VPC Endpoint Module¶
Description¶
This module creates a VPC endpoint for the Secrets Manager service.
Usage¶
module "vpc_endpoint" {
source = "./modules/vpc-endpoint"
product = "oqtopus"
org = "example"
env = "dev"
identifiers = {user_api = "arn:aws:iam::123"}
vpc_id = "vpc-123"
secret_manager_security_group_ids = ["sg-123"]
cognito_security_group_ids = ["sg-459"]
cloudtrail_security_group_ids = ["sg-789"]
lambda_subnet_ids = ["subnet-123"]
}
Requirements¶
| Name | Version |
|---|---|
| terraform | >= 1.9.0, < 2.0.0 |
| aws | ~> 5.57.0 |
Providers¶
| Name | Version |
|---|---|
| aws | ~> 5.57.0 |
Resources¶
| Name | Type |
|---|---|
| aws_vpc_endpoint.cloudtrail | resource |
| aws_vpc_endpoint.cognito | resource |
| aws_vpc_endpoint.s3 | resource |
| aws_vpc_endpoint.secret_manager | resource |
| aws_route_tables.private | data source |
Inputs¶
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cloudtrail_security_group_ids | The security group IDs for the CloudTrail | list(string) |
n/a | yes |
| cognito_security_group_ids | The security group IDs for the Cognito | list(string) |
n/a | yes |
| env | environment name | string |
n/a | yes |
| identifiers | The Lamda role ARNs that are allowed to access the VPC endpoints | map(string) |
n/a | yes |
| lambda_subnet_ids | The subnet IDs for the Lambda function | list(string) |
n/a | yes |
| org | organization name | string |
n/a | yes |
| product | product name | string |
n/a | yes |
| region | region name | string |
n/a | yes |
| s3_bucket_name | The name of S3 bucket | string |
n/a | yes |
| secret_manager_security_group_ids | The security group IDs for the Secret Manager | list(string) |
n/a | yes |
| vpc_id | The ID of the VPC | string |
n/a | yes |