NetWork Module¶
Description¶
This module creates a VPC, private subnets, route tables, and route table associations.
Usage¶
module "network" {
source = "./modules/network"
product = "oqtopus"
org = "example"
env = "dev"
vpc_cidr = ""
private_subnets = {
subnet-1 = {
cidr = ""
az = "ap-northeast-1a"
name = "subnet-1"
},
subnet-2 = {
cidr = ""
az = "ap-northeast-1c"
name = "subnet-2"
}
}
public_subnet = {
name = "public-a"
cidr = ""
az = "ap-northeast-1a"
}
}
Requirements¶
| Name | Version |
|---|---|
| terraform | >= 1.9.0, < 2.0.0 |
| aws | ~> 5.57.0 |
Providers¶
| Name | Version |
|---|---|
| aws | ~> 5.57.0 |
Resources¶
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.vpc_flow_log_group | resource |
| aws_flow_log.this | resource |
| aws_iam_policy.vpc_flow_log | resource |
| aws_iam_role.vpc_flow_log | resource |
| aws_iam_role_policy_attachment.vpc_flow_log | resource |
| aws_internet_gateway.this | resource |
| aws_kms_key.vpc_flow_log | resource |
| aws_route.public_default_route | resource |
| aws_route_table.private | resource |
| aws_route_table.public | resource |
| aws_route_table_association.private | resource |
| aws_route_table_association.public_assoc | resource |
| aws_subnet.private | resource |
| aws_subnet.public | resource |
| aws_vpc.this | resource |
| aws_vpc_endpoint.s3 | resource |
| aws_vpc_endpoint_route_table_association.private_s3 | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.vpc_flow_log_policy | data source |
| aws_iam_policy_document.vpc_flow_logs_assume_role_policy | data source |
Inputs¶
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| env | environment name | string |
n/a | yes |
| org | organization name | string |
n/a | yes |
| private_subnets | The CIDR blocks for the private subnets | map(any) |
n/a | yes |
| product | product name | string |
n/a | yes |
| public_subnets | A map of public subnets | map(object({ |
n/a | yes |
| region | region name | string |
n/a | yes |
| vpc_cidr | The CIDR block for the VPC | string |
n/a | yes |
| vpc_flow_log_retention_days | Number of days for which VPC flow logs are retained | number |
14 |
no |
Outputs¶
| Name | Description |
|---|---|
| bastion_subnet_id | The ID of the bastion subnet |
| ec2_bastion_route_table_id | The route table ID for the EC2 instance |
| private_subnet_ids | The IDs of the private subnets |
| public_subnet_ids | The IDs of the public subnets |
| s3_vpc_endpoint_id | The ID of VPC endpoint for S3 |
| vpc_id | The ID of the VPC |