network
DNXLabs/network/aws
Terraform module for creating basic network resources: VPC, subnets and NAT.
terraform-aws-network   This module creates the basic network resources for a region. The following resources will be created: - Virtual Private Cloud (VPC) - Enable DNS Hostname - A DNS hostname is a name that uniquely and absolutely names a computer; it's composed of a host name and a domain name. DNS servers resolve DNS hostnames to their corresponding IP addresses. - VPC Flow Logs - AWS Cloudwatch log groups - Subnets - Public - Private - Secure - Transit - Internet Gateway - Route tables for the Public, Private, Secure and Transit subnets - Associate all Route Tables created to the correct subnet - Nat Gateway - Network Access Control
| Name | Type | Description | Default |
|---|---|---|---|
| vpc_cidr | string | Network CIDR for the VPC | |
| name | string | Name prefix for the resources of this stack | |
| enable_firewall_default_rule | bool | Enable or disable the default stateful rule. | true |
| nat | bool | Deploy NAT instance(s) | true |
| vpc_cidr_summ | string | Define cidr used to summarize subnets by tier | "/0" |
| tags | map(string) | Extra tags to attach to resources | {} |
| transit_netnum_offset | number | Start with this subnet for secure ones, plus number of AZs | 15 |
| public_nacl_outbound_tcp_ports | list(string) | TCP Ports to allow outbound to external services (use [0] to allow all ports) | [
"0"
] |
| vpc_flow_logs | bool | Enable or disable VPC Flow Logs | true |
| vpc_endpoint_dynamodb_gateway | bool | Enable or disable VPC Endpoint for DynamoDB (Gateway) | true |
| newbits | number | Number of bits to add to the vpc cidr when building subnets | 5 |
| transit_nacl_inbound_udp_ports | list(string) | UDP Ports to allow inbound on transit subnet via NACLs (this list cannot be empt | [
"1194"
] |
| vpc_endpoints | list(object( { name | AWS services to create a VPC endpoint on private subnets for (e.g: ssm, ec2, ecr | [] |
| name_pattern | string | Name pattern to use for resources. Options: default, kebab | "default" |
| create_dbsubgroup_secure | bool | Create Secure Subgroup | true |
| create_dbsubgroup_private | bool | Create Private Subgroup | false |
| public_netnum_offset | number | Start with this subnet for public ones, plus number of AZs | 0 |
| secure_netnum_offset | number | Start with this subnet for secure ones, plus number of AZs | 10 |
| public_nacl_inbound_tcp_ports | list(string) | TCP Ports to allow inbound on public subnet via NACLs (this list cannot be empty | [
"80",
"443",
"22",
"1194"
] |
| secure_nacl_allow_cidrs | list(string) | CIDRs to allow traffic from secure subnet | [] |
| kubernetes_clusters_type | string | Use either 'owned' or 'shared' for kubernetes cluster tags | "shared" |
| kms_key_arn | string | The ARN of the KMS Key to use when encrypting log data. | "" |
| … and 10 more inputs | |||
transit_route_table_idpublic_nacl_idprivate_naclsprivate_subnet_ids — List of private subnet IDspublic_route_table_idsecure_route_table_idprivate_nacl_idpublic_subnet_cidrs — List of public subnet CIDRsnat_gateway_ids — List of NAT Gateway IDsprivate_route_table_idprivate_subnetspublic_naclssecure_naclsprivate_subnet_cidrs — List of private subnet CIDRsdb_subnet_group_secure_iddb_subnet_group_private_idsecure_nacl_idvpc_id — ID for VPC createdtransit_subnetsnat_gatewaysecure_subnet_cidrs — List of secure subnet CIDRssecure_db_subnetpublic_subnet_ids — List of public subnet IDsdb_subnet_group_public_idinternet_gateway_id — ID of Internet Gateway createdtransit_nacl_idpublic_subnetssecure_subnetscidr_block — CIDR for VPC createdfirewall_subnet_cidrs — List of firewall subnet CIDRsAzure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,