Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ishuar/terraform-aws-vpc

Practical and easy to follow Terraform module for AWS VPC
https://github.com/ishuar/terraform-aws-vpc

aws aws-terraform-module aws-vpc iac iac-terraform terraform terraform-module terraform-modules

Last synced: 13 days ago
JSON representation

Practical and easy to follow Terraform module for AWS VPC

Awesome Lists containing this project

README

        

[![License][license-shield]][license-url] [![Contributors][contributors-shield]][contributors-url] [![Issues][issues-shield]][issues-url] [![Forks][forks-shield]][forks-url] [![Stargazers][stars-shield]][stars-url]



AWS VPC Terraform Module



🌩ī¸ Terraform Module For Simplifying AWS VPC Creation 🌩ī¸


Report Bug or Request Feature





## Background Knowledge or External Documentation

- [What is Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html)
- [Subnets for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html)

### Pre-requisites

| Name | Version Used | Help | Required |
|-------------|--------------|------------------------------------------------------------------------------------------------------|----------|
| Terraform | `>= 1.3.0` | [Install Terraform](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli) | Yes |
| AWS Account | `N/A` | [Create AWS account](https://aws.amazon.com/account/) | yes |

**⭐ī¸ Don't forget to give the project a star! Thanks again! ⭐ī¸**

## Introduction

🚀 This module is your ticket to effortlessly create a Virtual Private Cloud (VPC). Whether you're a seasoned cloud architect or just getting started, this module streamlines the process, giving you more time to focus on what truly matters. 🚀

## Available Features

- AWS VPC Creation.
- AWS VPC Multiple Public and Private Subnets Creation.
- Optional Bootstrap routing
- Optional internet Gateway creation with a default route in public subnets.

## Usage

```hcl
## simple vpc

module "simple_vpc" {

source = "ishuar/vpc/aws"
version = "~> 2.0"

prefix = "simple"
env = "dev"
region = "eu-central-1"
cidr_block = "10.1.0.0/16"

## Subnets
public_subnets = [
{
name = "subnet01"
cidr_block = "10.1.1.0/24"
availability_zone = "eu-central-1a"
},
# {
# name = "subnet02"
# cidr_block = "10.1.3.0/24"
# availability_zone = "eu-central-1b"
# }
]

private_subnets = [
{
name = "subnet01"
cidr_block = "10.1.2.0/24"
availability_zone = "eu-central-1a"
},
# {
# name = "subnet02"
# cidr_block = "10.1.4.0/24"
# availability_zone = "eu-central-1b"
# }
]
}

```

## Examples

Examples are availabe in `examples` directory.

- [simple](/example/simple)
- [bootstrap-routing](/example/bootstrap-routing)

## Submodule

## Requirements

| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3 |
| [aws](#requirement\_aws) | ~>5.14 |

## Providers

| Name | Version |
|------|---------|
| [aws](#provider\_aws) | ~>5.14 |

## Modules

No modules.

## Resources

| Name | Type |
|------|------|
| [aws_ec2_instance_connect_endpoint.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_instance_connect_endpoint) | resource |
| [aws_internet_gateway.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource |
| [aws_route.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.public_subnet_default_to_igw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route_table.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table) | resource |
| [aws_route_table.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table) | resource |
| [aws_route_table_association.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
| [aws_route_table_association.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource |
| [aws_subnet.private_subnet](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
| [aws_subnet.public_subnet](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
| [aws_vpc.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc) | resource |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [cidr\_block](#input\_cidr\_block) | (optional) describe your variable | `string` | n/a | yes |
| [assign\_generated\_ipv6\_cidr\_block](#input\_assign\_generated\_ipv6\_cidr\_block) | (Optional) Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6\_ipam\_pool\_id | `bool` | `null` | no |
| [create\_private\_route\_table](#input\_create\_private\_route\_table) | (optional) Whether to create the initial/bootstrap private route tables and routes or not? | `bool` | `false` | no |
| [enable\_dns\_hostnames](#input\_enable\_dns\_hostnames) | (Optional) A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false. | `bool` | `null` | no |
| [enable\_dns\_support](#input\_enable\_dns\_support) | (Optional) A boolean flag to enable/disable DNS support in the VPC. Defaults to true. | `bool` | `null` | no |
| [enable\_instance\_connect\_endpoint](#input\_enable\_instance\_connect\_endpoint) | (optional) Whether to enable instance connect endpoint or not? | `bool` | `false` | no |
| [env](#input\_env) | (Optional) Env name to use in resource naming. | `string` | `"dev"` | no |
| [instance\_connect\_endpoint\_tags](#input\_instance\_connect\_endpoint\_tags) | (Optional) Map of tags to assign to this ec2 instance connect endpoint resource | `map(string)` | `{}` | no |
| [instance\_tenancy](#input\_instance\_tenancy) | (Optional) A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee. | `string` | `null` | no |
| [ipv4\_ipam\_pool\_id](#input\_ipv4\_ipam\_pool\_id) | (Optional) The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization. | `string` | `null` | no |
| [ipv4\_netmask\_length](#input\_ipv4\_netmask\_length) | (Optional) The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4\_ipam\_pool\_id. | `string` | `null` | no |
| [ipv6\_cidr\_block](#input\_ipv6\_cidr\_block) | (Optional) IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6\_netmask\_length. | `string` | `null` | no |
| [ipv6\_cidr\_block\_network\_border\_group](#input\_ipv6\_cidr\_block\_network\_border\_group) | (Optional) By default when an IPv6 CIDR is assigned to a VPC a default ipv6\_cidr\_block\_network\_border\_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones. | `string` | `null` | no |
| [ipv6\_ipam\_pool\_id](#input\_ipv6\_ipam\_pool\_id) | (Optional) IPAM Pool ID for a IPv6 pool. Conflicts with assign\_generated\_ipv6\_cidr\_block. | `string` | `null` | no |
| [ipv6\_netmask\_length](#input\_ipv6\_netmask\_length) | (Optional) Netmask length to request from IPAM Pool. Conflicts with ipv6\_cidr\_block. This can be omitted if IPAM pool as a allocation\_default\_netmask\_length set. Valid values: 56. | `string` | `null` | no |
| [prefix](#input\_prefix) | (Optional) Prefix to use in resource naming. | `string` | `""` | no |
| [preserve\_client\_ip](#input\_preserve\_client\_ip) | (Optional) Indicates whether your client's IP address is preserved as the source. | `string` | `true` | no |
| [private\_subnet\_routes](#input\_private\_subnet\_routes) | (optional) Private route rules block.
"One of the destination\_cidr\_block or destination\_prefix\_list\_id argument must be supplied:"
One of the following target arguments must be supplied:
- carrier\_gateway\_id - Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.
- egress\_only\_gateway\_id - Identifier of a VPC Egress Only Internet Gateway.
- nat\_gateway\_id - Identifier of a VPC NAT gateway.
- network\_interface\_id - Identifier of an EC2 network interface.
- transit\_gateway\_id - Identifier of an EC2 Transit Gateway.
- vpc\_endpoint\_id - Identifier of a VPC Endpoint.
- vpc\_peering\_connection\_id - Identifier of a VPC peering connection. |

map(object({
destination_cidr_block = optional(string, null)
destination_prefix_list_id = optional(string, null)
transit_gateway_id = optional(string, null)
nat_gateway_id = optional(string, null)
vpc_endpoint_id = optional(string, null)
carrier_gateway_id = optional(string, null)
egress_only_gateway_id = optional(string, null)
network_interface_id = optional(string, null)
vpc_peering_connection_id = optional(string, null)
}))
| `{}` | no |
| [private\_subnets](#input\_private\_subnets) | (optional) Private Subnets created within the VPC |
list(object({
name = optional(string)
cidr_block = optional(string)
availability_zone_id = optional(string)
availability_zone = optional(string)
enable_dns64 = optional(bool, null)
enable_resource_name_dns_aaaa_record_on_launch = optional(bool, null)
enable_resource_name_dns_a_record_on_launch = optional(bool, null)
ipv6_cidr_block = optional(string, null)
private_dns_hostname_type_on_launch = optional(string, null)
private_subnet_tags = optional(map(string), {})
}))
| `[]` | no |
| [public\_subnet\_routes](#input\_public\_subnet\_routes) | (optional) Public route rules block.
"One of the destination\_cidr\_block or destination\_prefix\_list\_id argument must be supplied:"
One of the following target arguments must be supplied:
- carrier\_gateway\_id - Identifier of a carrier gateway. This attribute can only be used when the VPC contains a subnet which is associated with a Wavelength Zone.
- network\_interface\_id - Identifier of an EC2 network interface.
- transit\_gateway\_id - Identifier of an EC2 Transit Gateway.
- vpc\_endpoint\_id - Identifier of a VPC Endpoint.
- vpc\_peering\_connection\_id - Identifier of a VPC peering connection. |
map(object({
destination_cidr_block = optional(string, null)
destination_prefix_list_id = optional(string, null)
transit_gateway_id = optional(string, null)
vpc_endpoint_id = optional(string, null)
carrier_gateway_id = optional(string, null)
network_interface_id = optional(string, null)
vpc_peering_connection_id = optional(string, null)
}))
| `{}` | no |
| [public\_subnets](#input\_public\_subnets) | (optional) Public Subnets created within the VPC |
list(object({
name = optional(string)
cidr_block = optional(string)
availability_zone_id = optional(string)
availability_zone = optional(string)
map_public_ip_on_launch = optional(bool, true)
assign_ipv6_address_on_creation = optional(bool, null)
enable_dns64 = optional(bool, null)
enable_resource_name_dns_aaaa_record_on_launch = optional(bool, null)
enable_resource_name_dns_a_record_on_launch = optional(bool, null)
ipv6_cidr_block = optional(string, null)
private_dns_hostname_type_on_launch = optional(string, null)
public_subnet_tags = optional(map(string), {})
}))
| `[]` | no |
| [region](#input\_region) | (Optional) Region to use in resource naming. | `string` | `"eu-central-1"` | no |
| [security\_group\_ids](#input\_security\_group\_ids) | (Optional) One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for the VPC will be associated with the endpoint. | `list(string)` | `null` | no |
| [tags](#input\_tags) | (Optional) A map of tags to assign to the resource. If configured with a provider default\_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(string)` | `{}` | no |
| [use\_created\_igw\_for\_public\_routing](#input\_use\_created\_igw\_for\_public\_routing) | (optional) Whether to use IGW created within the module for public route to internet or not? | `bool` | `true` | no |

## Outputs

| Name | Description |
|------|-------------|
| [igw\_id](#output\_igw\_id) | Internet gateway Id. |
| [private\_route\_table\_id](#output\_private\_route\_table\_id) | Private route table Id. |
| [private\_subnet\_cidr\_blocks](#output\_private\_subnet\_cidr\_blocks) | Key value object for private subnet CIDR blocks. |
| [private\_subnet\_ids](#output\_private\_subnet\_ids) | Key value object for private subnet IDs. |
| [public\_route\_table\_id](#output\_public\_route\_table\_id) | Public route table Id. |
| [public\_subnet\_cidr\_blocks](#output\_public\_subnet\_cidr\_blocks) | Key value object for public subnet CIDR blocks. |
| [public\_subnet\_ids](#output\_public\_subnet\_ids) | Key value object for public subnet IDs. |
| [vpc\_cidr\_block](#output\_vpc\_cidr\_block) | The VPC CIDR block. |
| [vpc\_id](#output\_vpc\_id) | The ID of the VPC. |

## Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**.

If you have any suggestion that would make this project better, feel free to fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement" with your suggestion.

**⭐ī¸ Don't forget to give the project a star! Thanks again! ⭐ī¸**

See [`CONTRIBUTING`](/CONTRIBUTING.md) for more information.

## License

Released under [MIT](/LICENSE) by [@ishuar](https://github.com/ishuar).

## Contact

- đŸ‘¯ [LinkedIn](https://linkedin.com/in/ishuar)

Back To Top âŦ†ī¸

[contributors-url]: https://github.com/ishuar/terraform-aws-vpc/graphs/contributors
[contributors-shield]: https://img.shields.io/github/contributors/ishuar/terraform-aws-vpc?style=for-the-badge

[forks-url]: https://github.com/ishuar/terraform-aws-vpc/network/members
[forks-shield]: https://img.shields.io/github/forks/ishuar/terraform-aws-vpc?style=for-the-badge

[stars-url]: https://github.com/ishuar/terraform-aws-vpc/stargazers
[stars-shield]: https://img.shields.io/github/stars/ishuar/terraform-aws-vpc?style=for-the-badge

[issues-url]: https://github.com/ishuar/terraform-aws-vpc/issues
[issues-shield]: https://img.shields.io/github/issues/ishuar/terraform-aws-vpc?style=for-the-badge

[license-url]: https://github.com/ishuar/terraform-aws-vpc/blob/main/LICENSE
[license-shield]: https://img.shields.io/github/license/ishuar/terraform-aws-vpc?style=for-the-badge