress.network.vpc_netmask } ## Provision an ingress vpc if required @@ -51,18 +53,20 @@ module "ingress_vpc" { source = "appvia/network/aws" version = "0.3.0" - availability_zones = var.connectivity_config.ingress.network.availability_zones - enable_ipam = var.connectivity_config.ingress.network.ipam_pool_id != null - enable_nat_gateway = false - enable_transit_gateway = true - ipam_pool_id = var.connectivity_config.ingress.network.ipam_pool_id - name = var.connectivity_config.ingress.network.name - private_subnet_netmask = var.connectivity_config.ingress.network.private_netmask - public_subnet_netmask = var.connectivity_config.ingress.network.public_netmask - tags = var.tags - transit_gateway_id = module.tgw.ec2_transit_gateway_id - vpc_cidr = var.connectivity_config.ingress.network.vpc_cidr - vpc_netmask = var.connectivity_config.ingress.network.vpc_netmask + availability_zones = var.connectivity_config.ingress.network.availability_zones + enable_default_route_table_association = false + enable_default_route_table_propagation = false + enable_ipam = var.connectivity_config.ingress.network.ipam_pool_id != null + enable_nat_gateway = false + enable_transit_gateway = true + ipam_pool_id = var.connectivity_config.ingress.network.ipam_pool_id + name = var.connectivity_config.ingress.network.name + private_subnet_netmask = var.connectivity_config.ingress.network.private_netmask + public_subnet_netmask = var.connectivity_config.ingress.network.public_netmask + tags = var.tags + transit_gateway_id = module.tgw.ec2_transit_gateway_id + vpc_cidr = var.connectivity_config.ingress.network.vpc_cidr + vpc_netmask = var.connectivity_config.ingress.network.vpc_netmask } ## Share the transit gateway with the other principals