- public - Internet gateway
- private - NAT Gateway
- intra - None(Intranet)
Reference - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario1.html
- Subnet - public
- NAT Gateway : no
module "vpc" {
source = "github.com/jyotti/terraform-aws-vpc?ref=v0.1.1"
name = "simple"
cidr_block = "10.0.0.0/16"
public_subnets = ["10.0.32.0/20", "10.0.96.0/20", "10.0.160.0/20"]
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
tags = {
Stage = "dev"
}
}Reference - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html
- Subnet - public, private
- NAT Gateway : yes
module "vpc" {
source = "github.com/jyotti/terraform-aws-vpc?ref=v0.1.1"
name = "public-and-private-subnets"
cidr_block = "10.0.0.0/16"
public_subnets = ["10.0.32.0/20", "10.0.96.0/20", "10.0.160.0/20"]
private_subnets = ["10.0.0.0/19", "10.0.64.0/19", "10.0.128.0/19"]
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
enable_nat_gateway = true
single_nat_gateway = true
tags = {
Stage = "dev"
}
}I refer to the explanation of Practical VPC Design.
10.0.0.0/16
10.0.0.0/18 - AZ1
10.0.0.0/19 - private
10.0.32.0/19
10.0.32.0/20 - public
10.0.48.0/20
10.0.48.0/21 - intra
10.0.56.0/21 - (spare)
10.0.64.0/18 - AZ2
10.0.64.0/19 - private
10.0.96.0/19
10.0.96.0/20 - public
10.0.112.0/20
10.0.112.0/21 - intra
10.0.120.0/21 - (spare)
10.0.128.0/18 - AZ3
10.0.128.0/19 - private
10.0.160.0/19
10.0.160.0/20 - public
10.0.176.0/20
10.0.176.0/21 - intra
10.0.184.0/21 - (spare)
10.0.192.0/18 - (spare)
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| availability_zones | A list of availability zones in the region | list | <list> |
no |
| cidr_block | The CIDR block for the VPC | string | 10.0.0.0/16 |
no |
| enable_dynamodb_endpoint | Should be true if you want to provision a DynamoDB endpoint to the VPC | string | false |
no |
| enable_nat_gateway | Should be true if you want to provision NAT Gateways for each of your private networks | string | false |
no |
| enable_s3_endpoint | Should be true if you want to provision an S3 endpoint to the VPC | string | false |
no |
| intra_subnet_suffix | Suffix to append to intra subnets name | string | intra |
no |
| intra_subnet_tags | Additional tags for the intra subnets | map | <map> |
no |
| intra_subnets | List of CIDR block for intra subnet | list | <list> |
no |
| map_public_ip_on_launch | Should be false if you do not want to auto-assign public IP on launch | string | true |
no |
| name | Name to be used on all the resources as identifier | string | `` | no |
| private_subnet_suffix | Suffix to append to private subnets name | string | private |
no |
| private_subnet_tags | Additional tags for the private subnets | map | <map> |
no |
| private_subnets | List of CIDR block for private subnet | list | <list> |
no |
| public_subnet_suffix | Suffix to append to public subnets name | string | public |
no |
| public_subnet_tags | Additional tags for the public subnets | map | <map> |
no |
| public_subnets | List of CIDR block for public subnet | list | <list> |
no |
| single_nat_gateway | Should be true if you want to provision a single shared NAT Gateway across all of your private networks | string | false |
no |
| tags | A map of tags to add to all resources | map | <map> |
no |
| Name | Description |
|---|---|
| db_subnet_group | The db subnet group name |
| default_route_table_id | The ID of the default route table |
| default_security_group_id | The ID of the security group created by default on VPC creation |
| elasticache_subnet_group | The ElastiCache Subnet group ID |
| intra_route_table_ids | List of IDs of intra route tables |
| intra_subnet_ids | List of IDs of the intra subnet |
| private_route_table_ids | List of IDs of private route tables |
| private_subnet_ids | List of IDs of the private subnet |
| public_route_table_ids | List of IDs of public route tables |
| public_subnet_ids | List of IDs of the public subnet |
| redshift_subnet_group | The Redshift Subnet group ID |
| vpc_cidr_block | The CIDR block of the VPC |
| vpc_id | The ID of the VPC |