tailscale-subnet-router
hardfinhq/tailscale-subnet-router/aws
Terraform module for Tailscale subnet router in AWS ECS Fargate
Terraform module for Tailscale subnet router in ECS Fargate This module deploys a Tailscale [subnet router][1] as an [AWS Fargate][2] ECS task. The subnet router runs within an AWS VPC and advertises (to the Tailnet) the entire CIDR block for that VPC. Docker Container The _docker/tailscale.Dockerfile file extends the tailscale/tailscale [image][3] with an entrypoint script that starts the Tailscale daemon and runs tailscale up using an [auth key][4] and the relevant advertised CIDR block. This Docker container must be built and [pushed][5] to an ECR repository. ``bash docker build \ --tag tailscale-subnet-router:v1.20230311.1 \ --file ./_docker/tailscale.Dockerfile \ . Optionally override the tag for the base tailscale/tailscale image docker build \ --build-arg TAILSCALE_TAG=v1.36.2 \ --t
| Name | Type | Description | Default |
|---|---|---|---|
| security_group_ids | list(string) | The security group IDs to associate with the subnet router ECS service and EFS m | |
| vpc | string | The name of the VPC where the subnet router ECS service will be launched | |
| target_ecs_cluster | string | The name of the target ECS cluster | |
| subnet_group | string | The group (tag) of the VPC subnets where the subnet router ECS service will be l | |
| tailscale_auth_key_secret | string | The name of secret where the Tailscale auth key is stored | |
| tailscale_docker_repository | string | The name of ECR repository where the Docker image stored | |
| tailscale_docker_tag | string | The name of tag for the Docker image stored in ECR | |
| name | string | The name of the subnet router deployment. If unspecified the VPC name will be us | null |
| enable_execute_command | bool | Allows AWS ECS exec into the task containers. The `enable_execute_command` fiel | false |
| additional_routes | list(string) | A list of additional CIDR blocks to pass to Tailscale as routes to advertise | [] |
| cpu | number | The CPU value to assign to the container (vCPU) | 256 |
| additional_flags | string | Additional flags to pass to the tailscale up command | "" |
| memory | number | The memory value to assign to the container (MiB) | 512 |
| assign_public_ip | bool | The 'assign_public_ip' flag for the ECS task network configuration. The `assign | false |
| cpu_architecture | string | The CPU architecture to use for the container. Either X86_64 or ARM64. | "X86_64" |
tailscale_ecs_task_role_name — The name of the IAM role created for the ECS task that runs TailscaleAzure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,