/terraform-aws-hcp

Terraform Module for Configuring AWS Components for HashiCorp Cloud Platform

Primary LanguageHCLMozilla Public License 2.0MPL-2.0

Terraform Module for AWS and HashiCorp Cloud Platform

This module configures the following components for HCP:

  • HashiCorp Virtual Network (HVN)
  • Routing tables and peering connection between an AWS VPC and HVN
  • (Optional) HashiCorp Cloud Platform (HCP) Consul cluster (development tier)
  • (Optional) Security groups rules to allow HCP Consul on AWS
  • (Optional) HashiCorp Cloud Platform (HCP) Vault cluster (development tier)

Prerequisites

You must have access to HashiCorp Cloud Platform (HCP). Create an HCP service principal before using the HCP Provider for Terraform.

Requirements

Name Version
terraform >=1.0
aws >= 5.22
hcp >= 0.75
random >= 3.5

Providers

Name Version
aws 5.22.0
hcp 0.75.0
random 3.5.1

Modules

No modules.

Resources

Name Type
aws_ec2_transit_gateway_vpc_attachment_accepter.this resource
aws_ram_principal_association.transit resource
aws_ram_resource_association.transit resource
aws_ram_resource_share.transit resource
aws_route.hvn resource
aws_security_group_rule.hcp_consul resource
aws_security_group_rule.hcp_consul_clients resource
aws_vpc_peering_connection_accepter.hvn resource
hcp_aws_network_peering.peer resource
hcp_aws_transit_gateway_attachment.transit resource
hcp_boundary_cluster.boundary resource
hcp_consul_cluster.consul resource
hcp_hvn.hvn resource
hcp_hvn_route.hvn resource
hcp_vault_cluster.vault resource
random_password.boundary resource
random_pet.boundary resource
aws_region.current data source

Inputs

Name Description Type Default Required
datadog_api_key Datadog API key for metrics and audit logs string null no
datadog_region Datadog API key for metrics and audit logs string null no
hcp_boundary_name Name for HCP Boundary cluster. If left as an empty string, a cluster will not be created. string null no
hcp_boundary_tier HCP Boundary Tier string "Standard" no
hcp_consul_datacenter Datacenter for HCP Consul cluster. If undefined, uses hcp_consul_name. string null no
hcp_consul_name Name for HCP Consul cluster. If left as an empty string, a cluster will not be created. string null no
hcp_consul_peering Enable peering of HCP Consul clusters bool false no
hcp_consul_primary_link self_link of the HCP Consul primary cluster for federation string null no
hcp_consul_public_endpoint Enable public endpoint for HCP Consul cluster. bool false no
hcp_consul_security_group_ids Security Group IDs to allow HCP Consul. list(string) [] no
hcp_consul_tier Tier for HCP Consul cluster. Must be development, standard, or plus. string "development" no
hcp_consul_version Minimum Consul version. Defaults to HCP recommendation. string null no
hcp_vault_name Name for HCP Vault cluster. If left as an empty string, a cluster will not be created. string null no
hcp_vault_paths_filter Path filter for HCP Vault performance replication. list(string) null no
hcp_vault_primary_link self_link of the HCP Vault primary cluster for performance replication. string null no
hcp_vault_public_endpoint Enable public endpoint for HCP Vault cluster. bool false no
hcp_vault_tier Tier for HCP Vault cluster. See pricing information string "dev" no
hcp_vault_version Minimum Vault version. Defaults to HCP recommendation. string null no
hvn_cidr_block CIDR Block of HashiCorp Virtual Network. Cannot overlap with vpc_cidr_block. string n/a yes
hvn_name Name of HashiCorp Virtual Network. string n/a yes
hvn_peer Peer HVN to VPC. bool false no
hvn_region AWS region for HashiCorp Virtual Network. string n/a yes
number_of_route_table_ids Number of routing table ids. Works around GH-4149. number 0 no
route_table_ids List of routing table IDs to route to HVN peering connection. list(string) [] no
tags Tags for AWS resources map(string) {} no
transit_gateway_arn Transit gateway ARN. string "" no
transit_gateway_id Transit gateway ID. string "" no
use_transit_gateway Use transit gateway for connecting HVN and VPC. bool false no
vpc_cidr_block CIDR Block of VPC. Cannot overlap with hvn_cidr_block. string "" no
vpc_id ID of VPC. string "" no
vpc_owner_id Owner ID of VPC. string "" no

Outputs

Name Description
boundary HCP Boundary cluster attributes
consul HCP Consul cluster attributes
hvn HVN attributes
vault HCP Vault cluster attributes