This module creates one VPC, by default it creates public and private subnets in all the availability zones for the selected region.
- Terraform 0.12: Pin module to
~> 2+, submit pull request to branchdevelop - Terraform 0.11: Pin module to
~> 1.x, submit pull request to branchterraform011
See the examples for executable examples.
module "vpc" {
source = "github.com/philips-software/terraform-aws-vpc.git?ref=2.2.0"
environment = "my-awsome-project"
aws_region = "eu-west-1"
// optional, defaults
project = "Forest"
create_private_hosted_zone = "false" // default = true
create_private_subnets = "false" // default = true
// example to override default availability_zones
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
// add aditional tags
tags = {
my-tag = "my-new-tag"
}
}
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| availability_zones | List to specify the availability zones for which subnes will be created. By default all availability zones will be used. | list | <list> |
no |
| aws_region | The Amazon region | string | n/a | yes |
| cidr_block | The CIDR block used for the VPC. | string | "10.0.0.0/16" |
no |
| create_private_hosted_zone | Indicate to create a private hosted zone. | bool | "true" |
no |
| create_private_subnets | Indicates to create private subnets. | bool | "true" |
no |
| create_s3_vpc_endpoint | Whether to create a VPC Endpoint for S3, so the S3 buckets can be used from within the VPC without using the NAT gateway. | bool | "true" |
no |
| enable_create_defaults | Add tags to the default resources. | bool | "false" |
no |
| environment | Environment name, will be added for resource tagging. | string | n/a | yes |
| private_subnet_tags | Map of tags to apply on the private subnets | map(string) | <map> |
no |
| project | Project name, will be added for resource tagging. | string | "" |
no |
| public_subnet_map_public_ip_on_launch | Enable public ip creaton by default on EC2 instance launch. | bool | "false" |
no |
| public_subnet_tags | Map of tags to apply on the public subnets | map(string) | <map> |
no |
| tags | Map of tags to apply on the resources | map(string) | <map> |
no |
| Name | Description |
|---|---|
| availability_zones | List of the availability zones. |
| nat_gateway_public_ip | Public IP address of the NAT gateway. |
| private_dns_zone_id | ID of the the private DNS zone, optional. |
| private_domain_name | Private domain name, optional. |
| private_subnets | List of the private subnets. |
| private_subnets_route_table | |
| public_subnets | List of the public subnets. |
| public_subnets_route_table | |
| vpc_cidr | VPC CDIR. |
| vpc_id | ID of the VPC. |
Amazon EKS (Elastic Kubernetes Service) requires that both VPCs and Subnets (public and private) are tagged specifically with certain values according to the [aws-eks-docs].
Therefore, if the VPC created using this module is targeted for EKS, tag it with
tags = {
"kubernetes.io/cluster/<cluster-name>" = "my-new-tag"
}As stated above, tagging the subnets is also mandatory for EKS Clusters. The tags for public and private subnets are as follows, respectively:
public_subnet_tags = {
"kubernetes.io/cluster/<cluster_name>" = "shared"
"kubernetes.io/role/elb" = "1"
} private_subnet_tags = {
"kubernetes.io/cluster/<cluster_name>" = "shared"
"kubernetes.io/role/internal-elb" = "1"
}Currently the automated checks are limited. In CI the following checks are done for the root and each example.
- lint:
terraform validateandterraform fmt - basic init / get check:
terraform init -get -backend=false -input=false
A markdown table for variables can be generated as follow. Generation requires awk and terraform-docs installed.
.ci/bin/terraform-docs.sh markdown .
This module is part of the Philips Forest.
___ _
/ __\__ _ __ ___ ___| |_
/ _\/ _ \| '__/ _ \/ __| __|
/ / | (_) | | | __/\__ \ |_
\/ \___/|_| \___||___/\__|
Infrastructure
Talk to the forestkeepers in the forest-channel on Slack.
