Module: vpc
Terraform module to provision a VPC with Internet Gateway. Contains a submodule for provisioning Interface and/or Gateway VPC Endpoints. This module also supports provisioning additional CIDR blocks for the VPC, with or without using IPAM.
Examples
module "vpc" {
source = "cloudposse/vpc/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = "eg"
stage = "test"
name = "app"
ipv4_primary_cidr_block = "10.0.0.0/16"
assign_generated_ipv6_cidr_block = true
}
Full example with terraform-aws-dynamic-subnets:
module "vpc" {
source = "cloudposse/vpc/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = "eg"
stage = "test"
name = "app"
ipv4_primary_cidr_block = "10.0.0.0/16"
assign_generated_ipv6_cidr_block = false
}
module "dynamic_subnets" {
source = "cloudposse/dynamic-subnets/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = "eg"
stage = "test"
name = "app"
availability_zones = ["us-west-2a","us-west-2b","us-west-2c"]
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
cidr_block = "10.0.0.0/16"
}
Submodule for provisioning VPC Endpoints:
module "vpc_endpoints" {
source = "cloudposse/vpc/aws//modules/vpc-endpoints"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
vpc_id = module.vpc.vpc_id
gateway_vpc_endpoints = {
"s3" = {
name = "s3"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"s3:*",
]
Effect = "Allow"
Principal = "*"
Resource = "*"
},
]
})
}
}
interface_vpc_endpoints = {
"ec2" = {
name = "ec2"
security_group_ids = ["sg-12341234123412345"]
subnet_ids = module.dynamic_subnets.private_subnet_ids
policy = null
private_dns_enabled = false
}
}
}