{"id":20329828,"url":"https://github.com/f5devcentral/terraform-xc-aws-vpc-site","last_synced_at":"2026-02-04T07:31:12.768Z","repository":{"id":205386015,"uuid":"714085446","full_name":"f5devcentral/terraform-xc-aws-vpc-site","owner":"f5devcentral","description":"Terraform module which creates AWS VPC Site for F5 Distributed Cloud (XC)","archived":false,"fork":false,"pushed_at":"2025-08-22T15:40:43.000Z","size":45,"stargazers_count":1,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-22T17:53:02.586Z","etag":null,"topics":["aws-vpc-site","f5-aws","f5-distributed-cloud","f5-xc","f5-xc-cloud","terraform"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/f5devcentral/aws-vpc-site/xc/latest","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/f5devcentral.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-11-03T22:09:34.000Z","updated_at":"2025-08-22T15:40:47.000Z","dependencies_parsed_at":null,"dependency_job_id":"233f91e8-6f88-428d-b901-2b7217a16171","html_url":"https://github.com/f5devcentral/terraform-xc-aws-vpc-site","commit_stats":null,"previous_names":["f5devcentral/terraform-xc-aws-vpc-site"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/f5devcentral/terraform-xc-aws-vpc-site","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f5devcentral%2Fterraform-xc-aws-vpc-site","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f5devcentral%2Fterraform-xc-aws-vpc-site/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f5devcentral%2Fterraform-xc-aws-vpc-site/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f5devcentral%2Fterraform-xc-aws-vpc-site/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/f5devcentral","download_url":"https://codeload.github.com/f5devcentral/terraform-xc-aws-vpc-site/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f5devcentral%2Fterraform-xc-aws-vpc-site/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":276502707,"owners_count":25653732,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-22T02:00:08.972Z","response_time":79,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-vpc-site","f5-aws","f5-distributed-cloud","f5-xc","f5-xc-cloud","terraform"],"created_at":"2024-11-14T20:13:40.347Z","updated_at":"2025-09-23T01:30:58.311Z","avatar_url":"https://github.com/f5devcentral.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS VPC Site for F5 Distributed Cloud (XC) Terraform Module\r\n\r\n[![Terraform Registry](https://img.shields.io/badge/terraform-registry-blue.svg)](https://registry.terraform.io/modules/f5devcentral/aws-vpc-site/xc/latest)\r\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\r\n\r\nThis Terraform module provisions an AWS VPC Site in F5 Distributed Cloud (XC). The module supports multiple AWS VPC Site types, including:\r\n\r\n- **Ingress Gateway** - Single interface for inbound traffic\r\n- **Ingress/Egress Gateway** - Dual interface for inbound and outbound traffic \r\n- **App Stack (Voltstack Cluster)** - Kubernetes-enabled cluster for running applications\r\n\r\nIt simplifies the AWS VPC Site creation process by populating default parameters, managing SSH keys, and parsing the Site Apply output.\r\n\r\n\u003e **Note**: This module is developed and maintained by the [F5 DevCentral](https://github.com/f5devcentral) community. You can use this module as an example for your own development projects.\r\n\r\n## Requirements\r\n\r\n| Name | Version |\r\n| -------------------------------------------------------------------------------------------------------------------- | ---------- |\r\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](https://www.terraform.io/) | \u003e= 1.0 |\r\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](https://registry.terraform.io/providers/hashicorp/aws/latest) | \u003e= 4.65.0 |\r\n| \u003ca name=\"requirement_volterra\"\u003e\u003c/a\u003e [volterra](https://registry.terraform.io/providers/volterraedge/volterra/latest) | \u003e= 0.11.26 |\r\n| \u003ca name=\"requirement_tls\"\u003e\u003c/a\u003e [tls](https://registry.terraform.io/providers/hashicorp/tls/latest) | \u003e= 4.0 |\r\n| \u003ca name=\"requirement_time\"\u003e\u003c/a\u003e [time](https://registry.terraform.io/providers/hashicorp/time/latest) | \u003e= 0.9 |\r\n\r\n### Prerequisites\r\n\r\n- **F5 Distributed Cloud Account**: Active F5 XC account with API credentials\r\n- **AWS Account**: AWS account with appropriate permissions\r\n- **AWS Credentials**: Configured AWS CLI or environment variables\r\n- **F5 XC API Certificate**: P12 certificate file for API authentication\r\n\r\n## Usage\r\n\r\nHere are examples of how to use the module for different site types:\r\n\r\n### Ingress Gateway Site\r\n\r\n```hcl\r\nmodule \"aws_vpc_site_ingress\" {\r\n source = \"f5devcentral/aws-vpc-site/xc\"\r\n version = \"0.0.12\"\r\n\r\n site_name = \"aws-ingress-gw-site\"\r\n aws_region = \"us-west-2\"\r\n site_type = \"ingress_gw\"\r\n master_nodes_az_names = [\"us-west-2a\"]\r\n vpc_cidr = \"172.10.0.0/16\"\r\n local_subnets = [\"172.10.1.0/24\"]\r\n aws_cloud_credentials_name = \"your_aws_cloud_creds\"\r\n}\r\n```\r\n\r\n### Ingress/Egress Gateway Site\r\n\r\n```hcl\r\nmodule \"aws_vpc_site_ingress_egress\" {\r\n source = \"f5devcentral/aws-vpc-site/xc\"\r\n version = \"0.0.12\"\r\n\r\n site_name = \"aws-ingress-egress-gw-site\"\r\n aws_region = \"us-west-2\"\r\n site_type = \"ingress_egress_gw\"\r\n master_nodes_az_names = [\"us-west-2a\", \"us-west-2b\", \"us-west-2c\"]\r\n vpc_cidr = \"172.10.0.0/16\"\r\n local_subnets = [\"172.10.1.0/24\", \"172.10.2.0/24\", \"172.10.3.0/24\"]\r\n inside_subnets = [\"172.10.11.0/24\", \"172.10.12.0/24\", \"172.10.13.0/24\"]\r\n outside_subnets = [\"172.10.21.0/24\", \"172.10.22.0/24\", \"172.10.23.0/24\"]\r\n workload_subnets = [\"172.10.31.0/24\", \"172.10.32.0/24\", \"172.10.33.0/24\"]\r\n \r\n aws_cloud_credentials_name = \"your_aws_cloud_creds\"\r\n}\r\n```\r\n\r\n### App Stack (Kubernetes) Site\r\n\r\n```hcl\r\nmodule \"aws_vpc_site_app_stack\" {\r\n source = \"f5devcentral/aws-vpc-site/xc\"\r\n version = \"0.0.12\"\r\n\r\n site_name = \"aws-app-stack-site\"\r\n aws_region = \"us-west-2\"\r\n site_type = \"app_stack\"\r\n master_nodes_az_names = [\"us-west-2a\"]\r\n vpc_cidr = \"172.10.0.0/16\"\r\n local_subnets = [\"172.10.1.0/24\"]\r\n \r\n # Kubernetes configuration\r\n k8s_cluster = {\r\n name = \"my-k8s-cluster\"\r\n }\r\n default_storage = true\r\n \r\n aws_cloud_credentials_name = \"your_aws_cloud_creds\"\r\n}\r\n```\r\n\r\nYou can find additional usage examples in the \"examples\" folder of this module:\r\n\r\n- [examples/aws-vpc-site-ingress-gw](examples/aws-vpc-site-ingress-gw) - Ingress Gateway with single AZ\r\n- [examples/aws-vpc-site-ingress-gw-existing-vpc](examples/aws-vpc-site-ingress-gw-existing-vpc) - Ingress Gateway with existing VPC\r\n- [examples/aws-vpc-site-ingress-egress-gw-single-az](examples/aws-vpc-site-ingress-egress-gw-single-az) - Ingress/Egress Gateway with single AZ\r\n- [examples/aws-vpc-site-ingress-egress-gw-multi-az](examples/aws-vpc-site-ingress-egress-gw-multi-az) - Ingress/Egress Gateway with multiple AZs\r\n- [examples/aws-vpc-site-app-stack](examples/aws-vpc-site-app-stack) - App Stack (Kubernetes) site\r\n\r\n## Inputs\r\n\r\n| Name | Description | Type | Default | Required |\r\n| -------------------------- | ----------------------------------------------------------------------------------------------------------- | --------------- | -------------- | :------: |\r\n| site_name | The name of the AWS VPC Site that will be configured | `string` | `\"\"` | yes |\r\n| site_type | Site type: `ingress_gw`, `ingress_egress_gw`, or `app_stack` | `string` | `\"ingress_gw\"` | no |\r\n| aws_region | Name for AWS Region | `string` | `\"\"` | yes |\r\n| master_nodes_az_names | Availability Zone Names for Master Nodes | `list(string)` | `[]` | yes |\r\n| aws_cloud_credentials_name | AWS Cloud Credentials Name | `string` | `null` | yes |\r\n| vpc_cidr | The Primary IPv4 block cannot be modified. All subnets prefixes in this VPC must be part of this CIDR block | `string` | `null` | no |\r\n| create_aws_vpc | Create AWS VPC | `bool` | `true` | no |\r\n| instance_type | Select Instance size based on performance needed | `string` | `\"t3.xlarge\"` | no |\r\n| nodes_disk_size | Disk size to be used for nodes in GiB. 80 is 80 GiB | `number` | `80` | no |\r\n| site_description | The description for the AWS VPC Site that will be configured | `string` | `null` | no |\r\n| site_namespace | The namespace where AWS VPC Site that will be configured | `string` | `\"system\"` | no |\r\n| enable_internet_vip | VIPs can be advertised to the internet directly on this Site | `bool` | `false` | no |\r\n| k8s_cluster | Kubernetes cluster configuration (app_stack only) | `object({...})` | `null` | no |\r\n| default_storage | Use default storage class (app_stack only) | `bool` | `true` | no |\r\n\r\n\u003e **Note**: This table shows the most commonly used inputs. See [variables.tf](variables.tf) for the complete list of all available variables.\r\n\r\n## Outputs\r\n\r\n| Name | Description |\r\n| ----------------------- | ---------------------------------------------------- |\r\n| name | Site name |\r\n| id | Site ID |\r\n| vpc_id | AWS VPC ID |\r\n| local_subnet_ids | List of local subnet IDs |\r\n| inside_subnet_ids | List of inside subnet IDs (ingress_egress_gw only) |\r\n| outside_subnet_ids | List of outside subnet IDs (ingress_egress_gw only) |\r\n| workload_subnet_ids | List of workload subnet IDs (ingress_egress_gw only) |\r\n| ssh_private_key_openssh | Generated SSH private key |\r\n| ssh_public_key | Generated SSH public key |\r\n| apply_tf_output_map | Parsed Terraform apply output |\r\n\r\n\u003e **Note**: See [outputs.tf](outputs.tf) for the complete list of outputs.\r\n\r\n## Troubleshooting\r\n\r\n### Common Issues\r\n\r\n**Site creation times out**\r\n- F5 XC site creation can take 15-30 minutes\r\n- Increase `apply_action_wait_for_action` if needed\r\n- Check F5 XC console for site status\r\n\r\n**SSH connectivity issues**\r\n- Use the generated SSH key from module outputs\r\n- Ensure security group allows SSH (port 22)\r\n- Check AWS instance status and networking\r\n\r\n**Kubernetes not available (App Stack)**\r\n- Verify `k8s_cluster` configuration is provided\r\n- Check site status in F5 XC console\r\n- Ensure sufficient resources for K8s workloads\r\n\r\n**VPC/Subnet conflicts**\r\n- Check CIDR blocks don't overlap with existing networks\r\n- Verify subnet sizes are adequate for the number of nodes\r\n- Review AWS VPC quotas and limits\r\n\r\n### Getting Help\r\n\r\n- Check the [F5 Distributed Cloud documentation](https://docs.cloud.f5.com/)\r\n- Review the [examples](examples/) directory\r\n- Open an issue in this repository for bugs or feature requests\r\n\r\n## Contributing\r\n\r\nWe welcome contributions to this module! Here's how you can help:\r\n\r\n### Development Setup\r\n\r\n1. **Clone the repository**\r\n ```bash\r\n git clone https://github.com/f5devcentral/terraform-xc-aws-vpc-site.git\r\n cd terraform-xc-aws-vpc-site\r\n ```\r\n\r\n2. **Install dependencies**\r\n - [Terraform](https://terraform.io/downloads) \u003e= 1.0\r\n - [TFLint](https://github.com/terraform-linters/tflint) (optional)\r\n - AWS CLI configured with appropriate credentials\r\n - F5 XC API credentials\r\n\r\n3. **Run tests**\r\n ```bash\r\n terraform fmt -recursive -check\r\n terraform validate\r\n # Run example configurations\r\n ```\r\n\r\n### Contribution Guidelines\r\n\r\n- Follow [Terraform best practices](https://www.terraform.io/docs/cloud/guides/recommended-practices/index.html)\r\n- Add examples for new features\r\n- Update documentation for any changes\r\n- Test changes with real F5 XC/AWS resources when possible\r\n- Follow conventional commit messages\r\n\r\n### Adding New Features\r\n\r\n1. Update `variables.tf` with new input variables\r\n2. Implement the feature in `main.tf`\r\n3. Update `outputs.tf` if applicable\r\n4. Add or update examples in `examples/`\r\n5. Update this README with documentation\r\n6. Test the implementation\r\n\r\n## License\r\n\r\n\r\nThis module is licensed under the Apache 2.0 License.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ff5devcentral%2Fterraform-xc-aws-vpc-site","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ff5devcentral%2Fterraform-xc-aws-vpc-site","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ff5devcentral%2Fterraform-xc-aws-vpc-site/lists"}