Skip to content
/ terraform-aws-network-skeleton Public

This repository consists of Terraform module for network resources in AWS VPC.

1 star 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OT-CLOUD-KIT/terraform-aws-network-skeleton

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
assets
assets
 
 
example
example
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

Terraform AWS Network Skeleton

A terraform module which creates network skeleton on AWS with best practices in terms of network security, cost and optimization.

Architecture

Providers

Name Version
aws 5.82.2

Usage

module "network-skeleton" {
  source     = "OT-CLOUD-KIT/network-skeleton/aws"
  version    = "1.0.4"
  name       = "testing"
  cidr_block = "10.10.0.0/16"
  tags = {
    environment = "dev"
  }
  vpc_tags = {
    vpc = "shared"
  }
  public_subnets = ["10.10.0.0/20", "10.10.16.0/20"]
  azs            = ["us-west-2a", "us-west-2b"]
  public_subnets_tags = {
    subnet_type = "public"
  }
  private_subnets = ["10.10.32.0/20", "10.10.48.0/20"]
  private_subnets_tags = {
    subnet_type = "private"
  }
  database_subnets = ["10.10.64.0/20", "10.10.80.0/20"]
  database_subnets_tags = {
    subnet_type = "database"
  }
  additional_private_routes = [
    {
      destination_cidr_block = "20.0.0.0/16"
      gateway_id             = "pxc-00a12c2c206403cfa"
    }
  ]
}

Resources

Name Type
aws_eip.nat resource
aws_flow_log.vpc_flow_log resource
aws_internet_gateway.igw resource
aws_main_route_table_association.default_public_route resource
aws_nat_gateway.nat_gateway resource
aws_route.additional_private_route resource
aws_route.additional_public_route resource
aws_route.default_public_route resource
aws_route.private_route_nat_association resource
aws_route53_zone.vpc_route53 resource
aws_route_table.private_route_table resource
aws_route_table.public_route_table resource
aws_route_table_association.database_route_table_association resource
aws_route_table_association.private_route_table_association resource
aws_route_table_association.public_subnets_association resource
aws_s3_bucket.flow_logs_bucket resource
aws_subnet.database_subnet resource
aws_subnet.private_subnet resource
aws_subnet.public_subnet resource
aws_vpc.vpc resource
aws_caller_identity.current_account data source

Inputs

Name Description Type Default Required
additional_private_routes List of private subnets routes with map 
list(object({
    destination_cidr_block = string
    gateway_id             = string
  }))
 [] no
additional_public_routes List of public subnets routes with map 
map(object({
    destination_cidr_block = string
    gateway_id             = string
  }))
 {} no
azs A list of availability zones names or ids in the region list(string) [] no
cidr_block The IPv4 CIDR block for the VPC. string "10.0.0.0/16" no
database_subnets A list of database subnets inside the VPC list(string) [] no
database_subnets_tags Additional tags for the database subnets map(string) {} no
enable_network_address_usage_metrics Determines whether network address usage metrics are enabled for the VPC bool false no
flow_logs_enabled Whether to enable VPC flow logs or not bool false no
flow_logs_file_format The format for the flow log. Valid values: plain-text, parquet string "parquet" no
flow_logs_traffic_type The type of traffic to capture. Valid values: ACCEPT,REJECT, ALL string "ALL" no
instance_tenancy A tenancy option for instances launched into the VPC string "default" no
name Name to be used on all the resources as identifier string n/a yes
private_subnets A list of private subnets inside the VPC list(string) [] no
private_subnets_tags Additional tags for the private subnets map(string) {} no
public_subnets A list of public subnets inside the VPC list(string) [] no
public_subnets_tags Additional tags for the public subnets map(string) {} no
route53_zone Name of the private route53 hosted zone string "non-prod.internal" no
tags A map of tags to add to all resources map(string) {} no
vpc_tags Additional tags for the VPC map(string) {} no

Outputs

Name Description
additional_private_routes List of additional private routes
database_subnets List of IDs of database subnets
database_subnets_cidr_blocks List of cidr_blocks of database subnets
default_network_acl_id The ID of the default network ACL
default_route_table_id The ID of the default route table
default_security_group_id The ID of the security group created by default on VPC creation
flow_logs_bucket_arn The ARN of the Flow Log bucket
igw_id The ID of the Internet Gateway
nat_gateway_id List of IDs of nat gateway
nat_gateway_ips List of nat gateway IPs
private_route_table_id The ID of the private route table
private_subnets List of IDs of private subnets
private_subnets_cidr_blocks List of cidr_blocks of private subnets
public_route_table_id The ID of the public route table
public_subnets List of IDs of public subnets
public_subnets_cidr_blocks List of cidr_blocks of public subnets
route53_zone_id Zone id for the vpc route53
vpc_cidr_block The CIDR block of the VPC
vpc_flow_log_arn The ARN of the Flow Log
vpc_id The ID of the VPC

About

This repository consists of Terraform module for network resources in AWS VPC.

Topics

aws terraform

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

5 forks
Report repository

Releases 3

1.0.4 Latest
Dec 31, 2024
+ 2 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages