/terraform-yc-vpc

Primary LanguageHCLMIT LicenseMIT

Virtual Private Cloud (VPC) Terraform module for Yandex.Cloud

Features

  • Create Network and subnets in your folder
  • Supports MultiFolder VPC concept by adding folder_id to subnet object
  • Subnets can be both public for VMs with public IPs and private, with or without NAT gateway
  • Configure your default security group
  • Easy to use in other resources via outputs

How to Configure Terraform for Yandex.Cloud

  • Install YC CLI
  • Add environment variables for terraform authentication in Yandex.Cloud
export YC_TOKEN=$(yc iam create-token)
export YC_CLOUD_ID=$(yc config get cloud-id)
export YC_FOLDER_ID=$(yc config get folder-id)

Requirements

Name Version
terraform >= 1.0.0
yandex > 0.8

Providers

Name Version
yandex 0.115.0

Modules

No modules.

Resources

Name Type
yandex_vpc_default_security_group.default_sg resource
yandex_vpc_gateway.egress_gateway resource
yandex_vpc_network.this resource
yandex_vpc_route_table.private resource
yandex_vpc_route_table.public resource
yandex_vpc_subnet.private resource
yandex_vpc_subnet.public resource
yandex_client_config.client data source

Inputs

Name Description Type Default Required
create_nat_gw Create a NAT gateway for internet access from private subnets bool true no
create_sg Shows whether а security group for VCP object should be created bool true no
create_vpc Shows whether a VCP object should be created. If false, an existing vpc_id is required. bool true no
domain_name Domain name to be added to DHCP options string "internal." no
domain_name_servers Domain name servers to be added to DHCP options. Only ip addresses can be used list(string) [] no
folder_id Folder ID where the resources will be created string null no
labels Set of key/value label pairs to assign. map(string) 
{
  "created_by": "terraform yc module"
}
 no
network_description Optional description of this resource. Provide this property when you create the resource. string "terraform-created" no
network_name Prefix to be used with all the resources as an identifier string n/a yes
ntp_servers NTP Servers for subnets. Only ip addresses can be used list(string) [] no
private_subnets "Describe your private subnet preferences. For VMs without public IPs but with or without NAT gateway. For Multi-Folder VPC add folder_id to subnet object"
private_subnets = [
{
"v4_cidr_blocks" : ["10.221.0.0/16"],
"zone" : "ru-central1-a"
},
{
"v4_cidr_blocks" : ["10.231.0.0/16"],
"zone" : "ru-central1-b"
"folder_id" : "xxxxxxx" # For Multi-Folder VPC
},
]		 any null no
public_subnets "Describe your public subnet preferences. For VMs with public IPs. For Multi-Folder VPC add folder_ids to subnet objects"
Example:
public_subnets = [
{
"v4_cidr_blocks" : ["10.121.0.0/16", "10.122.0.0/16"],
"zone" : "ru-central1-a"
},
{
"v4_cidr_blocks" : ["10.131.0.0/16"],
"zone" : "ru-central1-b"
"folder_id" : "xxxxxxx" # For Multi-Folder VPC
},
]		 any null no
routes_private_subnets Describe your route preferences for public subnets 
list(object({
    destination_prefix = string
    next_hop_address   = string
  }))
 null no
routes_public_subnets Describe your route preferences for public subnets 
list(object({
    destination_prefix = string
    next_hop_address   = string
  }))
 null no
vpc_id Existing network_id (vpc-id) where resources will be created string null no

Outputs

Name Description
private_subnets Map of private subnets: key = first v4_cidr_block
private_v4_cidr_blocks List of v4_cidr_blocks used in the VPC network
public_subnets Map of public subnets: key = first v4_cidr_block
public_v4_cidr_blocks List of v4_cidr_blocks used in the VPC network
vpc_id ID of the created network for internal communications