54 lines
1.6 KiB
Terraform
54 lines
1.6 KiB
Terraform
data "aws_region" "this" {}
|
|
|
|
# Eks Vpc on IPv6
|
|
resource "random_pet" "pet" {
|
|
length = 1
|
|
}
|
|
|
|
locals {
|
|
vpc_cidr = "10.18.0.0/16"
|
|
# ensure there is room for future expansion
|
|
private_net_start = cidrsubnet(local.vpc_cidr, 2, 1)
|
|
public_net_start = cidrsubnet(local.vpc_cidr, 2, 2)
|
|
}
|
|
|
|
data "aws_availability_zones" "this" {
|
|
state = "available"
|
|
}
|
|
|
|
resource "random_shuffle" "Select2Az" {
|
|
input = data.aws_availability_zones.this.names
|
|
result_count = 2
|
|
}
|
|
|
|
module "vpc" {
|
|
source = "terraform-aws-modules/vpc/aws"
|
|
version = "6.6.0"
|
|
|
|
name = "lab-vpc"
|
|
cidr = local.vpc_cidr
|
|
|
|
azs = random_shuffle.Select2Az.result
|
|
# ipv6 doesn't work with localstack
|
|
enable_ipv6 = false
|
|
public_subnet_assign_ipv6_address_on_creation = true
|
|
private_subnet_assign_ipv6_address_on_creation = true
|
|
private_subnets = cidrsubnets(local.private_net_start, 4, 4) # EKS requires free IPv4 addresses. see README
|
|
public_subnets = cidrsubnets(local.public_net_start, 8, 8) # 2 AZ required by eks lbc
|
|
public_subnet_tags = {
|
|
"kubernetes.io/role/elb" = 1
|
|
}
|
|
|
|
enable_dns_hostnames = true
|
|
enable_dns_support = true
|
|
|
|
# nat gateway and eigw (vpc module creates the dns64 /64 route to NGW)
|
|
enable_nat_gateway = true # AWS public endpoints do not support IPv6
|
|
single_nat_gateway = true
|
|
create_egress_only_igw = true
|
|
|
|
enable_flow_log = false
|
|
create_flow_log_cloudwatch_log_group = false
|
|
create_flow_log_cloudwatch_iam_role = false
|
|
manage_default_network_acl = false
|
|
} |