Skip to content

lean-delivery/terraform-module-aws-core

Repository files navigation

AWS Core module

License Build Status

Description

Terraform module to setup AWS VPC with required parameters. Based on Hashicorp's VPC module.

These types of resources are supported:

Usage

module "core" {
  source = "github.com/lean-delivery/tf-module-awscore"

  project            = "Project"
  environment        = "dev"
  availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
  vpc_cidr           = "10.0.0.0/16"
  private_subnets    = ["10.11.0.0/24", "10.11.1.0/24", "10.11.2.0/24"]
  public_subnets     = ["10.11.3.0/24", "10.11.4.0/24", "10.11.5.0/24"]

  enable_nat_gateway = "true"
}

Conditional creation

Sometimes you need to have a way to create VPC resources conditionally but Terraform does not allow to use count inside module block, so the solution is to specify argument create_vpc.

# This VPC will not be created
module "core" {
  source = "github.com/lean-delivery/tf-module-awscore"

  create_vpc = false
  # ... omitted
}

Examples

Inputs

Name Description Type Default Required
availability_zones A list of availability zones in the region list <list> no
create_route53_zone Switch to create Route53 zone string "false" no
create_vpc Controls if VPC should be created (it affects almost all resources) bool "true" no
enable_dns_hostnames Should be true to enable DNS hostnames in the VPC string "false" no
enable_dns_support Should be true to enable DNS support in the VPC string "true" no
enable_nat_gateway Should be true if you want to provision NAT Gateways for each of your private networks string "false" no
amazon_side_asn The Autonomous System Number (ASN) for the Amazon side of the gateway. By default the virtual private gateway is created with the current default Amazon ASN string "64512" no
enable_vpn_gateway Should be true if you want to create a new VPN Gateway resource and attach it to the VPC string "false" no
environment Environment name is used to identify resources string "env" no
instance_type The type of instance to start string "t3.nano" no
map_public_ip_on_launch Should be false if you do not want to auto-assign public IP on launch string "true" no
nat_as_ec2_instance Setup NAT as EC2 instance instead of service string "false" no
private_subnets A list of private subnets inside the VPC list <list> no
project Project name is used to identify resources string "project" no
public_subnets A list of public subnets inside the VPC list <list> no
root_domain Name of Route53 zone (if 'create_route53_zone' = True) string "" no
single_nat_gateway Should be true if you want to provision a single shared NAT Gateway across all of your private networks string "false" no
tags Additional tags for resources map <map> no
vpc_cidr The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden string "0.0.0.0/16" no

Outputs

Name Description
database_route_table_ids List of IDs of database route tables
database_subnet_group ID of database subnet group
database_subnets List of IDs of database subnets
database_subnets_cidr_blocks List of cidr_blocks of database subnets
default_network_acl_id The ID of the default network ACL
default_route_table_id The ID of the default route table
default_security_group_id The ID of the security group created by default on VPC creation
default_vpc_cidr_block The CIDR block of the VPC
default_vpc_default_network_acl_id The ID of the default network ACL
default_vpc_default_route_table_id The ID of the default route table
default_vpc_default_security_group_id The ID of the security group created by default on VPC creation
default_vpc_enable_dns_hostnames Whether or not the VPC has DNS hostname support
default_vpc_enable_dns_support Whether or not the VPC has DNS support
default_vpc_id The ID of the VPC
default_vpc_instance_tenancy Tenancy of instances spin up within VPC
default_vpc_main_route_table_id The ID of the main route table associated with this VPC
ec2_nat_ami EC2 AMI used for NAT instances
elasticache_route_table_ids List of IDs of elasticache route tables
elasticache_subnet_group ID of elasticache subnet group
elasticache_subnet_group_name Name of elasticache subnet group
elasticache_subnets List of IDs of elasticache subnets
elasticache_subnets_cidr_blocks List of cidr_blocks of elasticache subnets
environment Evnironment name
igw_id The ID of the Internet Gateway
intra_route_table_ids List of IDs of intra route tables
intra_subnets List of IDs of intra subnets
intra_subnets_cidr_blocks List of cidr_blocks of intra subnets
nat_ec2_ids List of NAT instance IDs
nat_ids List of allocation ID of Elastic IPs created for AWS NAT Gateway
nat_public_ips List of public Elastic IPs created for AWS NAT Gateway
natgw_ids List of NAT Gateway IDs
private_route_table_ids List of IDs of private route tables
private_subnets List of IDs of private subnets
private_subnets_cidr_blocks List of cidr_blocks of private subnets
project Project name
public_route_table_ids List of IDs of public route tables
public_subnets List of IDs of public subnets
public_subnets_cidr_blocks List of cidr_blocks of public subnets
redshift_route_table_ids List of IDs of redshift route tables
redshift_subnet_group ID of redshift subnet group
redshift_subnets List of IDs of redshift subnets
redshift_subnets_cidr_blocks List of cidr_blocks of redshift subnets
route53_zone_id The ID of created Route53 zone.
vgw_id The ID of the VPN Gateway
vpc_cidr_block The CIDR block of the VPC
vpc_enable_dns_hostnames Whether or not the VPC has DNS hostname support
vpc_enable_dns_support Whether or not the VPC has DNS support
vpc_endpoint_dynamodb_id The ID of VPC endpoint for DynamoDB
vpc_endpoint_dynamodb_pl_id The prefix list for the DynamoDB VPC endpoint.
vpc_endpoint_s3_id The ID of VPC endpoint for S3
vpc_endpoint_s3_pl_id The prefix list for the S3 VPC endpoint.
vpc_id The ID of the VPC
vpc_instance_tenancy Tenancy of instances spin up within VPC
vpc_main_route_table_id The ID of the main route table associated with this VPC
vpc_secondary_cidr_blocks List of secondary CIDR blocks of the VPC

Terraform versions

Terraform version 0.11.11 or newer is required for this module to work.

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance.

License

Apache2.0 Licensed. See LICENSE for full details.

Authors

Lean Delivery Team [email protected]