Skip to content

KoeSystems/terraform-aws-vpc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
policies
policies
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

VPC terraform module

GitHub release Terraform version Terraform version Terraform version GitHub license

A terraform module to create an AWS VPC.

For security reasons:

  • Default RTB is not associated with any VPC subnet.
  • Default ACL DENY ALL.
  • Default SG DENY ALL.

Module Input Variables

  • name - AWS VPC name
  • domain_name (optional) - Domain Name used in the DHCP options. Will be used to complete unqualified DNS hostnames within the VPC. Default value "".
  • cidr_block (optional) - VPC CIDR Block. Default value 10.0.0.0/16.
  • ipv6_cidr_block (optional) - Enable IPv6 in the VPC. Default value false.
  • ipv6_private_egress (optional) - Enable IPv6 Egress Gateway for private subnets. Default value false.
  • tenancy (optional) - Force the default hardware tenancy of any instance you launch in the VPC. Default value default.
  • enable_dns_support (optional) - Indicates whether the DNS resolution is supported for the VPC. Default value true.
  • enable_dns_hostnames (optional) - Indicates whether the instances launched in the VPC get public DNS hostnames. Default value true.
  • domain_name_servers (optional) - DNS servers that will resolve hostnames. Default value AmazonProvidedDNS.
  • AZs (optional) - Number of AWS AZs to be used (a,b,c,d,e).
  • enable_vpc_flow_logs - Enable AWS VPC Flow Logs for this VPC. Default value false.
  • enable_nat_gw - Create one NAT Gateway for each AZs. Default value true.
  • allow_all_ACL - Add generic ACL rules to allow ALL traffic.
  • only_public - Create only public subnets, not private subnets.

Caveats

Adding IPv6 support to an already existing VPC with only IPv4 is not supported. You will have to destroy it and create a new VPC.

Usage examples

module "vpc" {
  source  = "github.com/KoeSystems/terraform-aws-vpc?ref=v0.5.0"
  name    = "vpc01"
}

Enable VPC Flow Logs

module "vpc" {
  source  = "github.com/KoeSystems/terraform-aws-vpc"
  name    = "vpc01"
  vpc_flow_logs = true
}

Enable IPv6

module "vpc" {
  source  = "github.com/KoeSystems/terraform-aws-vpc"
  name    = "vpc01"
  ipv6_cidr_block = true
}

Production ready VPC

module "vpc" {
  source               = "github.com/KoeSystems/terraform-aws-vpc?ref=v0.5.0"
  name                 = "vpc01"
  AZs                  = "a,b,c"
  cidr_block           = "10.0.0.0/16"
  only_public          = false
  enable_nat_gw        = true
  allow_all_ACL        = true
  enable_vpc_flow_logs = true
  domain_name          = "vpc01.example.com"
  enable_dns_support   = true
  enable_dns_hostnames = true
}

Costs

The terraform module will create a NAT Gateway for each AZs (by default = 3), you can reduce costs by reducing the number of AZs. Also terraform will configure VPC Flow Logs by default to be able to trace all the network traffic within the VPC, this will generate some costs in AWS CloudWatch Logs. Two Route53 will be created, one public and another private attached to the VPC.

Authors

Originally created and maintained by Koe

License

MIT License. See LICENSE for full details.

About

Terraform AWS VPC module

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases 1

v0.4.1 Latest
May 3, 2018

Packages

No packages published

Languages