Skip to content

Latest commit

 

History

History
77 lines (73 loc) · 8.87 KB

io.md

File metadata and controls

77 lines (73 loc) · 8.87 KB
Raw

Inputs

Name Description Type Default Required
additional_cidr_block List of secondary CIDR blocks of the VPC. list(string) [] no
assign_generated_ipv6_cidr_block Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Conflicts with ipv6_ipam_pool_id bool true no
aws_default_network_acl A boolean flag to enable/disable Default Network acl in the VPC. bool true no
aws_default_route_table A boolean flag to enable/disable Default Route Table in the VPC. bool true no
block_http_traffic True when http traffic has to be blocked for S3. bool true no
cidr_block CIDR for the VPC. string "" no
create_flow_log_cloudwatch_iam_role Flag to be set true when cloudwatch iam role is to be created when flow log destination type is set to cloudwatch logs. bool false no
default_network_acl_egress List of maps of egress rules to set on the Default Network ACL list(map(string)) 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  },
  {
    "action": "allow",
    "from_port": 0,
    "ipv6_cidr_block": "::/0",
    "protocol": "-1",
    "rule_no": 101,
    "to_port": 0
  }
]
 no
default_network_acl_ingress List of maps of ingress rules to set on the Default Network ACL list(map(string)) 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  },
  {
    "action": "allow",
    "from_port": 0,
    "ipv6_cidr_block": "::/0",
    "protocol": "-1",
    "rule_no": 101,
    "to_port": 0
  }
]
 no
default_route_table_routes Configuration block of routes. list(map(string)) [] no
default_security_group_egress List of maps of egress rules to set on the default security group list(map(string)) [] no
default_security_group_ingress List of maps of ingress rules to set on the default security group list(map(string)) [] no
dhcp_options_domain_name Specifies DNS name for DHCP options set (requires enable_dhcp_options set to true) string "service.consul" no
dhcp_options_domain_name_servers Specify a list of DNS server addresses for DHCP options set, default to AWS provided (requires enable_dhcp_options set to true) list(string) 
[
  "AmazonProvidedDNS"
]
 no
dhcp_options_netbios_name_servers Specify a list of netbios servers for DHCP options set (requires enable_dhcp_options set to true) list(string) [] no
dhcp_options_netbios_node_type Specify netbios node_type for DHCP options set (requires enable_dhcp_options set to true) string "" no
dhcp_options_ntp_servers Specify a list of NTP servers for DHCP options set (requires enable_dhcp_options set to true) list(string) [] no
dns_hostnames_enabled A boolean flag to enable/disable DNS hostnames in the VPC. bool true no
dns_support_enabled A boolean flag to enable/disable DNS support in the VPC. bool true no
enable Flag to control the vpc creation. bool true no
enable_dhcp_options Should be true if you want to specify a DHCP options set with a custom domain name, DNS servers, NTP servers, netbios servers, and/or netbios server type bool false no
enable_flow_log Enable vpc_flow_log logs. bool false no
enable_key_rotation Specifies whether key rotation is enabled. Defaults to true(security best practice) bool true no
enable_network_address_usage_metrics Determines whether network address usage metrics are enabled for the VPC bool null no
enabled_ipv6_egress_only_internet_gateway A boolean flag to enable/disable IPv6 Egress-Only Internet Gateway creation bool true no
environment Environment (e.g. prod, dev, staging). string "" no
flow_log_cloudwatch_log_group_retention_in_days Specifies the number of days you want to retain log events in the specified log group for VPC flow logs number null no
flow_log_destination_arn ARN of destination where vpc flow logs are to stored. Can be of existing s3 or existing cloudwatch log group. string null no
flow_log_destination_type Type of flow log destination. Can be s3 or cloud-watch-logs string "cloud-watch-logs" no
flow_log_file_format (Optional) The format for the flow log. Valid values: plain-text, parquet string null no
flow_log_hive_compatible_partitions (Optional) Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3 bool false no
flow_log_iam_role_arn The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group. When flow_log_destination_arn is set to ARN of Cloudwatch Logs, this argument needs to be provided string null no
flow_log_log_format The fields to include in the flow log record, in the order in which they should appear string null no
flow_log_max_aggregation_interval The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. Valid Values: 60 seconds or 600 seconds number 600 no
flow_log_per_hour_partition (Optional) Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries bool false no
flow_log_traffic_type The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL string "ALL" no
flow_logs_bucket_name Name (e.g. mybucket or bucket101). string null no
instance_tenancy A tenancy option for instances launched into the VPC. string "default" no
ipam_pool_enable Flag to be set true when using ipam for cidr. bool false no
ipv4_ipam_pool_id The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. string "" no
ipv4_netmask_length The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id string null no
ipv6_cidr_block IPv6 CIDR for the VPC. string null no
ipv6_cidr_block_network_border_group Set this to restrict advertisement of public addresses to a specific Network Border Group such as a LocalZone. string null no
ipv6_ipam_pool_id The ID of an IPv6 IPAM pool you want to use for allocating this VPC's CIDR. string null no
ipv6_netmask_length The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv6_ipam_pool_id string null no
kms_key_deletion_window KMS Key deletion window in days. number 10 no
label_order Label order, e.g. name,application. list(any) 
[
  "name",
  "environment"
]
 no
managedby ManagedBy, eg 'CloudDrove' string "hello@clouddrove.com" no
name Name (e.g. app or cluster). string "" no
repository Terraform current module repo string "https://github.com/clouddrove/terraform-aws-vpc" no
restrict_default_sg Flag to control the restrict default sg creation. bool true no
s3_sse_algorithm Server-side encryption algorithm to use. Valid values are AES256 and aws:kms string "aws:kms" no
vpc_flow_log_permissions_boundary The ARN of the Permissions Boundary for the VPC Flow Log IAM Role string null no

Outputs

Name Description
arn Amazon Resource Name (ARN) of VPC
igw_id The ID of the Internet Gateway.
ipv6_cidr_block The IPv6 CIDR block.
ipv6_cidr_block_network_border_group The IPv6 Network Border Group Zone name
ipv6_egress_only_igw_id The ID of the egress-only Internet Gateway
tags A mapping of tags to assign to the resource.
vpc_arn The ARN of the VPC
vpc_cidr_block The CIDR block of the VPC.
vpc_default_network_acl_id The ID of the network ACL created by default on VPC creation.
vpc_default_route_table_id The ID of the route table created by default on VPC creation.
vpc_default_security_group_id The ID of the security group created by default on VPC creation.
vpc_id The ID of the VPC.
vpc_ipv6_association_id The association ID for the IPv6 CIDR block.
vpc_main_route_table_id The ID of the main route table associated with this VPC.