account_mode |
Account mode for provision cloudtrail, if account_mode is hub, will provision S3, KMS, CloudTrail. if account_mode is spoke, will provision only CloudTrail |
string |
n/a |
yes |
availability_zone |
A list of availability zones names or ids in the region |
list(string) |
n/a |
yes |
centralize_flow_log_bucket_lifecycle_rule |
List of lifecycle rules to transition the data. Leave empty to disable this feature. storage_class can be STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, or DEEP_ARCHIVE |
list(object({ id = string
transition = list(object({ days = number storage_class = string }))
expiration_days = number })) |
[] |
no |
centralize_flow_log_bucket_name |
S3 bucket for store Cloudtrail log (long terms), leave this default if account_mode is hub. If account_mode is spoke, please provide centrailize flow log S3 bucket name (hub). |
string |
"" |
no |
centralize_flow_log_kms_key_id |
The ARN for the KMS encryption key. Leave this default if account_mode is hub. If account_mode is spoke, please provide centrailize kms key arn (hub). |
string |
"" |
no |
cidr |
The CIDR block for the VPC |
string |
n/a |
yes |
database_subnets |
The CIDR block for the database subnets. |
list(string) |
[] |
no |
dhcp_options_domain_name |
Specifies DNS name for DHCP options set (requires enable_dhcp_options set to true) |
string |
"" |
no |
dhcp_options_domain_name_servers |
Specify a list of DNS server addresses for DHCP options set, default to AWS provided (requires enable_dhcp_options set to true) |
list(string) |
[ "AmazonProvidedDNS" ] |
no |
dhcp_options_netbios_name_servers |
Specify a list of netbios servers for DHCP options set (requires enable_dhcp_options set to true) |
list(string) |
[] |
no |
dhcp_options_netbios_node_type |
Specify netbios node_type for DHCP options set (requires enable_dhcp_options set to true) |
string |
"" |
no |
dhcp_options_ntp_servers |
Specify a list of NTP servers for DHCP options set (requires enable_dhcp_options set to true) |
list(string) |
[] |
no |
environment |
Environment Variable used as a prefix |
string |
n/a |
yes |
flow_log_retention_in_days |
Specifies the number of days you want to retain log events in the specified log group for VPC flow logs. |
number |
90 |
no |
instance_tenancy |
A tenancy option for instances launched into the VPC |
string |
"default" |
no |
is_create_database_subnet_route_table |
Whether to create database subnet or not |
bool |
true |
no |
is_create_flow_log |
Whether to create flow log. |
bool |
true |
no |
is_create_internet_gateway |
Whether to create igw or not |
bool |
true |
no |
is_create_nat_gateway |
Whether to create nat gatewat or not |
bool |
false |
no |
is_create_secondary_nat_gateway |
Whether to create private secondary nat gatewat or not |
bool |
false |
no |
is_create_vpc |
Whether to create vpc or not |
bool |
true |
no |
is_enable_dhcp_options |
Should be true if you want to specify a DHCP options set with a custom domain name, DNS servers, NTP servers, netbios servers, and/or netbios server type |
bool |
false |
no |
is_enable_dns_hostnames |
Should be true to enable DNS hostnames in the VPC |
bool |
false |
no |
is_enable_dns_support |
Should be true to enable DNS support in the VPC |
bool |
true |
no |
is_enable_eks_auto_discovery |
Tags public, private subnet to auto discovery |
bool |
true |
no |
is_enable_flow_log_s3_integration |
Whether to enable flow log S3 integration. |
bool |
true |
no |
is_enable_ipv6 |
Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. |
bool |
false |
no |
is_enable_single_nat_gateway |
Should be true if you want to provision a single shared NAT Gateway across all of your private networks |
bool |
false |
no |
is_map_public_ip_on_launch_public_subnet |
Specify true to indicate that instances launched into public subnets will be assigned a public IP address |
bool |
false |
no |
is_one_nat_gateway_per_az |
Enable multiple Nat gateway and public subnets with Multi-AZ |
bool |
false |
no |
prefix |
The prefix name of customer to be displayed in AWS console and resource |
string |
n/a |
yes |
private_subnets |
The CIDR block for the private subnets. |
list(string) |
n/a |
yes |
public_subnets |
The CIDR block for the public subnets. |
list(string) |
n/a |
yes |
secondary_cidr |
The Secondary CIDR block for the VPC |
string |
"" |
no |
secondary_subnets |
The CIDR block for the secondary subnets. |
list(string) |
[] |
no |
spoke_account_ids |
Spoke account Ids, if mode is hub. |
list(string) |
[] |
no |
tags |
Tags to add more; default tags contian {terraform=true, environment=var.environment} |
map(string) |
{} |
no |