VPC Module Documentation
Overview
The VPC module is designed to build an AWS Virtual Private Cloud (VPC) following best practices. It has the capability to deploy NAT Gateways and can create necessary Transit Gateway resources for multi-environment setups in a hub and spoke architecture.
Features
- Creates a secure and scalable VPC.
- Option to deploy NAT Gateways.
- Supports Transit Gateway resources for hub and spoke architectures.
- Configurable flow logs for network traffic monitoring.
Module Details
- Provider: AWS
- Stand Alone: Yes
Variables
| Variable Key | Type | Mandatory | Description |
|---|---|---|---|
vpc_cidr_block | Input | Yes | The CIDR block range (e.g., 10.0.0.0/16) for the VPC network. |
additional_cidr_blocks | Input List | No | Extra CIDR blocks to add to the VPC for additional IP address space. |
flow_logs_enabled | Toggle Boolean | No | Enable this option to turn on VPC flow logs for network traffic monitoring. |
flow_logs_bucket | Input | Yes | The S3 bucket where VPC flow logs should be stored (required if flow logs are enabled). |
flow_logs_traffic_type | Input | No | Specifies the type of traffic to log (e.g., ALL, ACCEPT, or REJECT). |
azs | Checkbox Group | Yes | The list of Availability Zones (AZs) to use for deploying resources in the VPC. |
map_public_ip | Toggle Boolean | No | Automatically assign a public IP address to instances in public subnets. |
identifier | Input | Yes | A unique name or identifier for naming all resources in this VPC. |
vpc_tags | Input List | No | Key-value pairs for custom tags to apply to the VPC. |
public_subnet_tags | Input List | No | Key-value pairs for custom tags to apply to public subnets. |
igw_tags | Input List | No | Key-value pairs for custom tags to apply to the Internet Gateway (IGW). |
public_route_table_tags | Input List | No | Key-value pairs for custom tags to apply to public route tables. |
private_route_table_tags | Input List | No | Key-value pairs for custom tags to apply to private route tables. |
tgw_route_table_tags | Input List | No | Key-value pairs for custom tags to apply to TGW route tables. |
public_subnet_cidrs | Input List | Yes | A list of CIDR blocks to assign to public subnets. |
tgw_subnet_cidrs | Input List | No | A list of CIDR blocks to assign to Transit Gateway (TGW) subnets. |
hub_vpc | Toggle Boolean | No | Set this to true if this VPC is intended to be a hub VPC in a hub-spoke network architecture. |
standalone_vpc | Toggle Boolean | Yes | Set this to true if this VPC is intended to operate as a standalone VPC. |
public_subnet_prefix | Input | No | An optional prefix for naming public subnets and route tables. |
private_routetable_prefix | Input | No | An optional prefix for naming private route tables. |
tgw_subnet_prefix | Input | No | An optional prefix for naming TGW subnets and route tables. |
redundant_nat_gws | Toggle Boolean | No | Enable this to deploy NAT Gateways redundantly across all Availability Zones. |
enable_dns_hostnames | Toggle Boolean | No | Enable this to allow DNS hostnames within the VPC. |
enable_dns_support | Toggle Boolean | No | Enable this to provide DNS resolution support within the VPC. |
Usage
To utilize this module, ensure you set the mandatory variables as outlined above. The VPC module will create a secure and scalable network environment tailored to your specifications.
Conclusion
The VPC module is a powerful tool for creating and managing AWS VPCs, ensuring best practices are followed while providing flexibility for various network architectures.