terraform-aws-network module

This module helps you create a Network (VPC), with public, private and db subnets along with VPC Flow logging in s3 bucket. Adds NAT gateway to your subnet and optionally helps you with multi-az NAT gatway.

Requirements

Name	Version
terraform	>=1.20

Providers

Name	Version
aws	n/a

Modules

No modules.

Resources

Name	Type
aws_eip.this	resource
aws_flow_log.vpc	resource
aws_internet_gateway.this	resource
aws_nat_gateway.this	resource
aws_route.igw	resource
aws_route.natgw_route	resource
aws_route_table.db	resource
aws_route_table.private	resource
aws_route_table.public	resource
aws_route_table_association.db	resource
aws_route_table_association.private_rt	resource
aws_route_table_association.pub_rt	resource
aws_s3_bucket.flog_log	resource
aws_s3_bucket_policy.policy	resource
aws_subnet.db_subnet	resource
aws_subnet.private_subnet	resource
aws_subnet.public_subnet	resource
aws_vpc.this	resource
aws_caller_identity.this	data source
aws_iam_policy_document.bucket	data source
aws_partition.current	data source
aws_region.this	data source

Inputs

Name	Description	Type	Default	Required
additional_tags	Tags as Key/Value pair map. These tags are attached all the resources created by module	map(string)	{}	no
auto_assign_public_ips_to_public_subnet_resources	When set to true, resources created in public subnets will be associated with public ip address by default. Default is to true. This can be overriden during the individual resources creation like EC2	bool	true	no
aws_region	Default AWS Region where this module should create resources	string	"us-east-1"	no
azs	Availability Zones as list, default is empty. If not provided, AZs will be autoassigned during subnet creation	list(string)	[]	no
enable_dns_hostnamed	This allows your resources to be accessed via aws allocated internal dns names, default is true	bool	true	no
enable_multiaz_nat_gateway	Weather to create multiple NAT Gateways per AZ for high availability. Default is set to false. Number of NAT Gateways Created are equal to the numebr AZS available or Public subnet, Whichever is less	bool	false	no
enable_vpc_flow_logs	Enables VPC Flow logs. Default is false. You should enable this for audit and compliance	bool	false	no
ipv4_db_subnet_cidrs	List of IPv4 CIDR Block for DB subnets. Default is empty list, No DB subnets will be created	list(string)	[]	no
ipv4_primary_cidr_block	Primary VPC CIDR Block. Example 10.30.0.0/16	string	n/a	yes
ipv4_private_subnet_cidrs	List of IPv4 CIDR Block for Private subnets. Default is empty list, No private subnets will be created	list(string)	[]	no
ipv4_public_subnet_cidrs	List of IPv4 CIDR Block for Public subnets. Default is empty list, No public subnets will be created	list(string)	[]	no
namespace	Namespace used as one of the combination for tags prefix. Usually goes to Name tag	string	"example"	no
stage	Stage used as one of the combination for tags prefix. Usually goes to Name tag and helps identify environment. Default is set to dev	string	"dev"	no
use_nat_gateway	If NAT gateway should be created be Private subnet. Default is set to true	bool	true	no
vpc_flow_logs_default_bucket	VPC flow logs bucket to be used, if enable_vpc_flow_logs is set to true. If not set bucket name will be prefixed by ${local.tag_prefix}-${data.aws_caller_identity.this.account_id}	string	""	no
vpc_flow_logs_traffic_type	The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL	string	"ALL"	no

Outputs

Name	Description
db_subnet	returns the map with list of id and ipv4_cidrs. Example accessing first db subnet id: module.<modulename>.db_subnet.id[0]
private_subnet	returns the map with list of id and ipv4_cidrs. Example accessing first private subnet id: module.<modulename>.private_subnet.id[0]
public_subnet	returns the map with list of id and ipv4_cidrs. Example accessing first public subnet id: module.<modulename>.public_subnet.id[0]
vpc	returns the map with id and primary_vpc_cidr. Example accessing vpc id: module.<modulename>.vpc.id