The purpose of this module is to provide a consistent way to provision a VPC and associated resources in AWS.
Add example usage here
module "vpc" {
source = "appvia/network/aws"
version = "0.0.8"
availability_zones = var.availability_zones
enable_ipam = var.enable_ipam
enable_ssm = var.enable_ssm
enable_transit_gateway = var.enable_transit_gateway
enable_transit_gateway_appliance_mode = true
ipam_pool_id = data.aws_vpc_ipam_pool.current.id
name = var.name
private_subnet_netmask = var.private_subnet_netmask
pulic_subnet_netmask = var.public_subnet_netmask
tags = var.tags
transit_gateway_id = data.aws_ec2_transit_gateway.this.id
vpc_cidr = var.vpc_cidr
transit_gateway_rotues = {
private = aws_ec2_managed_prefix_list.internal.id
}
}The terraform-docs utility is used to generate this README. Follow the below steps to update:
- Make changes to the
.terraform-docs.ymlfile - Fetch the
terraform-docsbinary (https://terraform-docs.io/user-guide/installation/) - Run
terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .
| Name | Version |
|---|---|
| aws | ~> 5.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | Is the name of the network to provision | string |
n/a | yes |
| tags | Tags to apply to all resources | map(string) |
n/a | yes |
| additional_subnets | Additional subnets to create in the network | map(any) |
null |
no |
| availability_zones | The number of availability zone the network should be deployed into | number |
2 |
no |
| enable_default_route_table_association | Indicates the transit gateway default route table should be associated with the subnets | bool |
true |
no |
| enable_default_route_table_propagation | Indicates the transit gateway default route table should be propagated to the subnets | bool |
true |
no |
| enable_ipam | Indicates the cidr block for the network should be assigned from IPAM | bool |
true |
no |
| enable_nat_gateway | Indicates the network should provison nat gateways | bool |
false |
no |
| enable_private_endpoints | Indicates the network should provision private endpoints | list(string) |
[] |
no |
| enable_route53_resolver_rules | Automatically associates any shared route53 resolver rules with the VPC | bool |
true |
no |
| enable_ssm | Indicates we should provision SSM private endpoints | bool |
false |
no |
| enable_transit_gateway | Indicates the network should provison nat gateways | bool |
false |
no |
| enable_transit_gateway_appliance_mode | Indicates the network should be connected to a transit gateway in appliance mode | bool |
false |
no |
| enable_transit_gateway_subnet_natgw | Indicates if the transit gateway subnets should be connected to a nat gateway | bool |
false |
no |
| exclude_route53_resolver_rules | List of resolver rules to exclude from association | list(string) |
[] |
no |
| ipam_pool_id | An optional pool id to use for IPAM pool to use | string |
null |
no |
| nat_gateway_mode | The configuration mode of the NAT gateways | string |
"none" |
no |
| private_subnet_netmask | The netmask for the private subnets | number |
0 |
no |
| private_subnet_tags | Additional tags for the private subnets | map(string) |
{} |
no |
| public_subnet_netmask | The netmask for the public subnets | number |
0 |
no |
| public_subnet_tags | Additional tags for the public subnets | map(string) |
{} |
no |
| transit_gateway_id | If enabled, and not lookup is disabled, the transit gateway id to connect to | string |
"" |
no |
| transit_gateway_routes | If enabled, this is the cidr block to route down the transit gateway | map(string) |
{ |
no |
| transit_subnet_tags | Additional tags for the transit subnets | map(string) |
{} |
no |
| vpc_cidr | An optional cidr block to assign to the VPC (if not using IPAM) | string |
null |
no |
| vpc_instance_tenancy | The name of the VPC to create | string |
"default" |
no |
| vpc_netmask | An optional range assigned to the VPC | number |
null |
no |
| Name | Description |
|---|---|
| nat_public_ips | The public IPs of the NAT Gateways i.e [public_ip, public_ip] |
| natgw_id_per_az | The IDs of the NAT Gateways (see aws-ia/vpc/aws for details) |
| private_route_table_ids | The IDs of the private route tables ie. [route_table_id, route_table_id] |
| private_subnet_attributes_by_az | The attributes of the private subnets (see aws-ia/vpc/aws for details) |
| private_subnet_cidr_by_id | A map of the private subnet ID to CIDR block i.e. us-west-2a => subnet_cidr |
| private_subnet_cidrs | A list of the CIDRs for the private subnets |
| private_subnet_id_by_az | A map of availability zone to subnet id of the private subnets i.e. eu-west-2a => subnet_id |
| private_subnet_ids | The IDs of the private subnets i.e. [subnet_id, subnet_id] |
| public_route_table_ids | The IDs of the public route tables ie. [route_table_id, route_table_id] |
| public_subnet_attributes_by_az | The attributes of the public subnets (see aws-ia/vpc/aws for details) |
| public_subnet_cidr_by_id | A map of the public subnet ID to CIDR block i.e. us-west-2a => subnet_cidr |
| public_subnet_cidrs | A list of the CIDRs for the public subnets i.e. [subnet_cidr, subnet_cidr] |
| public_subnet_id_by_az | A map of availability zone to subnet id of the public subnets i.e. eu-west-2a => subnet_id |
| public_subnet_ids | The IDs of the public subnets i.e. [subnet_id, subnet_id] |
| rt_attributes_by_type_by_az | The attributes of the route tables (see aws-ia/vpc/aws for details) |
| transit_gateway_attachment_id | The ID of the transit gateway attachment if enabled |
| transit_route_table_by_az | A map of availability zone to transit gateway route table ID i.e eu-west-2a => route_table_id |
| transit_route_table_ids | The IDs of the transit gateway route tables ie. [route_table_id, route_table_id] |
| transit_subnet_attributes_by_az | The attributes of the transit gateway subnets (see aws-ia/vpc/aws for details) |
| transit_subnet_ids | The IDs of the transit gateway subnets ie. [subnet_id, subnet_id] |
| vpc_attributes | The attributes of the VPC (see aws-ia/vpc/aws for details) |
| vpc_cidr | The CIDR block of the VPC |
| vpc_id | The ID of the VPC |