-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add base VPC config for dev and prod environments
- Loading branch information
1 parent
4e25d33
commit c7c7c7f
Showing
1 changed file
with
14 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,69 +1,32 @@ | ||
| ###################################### | ||
| # VPC configuration for landing zone | ||
| # Development VPC | ||
| ###################################### | ||
|
|
||
| # | ||
| # Minimal example of VPC setup for development environment | ||
| # | ||
| module "vpc_dev" { | ||
| source = "github.com/peinser/tf-aws-landingzone-module-vpc" | ||
|
|
||
| env = "dev" | ||
| create_vpc = true | ||
| env = "dev" | ||
|
|
||
| vpc_name = "vpc-dev" | ||
| vpc_cidr = "10.0.0.0/16" | ||
| } | ||
|
|
||
| # | ||
| # Minimal example of VPC setup for production environment | ||
| # | ||
| module "vpc_prod" { | ||
| source = "github.com/peinser/tf-aws-landingzone-module-vpc" | ||
| # ------------------------------------------------------------------------------------ | ||
|
|
||
| env = "prod" | ||
|
|
||
| # VPC | ||
| vpc_name = "prod" | ||
| vpc_cidr = "10.1.0.0/16" | ||
|
|
||
| # VPC flow logs | ||
| vpc_flow_logs_retention_days = 60 | ||
|
|
||
| # NAT gateway | ||
| nat_gateway_per_az = true | ||
| } | ||
| ###################################### | ||
| # Production VPC | ||
| ###################################### | ||
|
|
||
| # | ||
| # Full example of VPC setup with all variables | ||
| # | ||
| module "vpc_complete_example" { | ||
| module "vpc_prod" { | ||
| source = "github.com/peinser/tf-aws-landingzone-module-vpc" | ||
|
|
||
| create_vpc = true | ||
| env = "dev" | ||
|
|
||
| # VPC | ||
| vpc_name = "vpc-dev" | ||
| vpc_cidr = "10.0.0.0/16" | ||
|
|
||
| # VPC flow logs | ||
| create_vpc_flow_logs = true # default: true if env == prod | ||
| vpc_flow_logs_retention_days = 7 | ||
| vpc_flow_logs_aggregation_interval = 600 | ||
|
|
||
| # Subnets | ||
| create_database_subnets = true | ||
| private_subnet_name_prefix = "private" | ||
| public_subnet_name_prefix = "public" | ||
| database_subnet_name_prefix = "database" | ||
| env = "prod" | ||
|
|
||
| private_subnet_cidr_blocks = ["10.0.1.0/24", "10.0.2.0/24"] # default used values when omitted | ||
| public_subnet_cidr_blocks = ["10.0.100.0/24", "10.0.101.0/24"] # default used values when omitted | ||
| database_subnet_cidr_blocks = ["10.0.10.0/24", "10.0.11.0/24"] # default used values when omitted | ||
|
|
||
| # NAT gateway | ||
| create_nat_gateways = true | ||
| single_nat_gateway = true # default: false if env == prod | ||
| nat_gateway_per_az = false # default: true if env == prod | ||
| vpc_name = "vpc-prod" | ||
| vpc_cidr = "10.1.0.0/16" | ||
|
|
||
| # VPC endpoints | ||
| create_vpc_endpoints = true # currently only an S3 endpoint is configured | ||
| single_nat_gateway = true | ||
| } |