GithubHelp home page GithubHelp logo

globalic / terraform-network Goto Github PK

View Code? Open in Web Editor NEW

This project forked from skyscrapers/terraform-network

0.0 1.0 0.0 60 KB

Terraform modules networking related vpc,subnets,route tables..

License: MIT License

HCL 100.00%

terraform-network's Introduction

terraform-network

Terraform modules networking related vpc,subnets,route tables..

Nat Gateway

Creates a nat gateway and automatically adds a route table to the route tables passed as parameter

Available variables

  • [private_route_tables]: List(string)(required): List of private route tables that require the nat gateway [NOTE the number of nat gateways should match the number of private routes]
  • [number_nat_gateways]: Number(optional): Number of nat gateways required
  • [public_subnets]: List(string)(required): The subnets where we are going to create/deploy the NAT gateways
  • [tags]: Map(optional): optional tags

Output

  • [ids]: List: The ids of the nat gateways created.

Example

module "nat_gateway" {
  source = "nat_gateway"
  private_route_tables=module.vpc.private_rts
  public_subnets=module.vpc.public_subnets
}

Subnets

Creates a number of subnets and divides them in different parts based on the input params

Available variables

  • [cidr]: String(required): the CIDR to be divided into subnets
  • [newbits]: String(optional): default to 8. For details see https://www.terraform.io/docs/configuration/interpolation.html#cidrsubnet_iprange_newbits_netnum_
  • [netnum]: String(optional): default to 0. First number of subnet to start of (ex I want a 10.1,10.2,10.3 subnet I specify 1)
  • [vpc_id]: String(required): the VPC ID where we want to create the subnets
  • [role]: String(required): the role of the subnets. Example values are lb, db and app.
  • [visibility]: String(required): the visibility of the subnets. Valid values are public and private
  • [tags]: Map(optional): optional tags
  • [project]: String(required): the name of the project these subnets belong to
  • [environment]: String(required): the name of the environment these subnets belong to (prod,stag,dev)
  • [num_subnets]: String(optional): default to 3. the number of subnets we want to create
  • [route_tables]: List(string)(optional): the list of route tables to associate to the created subnet. This will associate the route table to the created subnet sequentially. If the subnet number is greater than the number of route tables, the route table will be selected sing a standard mod algorithm
  • [num_route_tables]: Number(optional): default to 0. the number of route tables passed in route_tables. NOTE: this is due to a bug in terraform that cannot iterate over count param

Output

  • [ids]: List: the ids of the subnets created

Example

module "public_lb_subnets" {
  source             = "../subnets"
  num_subnets        = var.amount_public_lb_subnets
  visibility         = "public"
  role               = "lb"
  cidr               = var.cidr_block
  netnum             = 0
  vpc_id             = aws_vpc.main.id
  aws_region         = var.aws_region
  environment        = var.environment
  project            = var.project
  tags               = { "KubernetesCluster" = "test" }
}

vpc

This module will create a vpc with the option to specify 4 types of subnets:

  • public_nat-bastion_subnets
  • public_lb_subnets
  • private_app_subnets
  • private_db_subnets

It will also create the required route tables for the private subnets. The private_app and private_db subnets are private subnets.

Available variables

Name Description Type Default Required
amount_private_app_subnets Amount of subnets you need number 3 no
amount_private_db_subnets Amount of subnets you need number 3 no
amount_private_management_subnets Amount of subnets you need number 0 no
amount_public_lb_subnets Amount of subnets you need number 3 no
amount_public_nat-bastion_subnets Amount of subnets you need number 1 no
cidr_block CIDR block you want to have in your VPC string n/a yes
environment How do you want to call your environment, this is helpful if you have more than 1 VPC. string "production" no
extra_tags_private_app Private app subnets extra tags map <map> no
extra_tags_private_db Private database subnets extra tags map <map> no
extra_tags_private_management Private management subnets extra tags map <map> no
extra_tags_public_lb Public load balancer subnets extra tags map <map> no
extra_tags_public_nat-bastion Public nat/bastion subnets extra tags map <map> no
extra_tags_vpc VPC extra tags map <map> no
netnum_private_app First number of subnet to start of for private_app subnets string "20" no
netnum_private_db First number of subnet to start of for private_db subnets string "30" no
netnum_private_management First number of subnet to start of for private_management subnets string "200" no
netnum_public_lb First number of subnet to start of for public_lb subnets string "10" no
netnum_public_nat-bastion First number of subnet to start of for public_nat-bastion subnets string "0" no
number_private_rt The desired number of private route tables. In case we want one per AZ we can change this value. number 1 no
project The current project string n/a yes
tags Optional Tags map <map> no

Outputs

Name Description
default_network_acl_id Id of the default network acl
private_app_subnets List of the private_app subnets id created
private_db_subnets List of the private_db subnets id created
private_management_subnets List of the private_management subnets id created
private_rts List of the ids of the private route tables created
public_lb_subnets List of the public_lb subnets id created
public_nat-bastion List of the public_nat-bastion subnets id created
public_rts List of the ids of the public route tables created
vpc_id The id of the vpc created

Example

module "vpc" {
  source      = "vpc"
  cidr_block  = "172.16.0.0/16"
  project     = "test"
  environment = "prod"
  tags        = { "KubernetesCluster" = "test" }
}

Migration

From v2 to v3

The Terraform state migration commands to migrate from VPC module v2.x to v3.0 and up.

terraform state mv module.vpc.aws_route_table_association.public_nat-bastion_hosts module.vpc.module.public_nat-bastion_subnets.aws_route_table_association.subnet_association
terraform state mv module.vpc.aws_route_table_association.private_app[0] module.vpc.module.private_app_subnets.aws_route_table_association.subnet_association[0]
terraform state mv module.vpc.aws_route_table_association.private_app[1] module.vpc.module.private_app_subnets.aws_route_table_association.subnet_association[1]
terraform state mv module.vpc.aws_route_table_association.private_app[2] module.vpc.module.private_app_subnets.aws_route_table_association.subnet_association[2]
terraform state mv module.vpc.aws_route_table_association.private_management[0] module.vpc.module.private_management_subnets.aws_route_table_association.subnet_association[0]
terraform state mv module.vpc.aws_route_table_association.private_management[1] module.vpc.module.private_management_subnets.aws_route_table_association.subnet_association[1]
terraform state mv module.vpc.aws_route_table_association.private_management[2] module.vpc.module.private_management_subnets.aws_route_table_association.subnet_association[2]
terraform state mv module.vpc.aws_route_table_association.public_lb_hosts[0] module.vpc.module.public_lb_subnets.aws_route_table_association.subnet_association[0]
terraform state mv module.vpc.aws_route_table_association.public_lb_hosts[1] module.vpc.module.public_lb_subnets.aws_route_table_association.subnet_association[1]
terraform state mv module.vpc.aws_route_table_association.public_lb_hosts[2] module.vpc.module.public_lb_subnets.aws_route_table_association.subnet_association[2]
terraform state mv module.vpc.aws_route_table_association.private_db[0] module.vpc.module.private_db_subnets.aws_route_table_association.subnet_association[0]
terraform state mv module.vpc.aws_route_table_association.private_db[1] module.vpc.module.private_db_subnets.aws_route_table_association.subnet_association[1]
terraform state mv module.vpc.aws_route_table_association.private_db[2] module.vpc.module.private_db_subnets.aws_route_table_association.subnet_association[2]

securitygroups/all

This module creates and exposes a reusable security group called sg-all.

The implementation uses the separate aws_security_group and aws_security_group_rule resources to make the creation and adaptation of security groups much more modular.

Available variables:

  • [vpc_id]: String(required): the id of the VPC where the security group must be created
  • [project]: String(required): the name of the customer or project
  • [environment]: String(required): the environment to create the security group in. Examples: staging, production

Output

  • [sg_id]: String: the id of the security group created

Example

module "securitygroup_all" {
  source                           = "github.com/skyscrapers/terraform-network//securitygroups/all"
  vpc_id                           = module.vpc.vpc_id
  project                          = var.project
  environment                      = var.environment
}

securitygroups/icinga_satellite

This module creates and exposes a reusable security group called sg_icinga_satellite, expanded with project and environment info.

The implementation uses the separate aws_security_group and aws_security_group_rule resources to make the creation and adaptation of security groups much more modular.

Available variables

  • [vpc_id]: String(required): the id of the VPC where the security group must be created
  • [project]: String(required): the name of the customer or project
  • [environment]: String(required): the environment to create the security group in. Examples: staging, production
  • [icinga_master_ip]: String(required): the IP address of the Icinga master in CIDR notation.
  • [internal_sg_id]: String(optional): The Icinga satellite will be able to access this security group through NRPE, if provided.

Output

  • [sg_id]: String: the id of the security group created

Example

module "securitygroup_icinga" {
  source                           = "github.com/skyscrapers/terraform-network//securitygroups/icinga_satellite"
  vpc_id                           = module.vpc.vpc_id
  project                          = var.project
  environment                      = var.environment
  icinga_master_ip                 = "123.234.123.234/32"
}

securitygroups/puppet

This module creates and exposes a reusable security group called sg_puppet, expanded with project and environment info.

The implementation uses the separate aws_security_group and aws_security_group_rule resources to make the creation and adaptation of security groups much more modular.

Available variables

  • [vpc_id]: String(required): the id of the VPC where the security group must be created
  • [project]: String(required): the name of the customer or project
  • [environment]: String(required): the environment to create the security group in. Examples: staging, production
  • [puppet_master_ip]: String(required): the IP address of the Puppet master in CIDR notation.

Output:

  • [sg_id]: String: the id of the security group created

Example

module "securitygroup_icinga" {
  source                           = "github.com/skyscrapers/terraform-network//securitygroups/puppet"
  vpc_id                           = module.vpc.vpc_id
  project                          = var.project
  environment                      = var.environment
  puppet_master_ip                 = "123.234.123.234/32"
}

securitygroups/web_public

This module creates and exposes a reusable security group called sg_web_public, expanded with project and environment info.

The implementation uses the separate aws_security_group and aws_security_group_rule resources to make the creation and adaptation of security groups much more modular.

Available variables

  • [vpc_id]: String(required): the id of the VPC where the security group must be created
  • [project]: String(required): the name of the customer or project
  • [environment]: String(required): the environment to create the security group in. Examples: staging, production

Output

  • [sg_id]: String: the id of the security group created

Example

module "securitygroup_web_public" {
  source                           = "github.com/skyscrapers/terraform-network//securitygroups/web_public"
  vpc_id                           = module.vpc.vpc_id
  project                          = var.project
  environment                      = var.environment
}

terraform-network's People

Contributors

duboisph avatar iuriaranda avatar mattiasgees avatar ringods avatar samclinckspoor avatar simonrondelez avatar venturel avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.