Enhance VPC Module: Fully Variable-Driven, Conditional NAT/IGW, Multi-AZ & Flow Logs #23
Conversation
modified: DevOps-Project-01/infrastructure/modules/vpc/main.tf modified: DevOps-Project-01/infrastructure/modules/vpc/outputs.tf modified: DevOps-Project-01/infrastructure/modules/vpc/variables.tf
|
This PR updates the vpc module to make it production-ready and fully configurable. Key improvements include:
Added and cleaned variables in variables.tf: vpc_name, tags for flexible tagging enable_dns_support, enable_dns_hostnames for DNS flexibility enable_nat_gateway, nat_gateway_count for conditional NAT gateways enable_internet_gateway for optional IGW instance_tenancy for VPC tenancy option additional_subnets for extra subnets Removed duplicate variables and added default values for subnet lists.
Updated outputs.tf to include: vpc_name, public_subnet_cidrs, private_subnet_cidrs internet_gateway_id, public_route_table_ids, private_route_table_ids nat_gateway_elastic_ips
Made resources fully variable-driven. Conditional creation of Internet Gateway and NAT Gateways based on variables. Multi-AZ support for subnets (cycles AZs if needed). Merged custom tags (var.tags) for all resources. Added instance_tenancy support. VPC Flow Logs integrated with CloudWatch and IAM role/policy. Public and private route tables with automatic subnet associations.
Fully reusable across environments (dev/prod/staging). Cost-optimized by enabling/disabling NAT gateways and IGW. Observability through VPC Flow Logs. Cleaner, modular, and easier to maintain. Files Changed: variables.tf → cleaned, new variables added. outputs.tf → enhanced outputs for full integration. main.tf → fully rewritten to support variables, conditional resources, multi-AZ, and flow logs. Testing Instructions: Run terraform init and terraform plan in the vpc module folder. Verify that all resources are correctly configured according to variables. Optionally, test in dev environment with enable_nat_gateway = false and enable_internet_gateway = false. Notes: |
1 participant
This PR updates the vpc module to make it production-ready and fully configurable. Key improvements include:
Added and cleaned variables in variables.tf:
vpc_name, tags for flexible tagging
enable_dns_support, enable_dns_hostnames for DNS flexibility
enable_nat_gateway, nat_gateway_count for conditional NAT gateways
enable_internet_gateway for optional IGW
instance_tenancy for VPC tenancy option
additional_subnets for extra subnets
Removed duplicate variables and added default values for subnet lists.
Updated outputs.tf to include:
vpc_name, public_subnet_cidrs, private_subnet_cidrs
internet_gateway_id, public_route_table_ids, private_route_table_ids
nat_gateway_elastic_ips
Made resources fully variable-driven.
Conditional creation of Internet Gateway and NAT Gateways based on variables.
Multi-AZ support for subnets (cycles AZs if needed).
Merged custom tags (var.tags) for all resources.
Added instance_tenancy support.
VPC Flow Logs integrated with CloudWatch and IAM role/policy.
Public and private route tables with automatic subnet associations.
Fully reusable across environments (dev/prod/staging).
Cost-optimized by enabling/disabling NAT gateways and IGW.
Observability through VPC Flow Logs.
Cleaner, modular, and easier to maintain.
Files Changed:
variables.tf → cleaned, new variables added.
outputs.tf → enhanced outputs for full integration.
main.tf → fully rewritten to support variables, conditional resources, multi-AZ, and flow logs.
Testing Instructions:
Run terraform init and terraform plan in the vpc module folder.
Verify that all resources are correctly configured according to variables.
Optionally, test in dev environment with enable_nat_gateway = false and enable_internet_gateway = false.
Notes:
This PR does not change application code. It only improves infrastructure-as-code for better modularity and production readiness.