Terraform module which creates VPC resources on AWS.

These types of resources are supported:

• VPC
• Subnet
• Route
• Route table
• Internet Gateway
• NAT Gateway
• VPN Gateway
• VPC Endpoint (S3 and DynamoDB)
• RDS DB Subnet Group
• ElastiCache Subnet Group
• Redshift Subnet Group
• DHCP Options Set

provider "aws" {
  version = "~> 1.0.0"
  region  = "eu-west-1"
}

module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

  name = "my-vpc"
  cidr = "10.0.0.0/16"

  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]

  enable_nat_gateway = true
  enable_vpn_gateway = true

  tags = {
    Terraform = "true"
    Environment = "dev"
  }
}

By default this module will provision new Elastic IPs for the VPC's NAT Gateways. This means that when creating a new VPC, new IPs are allocated, and when that VPC is destroyed those IPs are released. Sometimes it is handy to keep the same IPs even after the VPC is destroyed and re-created. To that end, it is possible to assign existing IPs to the NAT Gateways. This prevents the destruction of the VPC from releasing those IPs, while making it possible that a re-created VPC uses the same IPs.

To achieve this, allocate the IPs outside the VPC module declaration.

resource "aws_eip" "nat" {
  count = 3

  vpc = true
}

Then, pass the allocated IPs as a parameter to this module.

module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

  # The rest of arguments are omitted for brevity

  enable_nat_gateway  = true
  single_nat_gateway  = false
  reuse_nat_ips       = true                      # <= Skip creation of EIPs for the NAT Gateways
  external_nat_ip_ids = ["${aws_eip.nat.*.id}"]   # <= IPs specified here as input to the module
}

Note that in the example we allocate 3 IPs because we will be provisioning 3 NAT Gateways (due to single_nat_gateway = false and having 3 subnets). If, on the other hand, single_nat_gateway = true, then aws_eip.nat would only need to allocate 1 IP. Passing the IPs into the module is done by setting two variables reuse_nat_ips = true and external_nat_ip_ids = ["${aws_eip.nat.*.id}"].

Terraform version 0.10.3 or newer is required for this module to work.

• Simple VPC
• Complete VPC
• Few tests and edge cases examples: #46, #44

This module has been packaged with awspec tests through test kitchen. To run them:

1. Install rvm and the ruby version specified in the Gemfile.
2. Install bundler and the gems from our Gemfile:

gem install bundler; bundle install

3. Test using bundle exec kitchen test from the root of the repo.

Migrated from terraform-community-modules/tf_aws_vpc, where it was maintained by these awesome contributors. Module managed by Anton Babenko.

Apache 2 Licensed. See LICENSE for full details.