• Stars
    star
    111
  • Rank 314,510 (Top 7 %)
  • Language HCL
  • License
    Apache License 2.0
  • Created about 7 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Terraform module to create AWS VPN gateway resources ๐Ÿ‡บ๐Ÿ‡ฆ

AWS VPN Gateway Terraform module

Terraform module which creates VPN gateway resources on AWS.

Features

This module creates:

  • a VPN Connection unless create_vpn_connection = false
  • a VPN Gateway Attachment
  • one or more VPN Gateway Route Propagation depending on how many routing tables exists in a VPC
  • one or more VPN Connection Route if create_vpn_connection = true and vpn_connection_static_routes_only = true, and depending on the number of destinations provided in variable vpn_connection_static_routes_destinations (which must be inline with vpc_subnet_route_table_count)

This module does not create a VPN Gateway resource because it is meant to be used in combination with the VPC module that will create that resource (when enable_vpn_gateway = true). This module also does not create a Customer Gateway resource. This module will create static routes for the VPN Connection if configured to create a VPN Connection resource with static routes and destinations for the routes have been provided. The static routes will then be automatically propagated to the VPC subnet routing tables (provided in private_route_table_ids) once a VPN tunnel status is UP. When static routes are disabled, the appliance behind the Customer Gateway needs to support BGP routing protocol in order for routes to be automatically discovered, and subsequently propagated to the VPC subnet routing tables. This module supports optional parameters for tunnel inside cidr and preshared keys. They can be supplied individually, too.

If you want to use the Transit Gateway support you are responsible for creating the transit gateway resources (eg, using terraform-aws-transit-gateway module).

Usage

With VPC module

module "vpn_gateway" {
  source  = "terraform-aws-modules/vpn-gateway/aws"
  version = "~> 3.0"

  vpc_id                  = module.vpc.vpc_id
  vpn_gateway_id          = module.vpc.vgw_id
  customer_gateway_id     = module.vpc.cgw_ids[0]

  # precalculated length of module variable vpc_subnet_route_table_ids
  vpc_subnet_route_table_count = 3
  vpc_subnet_route_table_ids   = module.vpc.private_route_table_ids

  # tunnel inside cidr & preshared keys (optional)
  tunnel1_inside_cidr   = var.custom_tunnel1_inside_cidr
  tunnel2_inside_cidr   = var.custom_tunnel2_inside_cidr
  tunnel1_preshared_key = var.custom_tunnel1_preshared_key
  tunnel2_preshared_key = var.custom_tunnel2_preshared_key
}

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "~> 5.0"

  enable_vpn_gateway = true
  amazon_side_asn    = 64620

  customer_gateways = {
    IP1 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.10"
    },
    IP2 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.11"
    }
  }

  # ...
}

Without VPC module

module "vpn_gateway" {
  source  = "terraform-aws-modules/vpn-gateway/aws"
  version = "~> 3.0"

  vpn_gateway_id      = aws_vpn_gateway.vpn_gateway.id
  customer_gateway_id = aws_customer_gateway.main.id
  vpc_id              = aws_vpc.vpc.vpc_id

  vpc_subnet_route_table_count = 3
  vpc_subnet_route_table_ids   = ["rt-12322456", "rt-43433343", "rt-11223344"]

  # tunnel inside cidr & preshared keys (optional)
  tunnel1_inside_cidr   = var.custom_tunnel1_inside_cidr
  tunnel2_inside_cidr   = var.custom_tunnel2_inside_cidr
  tunnel1_preshared_key = var.custom_tunnel1_preshared_key
  tunnel2_preshared_key = var.custom_tunnel2_preshared_key
}

resource "aws_customer_gateway" "main" {
  bgp_asn    = 65000
  ip_address = "172.83.124.10"
  type       = "ipsec.1"

  tags {
    Name = "main-customer-gateway"
  }
}

resource "aws_vpc" "vpc" {
  # ...
}

resource "aws_vpn_gateway" "vpn_gateway" {
  vpc_id = aws_vpc.vpc.vpc_id

  # ...
}

With VPC module and Transit Gateway resources

module "vpn_gateway" {
  source  = "terraform-aws-modules/vpn-gateway/aws"
  version = "~> 3.0"

  create_vpn_gateway_attachment = false
  connect_to_transit_gateway    = true

  vpc_id                     = module.vpc.vpc_id
  transit_gateway_id         = aws_ec2_transit_gateway.this.id
  customer_gateway_id        = module.vpc.cgw_ids[0]

  # tunnel inside cidr & preshared keys (optional)
  tunnel1_inside_cidr   = var.custom_tunnel1_inside_cidr
  tunnel2_inside_cidr   = var.custom_tunnel2_inside_cidr
  tunnel1_preshared_key = var.custom_tunnel1_preshared_key
  tunnel2_preshared_key = var.custom_tunnel2_preshared_key
}

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "~> 5.0"

  enable_vpn_gateway = false
  amazon_side_asn    = 64620

  customer_gateways = {
    IP1 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.10"
    },
    IP2 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.11"
    }
  }

  # ...
}

resource "aws_ec2_transit_gateway" "this" {
  description = "My TGW"
}

resource "aws_ec2_transit_gateway_vpc_attachment" "this" {
  subnet_ids         = module.vpc.private_subnets
  vpc_id             = module.vpc.vpc_id
  transit_gateway_id = aws_ec2_transit_gateway.this.id
}

With VPC and Transit Gateway modules

module "vpn_gateway" {
  source  = "terraform-aws-modules/vpn-gateway/aws"
  version = "~> 3.0"

  create_vpn_gateway_attachment = false
  connect_to_transit_gateway    = true

  vpc_id                     = module.vpc.vpc_id
  transit_gateway_id         = module.tgw.ec2_transit_gateway_id
  customer_gateway_id        = module.vpc.cgw_ids[0]

  # tunnel inside cidr & preshared keys (optional)
  tunnel1_inside_cidr   = var.custom_tunnel1_inside_cidr
  tunnel2_inside_cidr   = var.custom_tunnel2_inside_cidr
  tunnel1_preshared_key = var.custom_tunnel1_preshared_key
  tunnel2_preshared_key = var.custom_tunnel2_preshared_key
}

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "~> 5.0"

  enable_vpn_gateway = false
  amazon_side_asn    = 64620

  customer_gateways = {
    IP1 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.10"
    },
    IP2 = {
      bgp_asn    = 65220
      ip_address = "172.83.124.11"
    }
  }

  # ...
}

module "tgw" {
  source  = "terraform-aws-modules/transit-gateway/aws"
  version = "~> 2.0"

  name            = "my-tgw"
  description     = "My TGW shared with several other AWS accounts"
  amazon_side_asn = 64532

  vpc_attachments = {
    vpc1 = {
      vpc_id      = "vpc-12345678" # module.vpc.vpc_id <- will not work since computed values can't be used in `count`
      subnet_ids  = ["subnet-123456", "subnet-111222233"] # module.vpc.public_subnets <- will not work since computed values can't be used in `count`
      dns_support = true

      tgw_routes = [
        {
          destination_cidr_block = "30.0.0.0/16"
        },
        {
          blackhole              = true
          destination_cidr_block = "0.0.0.0/0"
        }
      ]
    }
  }
}

Examples

Requirements

Name Version
terraform >= 1.0
aws >= 4.66

Providers

Name Version
aws >= 4.66

Modules

No modules.

Resources

Name Type
aws_vpn_connection.default resource
aws_vpn_connection.preshared resource
aws_vpn_connection.tunnel resource
aws_vpn_connection.tunnel_preshared resource
aws_vpn_connection_route.default resource
aws_vpn_gateway_attachment.default resource
aws_vpn_gateway_route_propagation.private_subnets_vpn_routing resource

Inputs

Name Description Type Default Required
connect_to_transit_gateway Set to false to disable attachment of the VPN connection route to the VPN connection (TGW uses another resource for that) bool false no
create_vpn_connection Set to false to prevent the creation of a VPN Connection. bool true no
create_vpn_gateway_attachment Set to false to prevent attachment of the VGW to the VPC bool true no
customer_gateway_id The id of the Customer Gateway. string n/a yes
local_ipv4_network_cidr (Optional) The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection. string null no
local_ipv6_network_cidr (Optional) The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection. string null no
remote_ipv4_network_cidr (Optional) The IPv4 CIDR on the AWS side of the VPN connection. string null no
remote_ipv6_network_cidr (Optional) The IPv6 CIDR on AWS side of the VPN connection. string null no
tags Set of tags to be added to the VPN Connection resource (only if create_vpn_connection = true). map(string) {} no
transit_gateway_id The ID of the Transit Gateway. string null no
tunnel1_dpd_timeout_action (Optional, Default clear) The action to take after DPD timeout occurs for the first VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are clear | none | restart string null no
tunnel1_dpd_timeout_seconds (Optional, Default 30) The number of seconds after which a DPD timeout occurs for the first VPN tunnel. Valid value is equal or higher than 30 number null no
tunnel1_enable_tunnel_lifecycle_control (Optional) Turn on or off tunnel endpoint lifecycle control feature for the first VPN tunnel. Valid values are true | false bool null no
tunnel1_ike_versions (Optional) The IKE versions that are permitted for the first VPN tunnel. Valid values are ikev1 | ikev2 list(string) null no
tunnel1_inside_cidr The CIDR block of the inside IP addresses for the first VPN tunnel. string "" no
tunnel1_log_options (Optional) Options for sending VPN tunnel logs to CloudWatch. any {} no
tunnel1_phase1_dh_group_numbers (Optional) List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 list(number) null no
tunnel1_phase1_encryption_algorithms (Optional) List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 list(string) null no
tunnel1_phase1_integrity_algorithms (Optional) One or more integrity algorithms that are permitted for the first VPN tunnel for phase 1 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512 list(string) null no
tunnel1_phase1_lifetime_seconds (Optional, Default 28800) The lifetime for phase 1 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between 900 and 28800 number null no
tunnel1_phase2_dh_group_numbers (Optional) List of one or more Diffie-Hellman group numbers that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 list(number) null no
tunnel1_phase2_encryption_algorithms (Optional) List of one or more encryption algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 list(string) null no
tunnel1_phase2_integrity_algorithms (Optional) List of one or more integrity algorithms that are permitted for the first VPN tunnel for phase 2 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512 list(string) null no
tunnel1_phase2_lifetime_seconds (Optional, Default 3600) The lifetime for phase 2 of the IKE negotiation for the first VPN tunnel, in seconds. Valid value is between 900 and 3600 number null no
tunnel1_preshared_key The preshared key of the first VPN tunnel. string "" no
tunnel1_rekey_fuzz_percentage (Optional, Default 100) The percentage of the rekey window for the first VPN tunnel (determined by tunnel1_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100 number null no
tunnel1_rekey_margin_time_seconds (Optional, Default 540) The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the first VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for tunnel1_rekey_fuzz_percentage. Valid value is between 60 and half of tunnel1_phase2_lifetime_seconds number null no
tunnel1_replay_window_size (Optional, Default 1024) The number of packets in an IKE replay window for the first VPN tunnel. Valid value is between 64 and 2048. number null no
tunnel1_startup_action (Optional, Default add) The action to take when the establishing the tunnel for the first VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are add | start string null no
tunnel2_dpd_timeout_action (Optional, Default clear) The action to take after DPD timeout occurs for the second VPN tunnel. Specify restart to restart the IKE initiation. Specify clear to end the IKE session. Valid values are clear | none | restart string null no
tunnel2_dpd_timeout_seconds (Optional, Default 30) The number of seconds after which a DPD timeout occurs for the second VPN tunnel. Valid value is equal or higher than 30 number null no
tunnel2_enable_tunnel_lifecycle_control (Optional) Turn on or off tunnel endpoint lifecycle control feature for the second VPN tunnel. Valid values are true | false bool null no
tunnel2_ike_versions (Optional) The IKE versions that are permitted for the second VPN tunnel. Valid values are ikev1 | ikev2 list(string) null no
tunnel2_inside_cidr The CIDR block of the inside IP addresses for the second VPN tunnel. string "" no
tunnel2_log_options (Optional) Options for sending VPN tunnel logs to CloudWatch. any {} no
tunnel2_phase1_dh_group_numbers (Optional) List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are 2 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 list(number) null no
tunnel2_phase1_encryption_algorithms (Optional) List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 list(string) null no
tunnel2_phase1_integrity_algorithms (Optional) One or more integrity algorithms that are permitted for the second VPN tunnel for phase 1 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512 list(string) null no
tunnel2_phase1_lifetime_seconds (Optional, Default 28800) The lifetime for phase 1 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between 900 and 28800 number null no
tunnel2_phase2_dh_group_numbers (Optional) List of one or more Diffie-Hellman group numbers that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are 2 | 5 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 list(number) null no
tunnel2_phase2_encryption_algorithms (Optional) List of one or more encryption algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are AES128 | AES256 | AES128-GCM-16 | AES256-GCM-16 list(string) null no
tunnel2_phase2_integrity_algorithms (Optional) List of one or more integrity algorithms that are permitted for the second VPN tunnel for phase 2 IKE negotiations. Valid values are SHA1 | SHA2-256 | SHA2-384 | SHA2-512 list(string) null no
tunnel2_phase2_lifetime_seconds (Optional, Default 3600) The lifetime for phase 2 of the IKE negotiation for the second VPN tunnel, in seconds. Valid value is between 900 and 3600 number null no
tunnel2_preshared_key The preshared key of the second VPN tunnel. string "" no
tunnel2_rekey_fuzz_percentage (Optional, Default 100) The percentage of the rekey window for the second VPN tunnel (determined by tunnel1_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100 number null no
tunnel2_rekey_margin_time_seconds (Optional, Default 540) The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for tunnel2_rekey_fuzz_percentage. Valid value is between 60 and half of tunnel2_phase2_lifetime_seconds number null no
tunnel2_replay_window_size (Optional, Default 1024) The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between 64 and 2048. number null no
tunnel2_startup_action (Optional, Default add) The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are add | start string null no
tunnel_inside_ip_version (Optional) Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are ipv4 | ipv6. ipv6 Supports only EC2 Transit Gateway. string "ipv4" no
vpc_id The id of the VPC where the VPN Gateway lives. string null no
vpc_subnet_route_table_count The number of subnet route table ids being passed in via vpc_subnet_route_table_ids. number 0 no
vpc_subnet_route_table_ids The ids of the VPC subnets for which routes from the VPN Gateway will be propagated. list(string) [] no
vpn_connection_static_routes_destinations List of CIDRs to be used as destination for static routes (used with vpn_connection_static_routes_only = true). Routes to destinations set here will be propagated to the routing tables of the subnets defined in vpc_subnet_route_table_ids. list(string) [] no
vpn_connection_static_routes_only Set to true for the created VPN connection to use static routes exclusively (only if create_vpn_connection = true). Static routes must be used for devices that don't support BGP. bool false no
vpn_gateway_id The id of the VPN Gateway. string null no

Outputs

Name Description
tunnel1_preshared_key The preshared key of the first VPN tunnel.
tunnel2_preshared_key The preshared key of the second VPN tunnel.
vpn_connection_customer_gateway_configuration The configuration information for the VPN connection's customer gateway (in the native XML format) if create_vpn_connection = true, or empty otherwise
vpn_connection_id A list with the VPN Connection ID if create_vpn_connection = true, or empty otherwise
vpn_connection_transit_gateway_attachment_id The transit gateway attachment ID that was generated when attaching this VPN connection.
vpn_connection_tunnel1_address A list with the the public IP address of the first VPN tunnel if create_vpn_connection = true, or empty otherwise
vpn_connection_tunnel1_cgw_inside_address A list with the the RFC 6890 link-local address of the first VPN tunnel (Customer Gateway Side) if create_vpn_connection = true, or empty otherwise
vpn_connection_tunnel1_vgw_inside_address A list with the the RFC 6890 link-local address of the first VPN tunnel (VPN Gateway Side) if create_vpn_connection = true, or empty otherwise
vpn_connection_tunnel2_address A list with the the public IP address of the second VPN tunnel if create_vpn_connection = true, or empty otherwise
vpn_connection_tunnel2_cgw_inside_address A list with the the RFC 6890 link-local address of the second VPN tunnel (Customer Gateway Side) if create_vpn_connection = true, or empty otherwise
vpn_connection_tunnel2_vgw_inside_address A list with the the RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side) if create_vpn_connection = true, or empty otherwise

Authors

Module is maintained by Anton Babenko with help from these awesome contributors.

License

Apache 2 Licensed. See LICENSE for full details.

More Repositories

1

terraform-aws-eks

Terraform module to create Amazon Elastic Kubernetes (EKS) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
4,372
star
2

terraform-aws-vpc

Terraform module to create AWS VPC resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
2,949
star
3

terraform-aws-lambda

Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
899
star
4

terraform-aws-rds

Terraform module to create AWS RDS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
879
star
5

terraform-aws-iam

Terraform module to create AWS IAM resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
779
star
6

terraform-aws-ec2-instance

Terraform module to create AWS EC2 instance(s) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
751
star
7

terraform-aws-security-group

Terraform module to create AWS Security Group resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
563
star
8

terraform-aws-ecs

Terraform module to create AWS ECS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
555
star
9

terraform-aws-atlantis

Terraform module to deploy Atlantis on AWS Fargate ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
519
star
10

terraform-aws-s3-bucket

Terraform module to create AWS S3 resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
511
star
11

terraform-aws-notify-slack

Terraform module to create AWS resources for sending notifications to Slack ๐Ÿ‡บ๐Ÿ‡ฆ
Python
466
star
12

terraform-aws-alb

Terraform module to create AWS Application/Network Load Balancer (ALB/NLB) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
433
star
13

terraform-aws-rds-aurora

Terraform module to create AWS RDS Aurora resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
384
star
14

terraform-aws-autoscaling

Terraform module to create AWS Auto Scaling resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
292
star
15

terraform-aws-pricing

Terraform module which calculates price of AWS infrastructure (from Terraform state and plan) ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
183
star
16

terraform-aws-acm

Terraform module to create AWS ACM resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
182
star
17

terraform-aws-cloudwatch

Terraform module to create AWS Cloudwatch resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
163
star
18

terraform-aws-elb

Terraform module to create AWS ELB resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
148
star
19

terraform-aws-apigateway-v2

Terraform module to create AWS API Gateway v2 (HTTP/WebSocket) ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
146
star
20

terraform-aws-eventbridge

Terraform module to create AWS EventBridge resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
142
star
21

terraform-aws-transit-gateway

Terraform module to create AWS Transit Gateway resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
141
star
22

terraform-aws-route53

Terraform module to create AWS Route53 resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
126
star
23

terraform-aws-cloudfront

Terraform module to create AWS CloudFront resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
119
star
24

terraform-aws-dynamodb-table

Terraform module to create AWS DynamoDB resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
100
star
25

terraform-aws-sns

Terraform module to create AWS SNS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
95
star
26

terraform-aws-sqs

Terraform module to create AWS SQS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
92
star
27

terraform-aws-key-pair

Terraform module to create AWS EC2 key pair resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
83
star
28

terraform-aws-redshift

Terraform module to create AWS Redshift resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
81
star
29

meta

Meta-configurations for repositories, teams, files in terraform-aws-modules organization ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
76
star
30

terraform-aws-solutions

Set of standalone and reusable AWS/DevOps solutions implemented as Terraform modules ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
75
star
31

terraform-aws-step-functions

Terraform module to create AWS Step Functions ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
70
star
32

terraform-aws-dms

Terraform module to create AWS DMS (Database Migration Service) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
62
star
33

terraform-aws-rds-proxy

Terraform module to create AWS RDS Proxy resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
56
star
34

terraform-aws-msk-kafka-cluster

Terraform module to create AWS MSK (Managed Streaming for Kafka) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
55
star
35

terraform-aws-datadog-forwarders

Terraform module to create resources on AWS to forward logs/metrics to Datadog ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
53
star
36

terraform-aws-eks-pod-identity

Terraform module to create AWS EKS Pod Identity resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
52
star
37

terraform-aws-appsync

Terraform module to create AWS AWS AppSync resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
50
star
38

terraform-aws-kms

Terraform module to create AWS KMS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
49
star
39

terraform-aws-ecr

Terraform module to create AWS ECR resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
49
star
40

terraform-aws-managed-service-grafana

Terraform module to create AWS Managed Service for Grafana (AMG) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
36
star
41

terraform-aws-batch

Terraform module to create AWS Batch resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
35
star
42

terraform-aws-app-runner

Terraform module to create AWS App Runner resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
32
star
43

terraform-aws-secrets-manager

Terraform module to create AWS Secrets Manager resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
28
star
44

terraform-aws-appconfig

Terraform module to create AWS AppConfig resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
27
star
45

terraform-aws-managed-service-prometheus

Terraform module to create AWS Managed Service for Prometheus (AMP) resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
26
star
46

terraform-aws-efs

Terraform module to create AWS EFS resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
24
star
47

terraform-aws-emr

Terraform module to create AWS EMR resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
23
star
48

.github

Meta-GitHub repository for all terraform-aws-modules repositories ๐Ÿ‡บ๐Ÿ‡ฆ
22
star
49

terraform-aws-ssm-parameter

Terraform module to create AWS SSM Parameter resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
20
star
50

terraform-aws-s3-object

Terraform module which creates S3 object resources on AWS
HCL
17
star
51

terraform-aws-ebs-optimized

Terraform module to determine if an instance can be flagged for EBS optimization
HCL
17
star
52

terraform-aws-customer-gateway

Terraform module to create AWS Customer Gateway resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
17
star
53

terraform-aws-global-accelerator

Terraform module to create AWS Global Accelerator resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
16
star
54

terraform-aws-memory-db

Terraform module to create AWS MemoryDB resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
16
star
55

terraform-aws-opensearch

Terraform module to create AWS OpenSearch resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
15
star
56

terraform-aws-elasticache

Terraform module to create AWS ElastiCache resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
12
star
57

terraform-aws-network-firewall

Terraform module to create AWS Network Firewall resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
12
star
58

terraform-aws-fsx

Terraform module to create AWS FSx resources ๐Ÿ‡บ๐Ÿ‡ฆ
HCL
4
star
59

atlantis-demo

Demo repository for Atlantis
3
star