Module: multi-az-subnets
Terraform module for multi-AZ subnets provisioning.
The module creates private and public subnets in the provided Availability Zones.
The public subnets are routed to the Internet Gateway specified by var.igw_id.
nat_gateway_enabled flag controls the creation of NAT Gateways in the public subnets.
The private subnets are routed to the NAT Gateways provided in the var.az_ngw_ids map.
If you are creating subnets inside a VPC, consider using cloudposse/terraform-aws-dynamic-subnets instead.
Screenshots
Example of terraform apply outputs
Usage
locals {
public_cidr_block = cidrsubnet(var.cidr_block, 1, 0)
private_cidr_block = cidrsubnet(var.cidr_block, 1, 1)
}
module "vpc" {
source = "cloudposse/vpc/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
cidr_block = var.cidr_block
}
module "public_subnets" {
source = "cloudposse/multi-az-subnets/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
availability_zones = ["us-east-2a", "us-east-2b", "us-east-2c"]
vpc_id = module.vpc.vpc_id
cidr_block = local.public_cidr_block
type = "public"
igw_id = module.vpc.igw_id
nat_gateway_enabled = "true"
}
module "private_subnets" {
source = "cloudposse/multi-az-subnets/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
availability_zones = ["us-east-2a", "us-east-2b", "us-east-2c"]
vpc_id = module.vpc.vpc_id
cidr_block = local.private_cidr_block
type = "private"
az_ngw_ids = module.public_subnets.az_ngw_ids
}
Examples
Given the following configuration
module "vpc" {
source = "cloudposse/vpc/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
name = "vpc"
stage = var.stage
cidr_block = var.cidr_block
}
locals {
public_cidr_block = cidrsubnet(module.vpc.vpc_cidr_block, 1, 0)
private_cidr_block = cidrsubnet(module.vpc.vpc_cidr_block, 1, 1)
}
module "public_subnets" {
source = "cloudposse/multi-az-subnets/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
availability_zones = ["us-east-2a", "us-east-2b", "us-east-2c"]
vpc_id = module.vpc.vpc_id
cidr_block = local.public_cidr_block
type = "public"
igw_id = module.vpc.igw_id
nat_gateway_enabled = "true"
}
module "private_subnets" {
source = "cloudposse/multi-az-subnets/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
availability_zones = ["us-east-2a", "us-east-2b", "us-east-2c"]
vpc_id = module.vpc.vpc_id
cidr_block = local.private_cidr_block
type = "private"
az_ngw_ids = module.public_subnets.az_ngw_ids
}
output "private_az_subnet_ids" {
value = module.private_subnets.az_subnet_ids
}
output "public_az_subnet_ids" {
value = module.public_subnets.az_subnet_ids
}
the output Maps of AZ names to subnet IDs look like these
public_az_subnet_ids = {
us-east-2a = subnet-ea58d78e
us-east-2b = subnet-556ee131
us-east-2c = subnet-6f54db0b
}
private_az_subnet_ids = {
us-east-2a = subnet-376de253
us-east-2b = subnet-9e53dcfa
us-east-2c = subnet-a86fe0cc
}
and the created subnet IDs could be found by the AZ names using map["key"] or lookup(map, key, [default]),
for example:
public_az_subnet_ids["us-east-2a"]
lookup(private_az_subnet_ids, "us-east-2b")