vpc
aws-ia/vpc/aws
Terraform Module
HCL
AWS
✓ Verified
AWS VPC Module
Install
module "vpc" {
source = "aws-ia/vpc/aws"
version = "4.7.3"
}
plain text: /constructs/tfmod-aws-ia-vpc-aws/install.txt
README
AWS VPC Module This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in examples/. Note: For information regarding the 4.0 upgrade see our upgrade guide. Usage The example below builds a dual-stack VPC with public and private subnets in 3 AZs. Each subnet calculates an IPv4 CIDR based on the netmask argument passed, and an IPv6 CIDR with a /64 prefix length. The public subnets build NAT gateways in each AZ but optionally can be switched to single_az. An Egress-only Internet gateway is created by using the variable vpc_egress_only_internet_gateway. ``hcl module "vpc" { source = "aws-ia/vpc/aws" version = ">= 4.2.0" name = "multi-az-vpc" cidr_block = "10.0.0.0/16" vpc_assign_generated_ipv6_cidr_block = true vpc_egress_o
Inputs (29)
| Name | Type | Description | Default |
|---|---|---|---|
| subnets | any | Configuration of subnets to build in VPC. 1 Subnet per AZ is created. Subnet typ | |
| name | string | Name to give VPC. Note: does not effect subnet names, which get assigned name ba | |
| core_network | object({ id = string | AWS Cloud WAN's core network information - to create a VPC attachment. Required | {
"arn": null,
"id": null
} |
| cidr_block | string | IPv4 CIDR range to assign to VPC if creating VPC or to associate as a secondary | null |
| create_vpc | bool | Determines whether to create the VPC or not; defaults to enabling the creation. | true |
| vpc_ipv6_cidr_block | string | IPv6 CIDR range to assign to VPC if creating VPC. You need to use `vpc_ipv6_ipam | null |
| vpc_ipv6_netmask_length | string | Set to use IPAM to get an IPv6 CIDR block using a specified netmask. Must be set | null |
| vpc_egress_only_internet_gateway | bool | Set to use the Egress-only Internet gateway for all IPv6 traffic going to the In | false |
| optimize_subnet_cidr_ranges | bool | Sort subnets to calculate by their netmask to efficiently use IP space. | false |
| vpc_secondary_cidr | bool | If `true` the module will create a `aws_vpc_ipv4_cidr_block_association` and sub | false |
| core_network_routes | any | Configuration of route(s) to AWS Cloud WAN's core network. For each `public` and | {} |
| core_network_ipv6_routes | any | Configuration of IPv6 route(s) to AWS Cloud WAN's core network. For each `public | {} |
| vpc_assign_generated_ipv6_cidr_block | bool | Requests and Amazon-provided IPv6 CIDR block with a /56 prefix length. You canno | null |
| az_count | number | Searches region for # of AZs to use and takes a slice based on count. Assume sli | null |
| vpc_flow_logs | object({ name_override = | Whether or not to create VPC flow logs and which type. Options: "cloudwatch", "s | {
"log_destination_type": "none"
} |
| transit_gateway_id | string | Transit gateway id to attach the VPC to. Required when `transit_gateway` subnet | null |
| transit_gateway_routes | any | Configuration of route(s) to transit gateway. For each `public` and/or `private` | {} |
| vpc_id | string | VPC ID to use if not creating VPC. | null |
| vpc_ipv4_ipam_pool_id | string | Set to use IPAM to get an IPv4 CIDR block. | null |
| vpc_lattice | any | Amazon VPC Lattice Service Network VPC association. You can only associate one S | {} |
| vpc_enable_dns_hostnames | bool | Indicates whether the instances launched in the VPC get DNS hostnames. If enable | true |
| vpc_secondary_cidr_natgw | any | If attaching a secondary IPv4 CIDR instead of creating a VPC, you can map privat | {} |
Outputs (15)
transit_gateway_attachment_id — Transit gateway attachment id.nat_gateway_attributes_by_az — Map of nat gateway resource attributes by AZ.
Example:
```
nat_gateway_attributes_by_az = {
"us-enatgw_id_per_az — Map of nat gateway IDs for each resource. Will be duplicate ids if your var.subnets.public.nat_gatewegress_only_internet_gateway — Egress-only Internet gateway attributes. Full output of aws_egress_only_internet_gateway.flow_log_attributes — Flow Log information.public_subnet_attributes_by_az — Map of all public subnets containing their attributes.
Example:
```
public_subnet_attributes_by_az core_network_subnet_attributes_by_az — Map of all core_network subnets containing their attributes.
Example:
```
core_network_subnet_attrirt_attributes_by_type_by_az — Map of route tables by type => az => route table attributes. Example usage: module.vpc.rt_attributesinternet_gateway — Internet gateway attributes. Full output of aws_internet_gateway.vpc_lattice_service_network_association — VPC Lattice Service Network VPC association. Full output of aws_vpclattice_service_network_vpc_assocazs — List of AZs where subnets are created.core_network_attachment — AWS Cloud WAN's core network attachment. Full output of aws_networkmanager_vpc_attachment.private_subnet_attributes_by_az — Map of all private subnets containing their attributes.
Example:
```
private_subnet_attributes_by_atgw_subnet_attributes_by_az — Map of all tgw subnets containing their attributes.
Example:
```
tgw_subnet_attributes_by_az = {
vpc_attributes — VPC resource attributes. Full output of aws_vpc.Resources (14)
aws_ec2_transit_gateway_vpc_attachmentaws_egress_only_internet_gatewayaws_eipaws_internet_gatewayaws_nat_gatewayaws_networkmanager_attachment_accepteraws_networkmanager_vpc_attachmentaws_routeaws_route_tableaws_route_table_associationaws_subnetaws_vpcaws_vpc_ipv4_cidr_block_associationaws_vpclattice_service_network_vpc_association
Details
FrameworkTerraform Module
LanguageHCL
Version4.7.3
Cloud AWS
★ Stars110
Forks110
Total downloads610.8k
Inputs29
Outputs15
Resources14
Examples6
Submodules4
LicenseApache-2.0
Namespaceaws-ia
Updated