The GRACE PaaS Network module creates the the network resources required for a basic GRACE PaaS account.
- main.tf contains the data resource for the Transit Gateway RAM shared resource
- vpc.tf contains the resource for the Front, Mid, and Back VPCs, peering connections, and transit gateway connections
- route.tf contains the route tables and route resources
- subnet.tf contains the subnets for the VPCs
- dns_hub.tf contains configuration details for DNS resolvers and shared forwarding rules
- dns_spoke.tf contains the configuration details for customer side DNS setup
- variables.tf contains all configurable variables
- outputs.tf contains all Terraform output variables
- internal_security_groups.tf contains GRACE standard Service Security Groups and Network Security Groups
Simply import grace-paas-vpc as a module into your Terraform for the destination AWS Environment.
module "network" {
source = "github.com/GSA/grace-paas-network?ref=v0.0.1"
cloudtrail_log_group_name = "<log_group_name>"
recipient = "<email_address>"
}
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| availability_zones | (required) List of availability zones for VPC subnets | list(string) |
n/a | yes |
| tgw_name | (optional) Name of the Transit Gateway | string |
gsa-tgw-prod-v1 |
no |
| vpc_cidrblocks | (required) List of VPC CIDR blocks, must be three | list(string) |
n/a | yes |
| ingress_rules | (optional) List of ingress rules for shared services security group | list(map(string)) |
n/a | no |
No requirements.
| Name | Version |
|---|---|
| aws | n/a |
| Name | Description |
|---|---|
| back_rt_id | Back VPC route table ID |
| back_vpc_cidr | Back VPC CIDR block |
| back_vpc_id | Back VPC ID |
| back_vpc_subnet_cidr_blocks | Back VPC subnet CIDR blocks |
| back_vpc_subnet_ids | Back VPC subnet IDs |
| front_mid_peering_connection_id | Front to mid VPC peering connection ID |
| front_rt_id | Front VPC route table ID |
| front_vpc_cidr | Front VPC CIDR block |
| front_vpc_id | Front VPC ID |
| front_vpc_subnet_cidr_blocks | Front VPC subnet CIDR blocks |
| front_vpc_subnet_ids | Front VPC subnet IDs |
| mid_back_peering_connection_id | Mid to back VPC peering connection ID |
| mid_rt_id | Mid VPC route table ID |
| mid_vpc_cidr | Mid VPC CIDR block |
| mid_vpc_id | Mid VPC ID |
| mid_vpc_subnet_cidr_blocks | Mid VPC subnet CIDR blocks |
| mid_vpc_subnet_ids | Mid VPC subnet IDs |
| shared_srvs_sg_id | Shared Services Security Group ids |
This project is in the worldwide public domain. As stated in CONTRIBUTING:
This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.
All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.