Palo Alto Networks Subnet-Set Module for AWS
A Terraform module for deploying a subnet-set in AWS cloud. The "set" means that the module will create an identical/similar subnet in each specified Availability Zone.
Usage
module "vpc" {
source = "../../modules/vpc"
name = var.name
cidr_block = var.vpc_cidr_block
secondary_cidr_blocks = var.vpc_secondary_cidr_blocks
create_internet_gateway = true
global_tags = var.global_tags
vpc_tags = var.vpc_tags
security_groups = var.security_groups
}
module "subnet_sets" {
source = "../../modules/subnet_set"
for_each = toset(distinct([for _, v in var.subnets : v.set]))
name = each.key
cidrs = { for k, v in var.subnets : k => v if v.set == each.key }
vpc_id = module.vpc.id
}
Reference
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.5.0, < 2.0.0 |
| aws | ~> 5.17 |
Providers
| Name | Version |
|---|---|
| aws | ~> 5.17 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| aws_network_acl_association.main | resource |
| aws_route_table.shared | resource |
| aws_route_table.this | resource |
| aws_route_table_association.this | resource |
| aws_subnet.this | resource |
| aws_route_table.this | data source |
| aws_subnet.this | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cidrs | Map describing configuration of subnets and route tables to create and/or use in the set. Keys are CIDR blocks, values can consist of following items: - create_subnet - (Optional|bool) When true (default), subnet is created, otherwise existing one is used.- create_route_table - (Optional|bool) When true a dedicated route table is created, unless existing subnet is used.- associate_route_table - (Optional|bool) Unless set to false, route table is associated with the subnet.- existing_route_table_id - (Optional|string) Id of an existing route table to associate with the subnet.- name - (Optional|string) Name (tag) of a subnet and, optionally a route table, to create or use. Defaults to set name appended with zone letter id.- route_table_name - (Optional|string) Name (tag) of a subnet and, optionally a route table, to create or use. Defaults to name value.- ipv6_cidr_block - (Optional|string) IPv6 CIDR block. The subnet size must use a /64 prefix length.- map_public_ip_on_launch - (Optional|bool) Specify true to indicate that instances launched into the subnet should be assigned a public IP address.- local_tags - (Optional|map) Map of tags to assign to created resources. | map(any) | n/a | yes |
| create_shared_route_table | Boolean flag whether to create a shared route tables. | bool | false | no |
| global_tags | Optional map of arbitrary tags to apply to all the created resources. | map(string) | {} | no |
| has_secondary_cidrs | The input that depends on the secondary CIDR ranges of the VPC vpc_id. The actual value (true or false) is ignored, the input is used only to delay subnet creation until the secondary CIDR ranges are processed by Terraform. | bool | true | no |
| nacl_associations | NACLs associations with subnets | map(string) | {} | no |
| name | Subnet set name, used to construct default subnet names. | string | null | no |
| propagating_vgws | See the provider's documentation. | list(string) | [] | no |
| vpc_id | Id of the VPC to create resource in. | string | n/a | yes |
Outputs
| Name | Description |
|---|---|
| availability_zones | n/a |
| route_tables | n/a |
| subnet_names | n/a |
| subnets | n/a |
| unique_route_table_ids | n/a |
| vpc_id | n/a |