openvpn
DNXLabs/openvpn/aws
This module setup an OpenVPN installation and requires an existing VPC.
Install
README
terraform-aws-openvpn   This module setup an OpenVPN installation and requires an existing VPC. The following resources will be created: - Elastic Container Service(ECS) - Network Load Balance - Tasks Definition - ECS Service - IAM roles for the ECS Tasks - Cloudwatch log group for the ECS - S3 Bucket to save the ECS Openvpn logs - Security group for the openvpn access - SSM Parameter resources (Domain Name, Users, Route Push and Revoke Users). In addition you have the option to: - Enable or disable Multi-Factor Authentication (MFA) Requirements | Name | Version | |------|---------| | terraform | >= 0.13.0 | | aws | >= 4.4.0 | Providers | N
Inputs (41)
| Name | Type | Description | Default |
|---|---|---|---|
| name | string | Name of this ECS cluster. | |
| private_subnet_ids | list(string) | List of private subnet IDs for ECS instances and Internal ALB when enabled. | |
| public_subnet_ids | list(string) | List of public subnet IDs for ECS ALB. | |
| instance_type_2 | string | Instance type for ECS workers (second priority). | |
| vpc_id | string | VPC ID to deploy the ECS cluster. | |
| secure_subnet_ids | list(string) | List of secure subnet IDs for EFS. | |
| instance_type_1 | string | Instance type for ECS workers (first priority). | |
| instance_type_3 | string | Instance type for ECS workers (third priority). | |
| on_demand_base_capacity | number | You can designate a base portion of your total capacity as On-Demand. As the gro | 0 |
| hosted_zone_id | string | Hosted Zone ID to create DNS record for this app (prefer this instead of hosted_ | "" |
| lb_access_logs_bucket | string | Bucket to store logs from lb access. | "" |
| route_push | string | List of routes to push to client, comma-separated (ex: '10.100.0.0 255.255.0.0,1 | "" |
| requester_cidrs | list(string) | List of CIDRs to add to openvpn-access SG so clients can connect to resources | [] |
| kms_key_ebs_arn | string | ARN of a KMS Key to use on EBS volumes | "" |
| instance_volume_size | number | Volume size for docker volume (in GB). | 30 |
| lb_access_logs_prefix | string | Bucket prefix to store lb access logs. | "" |
| mfa | string | Enable or disable MFA for VPN users | "false" |
| kms_key_efs_arn | string | ARN of a KMS Key to use on EFS volumes | "" |
| provisioned_throughput_in_mibps | number | The throughput, measured in MiB/s, that you want to provision for the file syste | 0 |
| alb_ssl_policy | string | The name of the SSL Policy for the listener. Required if protocol is HTTPS or TL | "ELBSecurityPolicy-2016-08" |
| kms_key_s3_arn | string | ARN of a KMS Key to use on S3 buckets | "" |
| s3_bucket_policy | string | Openvpn S3 bucket policy | "" |
| throughput_mode | string | Throughput mode for the file system. Defaults to bursting. Valid values: burstin | "bursting" |
| nlb_security_group_ids | list(string) | Extra security groups for instances. | [] |
| protocol | string | Protocol that will be use by the vpn | "tcp" |
| cw_retention_period | number | Retention period (in days) for Cloud Watch log group. Default to Never Expire. | 0 |
| backup | string | Assing a backup tag to efs resource - Backup will be performed by AWS Backup. | "true" |
| instance_volume_size_root | number | Volume size for root volume (in GB). | 16 |
| … and 1 more inputs | |||
Outputs (2)
ecs_nodes_secgrp_ids3_bucket_openvpnResources (27)
Topics & Tags
Details
Similar packages
Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,