Skip to content

Latest commit

 

History

History
109 lines (91 loc) · 10.5 KB

README.md

File metadata and controls

109 lines (91 loc) · 10.5 KB

terraform-aws-vpc

An opinionated Terraform module that can be used to create and manage an VPC in AWS in a simplified way.

Requirements

Name Version
terraform >= 1.2.0
aws >= 4.31.0
null >= 3.1.1
tls < 4.0.0

Providers

Name Version
aws >= 4.31.0
local n/a
null >= 3.1.1
tls < 4.0.0

Modules

Name Source Version
bastion cloudposse/ec2-bastion-server/aws 0.31.0
vpc terraform-aws-modules/vpc/aws 5.15.0

Resources

Name Type
aws_key_pair.bastion resource
aws_route_table_association.additional_private_subnets resource
aws_route_table_association.additional_public_subnets resource
aws_subnet.additional_private_subnets resource
aws_subnet.additional_public_subnets resource
local_file.private_key resource
null_resource.wait_for_secondary_cidrs resource
tls_private_key.bastion resource
aws_availability_zones.available data source

Inputs

Name Description Type Default Required
additional_private_subnet_tags Additional tags for the private subnets map(string) {} no
additional_private_subnets Additional private subnets to create. 
list(object({
    availability_zone = string
    cidr              = string
    tags              = map(string)
  }))
 [] no
additional_public_subnet_tags Additional tags for the public subnets map(string) {} no
additional_public_subnets Additional public subnets to create. 
list(object({
    availability_zone = string
    cidr              = string
    tags              = map(string)
  }))
 [] no
availability_zones List of availability zone names that subnets can get deployed into.
If not provided, defaults to all AZs for the region.		 list(string) [] no
bastion_host_ami_id The ID of the AIM to use for the instance. Setting this will ignore bastion_host_ami_name_filter and bastion_host_ami_owners. string null no
bastion_host_ami_name_filter The AMI filter to use for the bastion host's AMI. string "amzn2-ami-hvm-2.*-x86_64-ebs" no
bastion_host_ami_owners The list of owners used to select the AMI. list(string) 
[
  "amazon"
]
 no
bastion_host_assign_public_ip Whether to assign a public IP address to the bastion host. bool false no
bastion_host_enabled Whether to create an EC2 instance in the VPC that can be used as a bastion host. bool false no
bastion_host_extra_security_groups A list of extra security groups to associate with the bastion host. list(string) [] no
bastion_host_instance_type The instance type to use for the bastion host. string "t2.micro" no
bastion_host_security_group_rules A list of security group rules to apply to the bastion host. list(any) 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "description": "Allow all outbound traffic",
    "from_port": 0,
    "protocol": -1,
    "to_port": 0,
    "type": "egress"
  },
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "description": "Allow all inbound to SSH",
    "from_port": 22,
    "protocol": "tcp",
    "to_port": 22,
    "type": "ingress"
  }
]
 no
bastion_host_ssh_public_key If specified, will be used as the public SSH key for the bastion host. string "" no
bastion_host_user_data The user data to use for the bastion host. list(string) [] no
bastion_host_user_data_base64 The user data to use for the bastion host, base64 encoded. string "" no
cidr The CIDR to be used for the VPC. string n/a yes
enable_ipv6 Whether to enable the ipv6 stack. bool false no
map_public_ip_on_launch Whether to map public IPs on launch. bool false no
name The name of the VPC. string n/a yes
region The region in which to create the VPC. string n/a yes
secondary_cidr_blocks List of secondary CIDR blocks to use. list(string) [] no
tags The tags to place on the VPC. map(string) n/a yes

Outputs

Name Description
additional_private_subnet_ids The IDs of the additional private subnets that have been created.
additional_private_subnets_cidr_blocks The additional private subnets that have been created.
additional_public_subnet_ids The IDs of the additional public subnets that have been created.
bastion_host_key_pair_name The name of the SSH key pair associated with the bastion host.
bastion_host_private_ip n/a
bastion_host_public_ip n/a
bastion_host_security_group_id n/a
bastion_host_ssh_user n/a
id The ID of the VPC.
private_route_table_ids The IDs of the private route table that have been created.
private_subnet_ids The IDs of the main private subnets that have been created.
public_route_table_ids The IDs of the public route table that have been created.
public_subnet_ids The IDs of the main public subnets that have been created.
vpc_cidr_block The IPv4 CIDR block that have been used.
vpc_ipv6_cidr_block The IPv6 CIDR block that have been used.
vpn_gw_id The ID of the VPN gateway that has been created.

License

Copyright 2022 Isovalent, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.