Giters

mixmaxhq / terraform-aws-network

Creates a network in AWS.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

awscorgi-tagnetworksupportedterraformvpc

terraform-aws-network

This is the configuration for a basic network. The default install creates 3 tiers: public, private, and data. It spreads these tiers across (at least) 3 availability zones. It leaves a little bit of space between subnets to accomodate scaling up to 6 availability zones. Each of the availability zones has its own NAT gateway for durability from zone failure and to save cash on cross-AZ traffic. All subnets are statically defined as /21s (~2000 IPs.) Additionally, the VPC is a /16, yet the defined subnets only consume about a quarter of the available IP space; this allows one to define more subnets as needed.

The data tier has no outbound access to the public internet or inbound access from the public subnets; all updates must be accomplished through managed service administration (ie Elasticache/Elasticsearch/RDS console), swapping out AMIs (keep stateful data on separate EBS volumes), or through communication with the private subnets (ie, host your own package repositories.) If you need to communicate with AWS or other services from the data subnets, consider creating VPC Endpoints or PrivateLinks. You can additionally use the data_network_acl_id output to create your own network ACL rules (though without a NAT these subnets still won't be able to access the public internet without more custom configuration.)

Variables

Required Variables

The following variables are required:

environment

Description: The environment the service is deployed to or in. Used for tagging resources; this can help identify costs.

Type: string

vpc_cidr

Description: The CIDR of the VPC, in slash notation.

Type: string

zone_ids

Description: The AWS Zone IDs of Availability Zones (datacenters) to deploy the network into. Specify 3 or more. More info here

Type: list(string)

Optional Variables

The following variables are optional (have default values):

name

Description: The name of the deployed service. Used for tagging resources; this can help identify costs.

Type: string

Default: "network"

service

Description: The service this deployment supports. Used for tagging resources; this can help identify costs.

Type: string

Default: "network"

Outputs

The following outputs are exported:

data_network_acl_id

Description: The ID of the network ACL applied to the data subnets. Useful for defining custom network ACL rules

data_subnet_ids

Description: A list of the data subnet IDs

private_subnet_ids

Description: A list of the private subnet IDs

public_subnet_ids

Description: A list of the public subnet IDs

vpc_cidr_block

Description: The CIDR block of the created VPC

vpc_id

Description: The ID of the created VPC

About

Creates a network in AWS.

awscorgi-tagnetworksupportedterraformvpc

License:MIT License

Languages

Language:HCL 100.0%