- Supply your own availability zones or create subnets in all available in a given region
- Optional public and private subnets with auto-calculated CIDR ranges
- Automatic NAT gateway creation in each AZ if both public and private subnets enabled.
- Optional ACLs for subnets separated by public/private and ingress/egress
- Optional global and resource-specific tags
- The given CIDR range will be split in two for private and public subnets
- The public and private ranges will be split into the minimum number of ranges to allow distinct CIDR ranges for each subnet
| Variable |
Description |
Type |
Required |
Default |
| name_prefix |
Prefix to attach to the name of every resource. |
string |
yes |
|
| vpc_cidr |
CIDR range for the created VPC. |
string |
yes |
|
| dedicated_instances |
Whether instances in the VPC are dedicated by default or not. |
bool |
no |
false |
| enable_dns_support |
Flag to enable/disable an AWS-provided DNS server within the VPC. |
bool |
no |
true |
| enable_dns_hostnames |
Flag to enable/disable public DNS hostnames for public IP addresses of instances in the VPC. |
bool |
no |
false |
| availability_zones |
Availability zones for subnets. Defaults to all availability zones in the current region. |
list(string) |
no |
See description |
| create_public |
Creates public subnets in the given availability zones. Will create a NAT gateway per availability zone if private subnets enabled. |
bool |
no |
true |
| map_public_subnet_public_ips |
Maps public subnets with public IPv4 addresses on launch. |
bool |
no |
false |
| create_private |
Creates private subnets in the given availability zones. Will connect to public NAT gateways if public subnets also enabled. |
bool |
no |
true |
| acl_ingress_private |
Ingress ACL rules for all private subnets. |
map |
no |
See below |
| acl_egress_private |
Egress ACL rules for all private subnets. |
map |
no |
See below |
| acl_ingress_public |
Ingress ACL rules for all public subnets. |
map |
no |
See below |
| acl_egress_public |
Egress ACL rules for all public subnets. |
map |
no |
See below |
| tags_default |
Tags to apply to all resources. |
map |
no |
{} |
| tags_subnets |
Tags to apply to all subnets. |
map |
no |
{} |
| tags_route_table |
Tags to apply to all route tables. |
map |
no |
{} |
| tags_ngw |
Tags to apply to all NAT gateways. |
map |
no |
{} |
| tags_igw |
Tags to apply to the internet gateway. |
map |
no |
{} |
| tags_acl |
Tags to apply to any ACL rules created. |
map |
no |
{} |
Default ACL default rules allow all traffic:
[
{
rule_no = 100
from_port = 0
to_port = 0
cidr_block = "0.0.0.0/0"
action = "ALLOW"
protocol = -1
}
]
| Variable |
Description |
| vpc_id |
ID of the created VPC |
| private_subnet_ids |
IDs of the created private subnets. Empty list if create_private = false |
| public_subnet_ids |
IDs of the created public subnets. Empty list if create_public = false |
| private_cidr_blocks |
CIDR blocks of the created private subnets. Empty list if create_private = false |
| public_cidr_blocks |
CIDR blocks of the created public subnets. Empty list if create_public = false |
| availability_zone_ids |
IDs of the availability zones in use. See availability_zones input for info. |
| nat_gateway_public_eips |
Public IPs of the EIPs associated with the NGW |
| default_network_acl_id |
Default network ACL ID of the created VPC |