diff --git a/.kitchen.yml b/.kitchen.yml
deleted file mode 100644
index beb517ea9..000000000
--- a/.kitchen.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-driver:
- name: "terraform"
- root_module_directory: "examples/test_fixture"
-
-provisioner:
- name: "terraform"
-
-platforms:
- - name: "aws"
-
-verifier:
- name: "awspec"
-
-suites:
- - name: "default"
- verifier:
- name: "awspec"
- patterns:
- - "test/integration/default/test_vpc.rb"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 656323b25..c34da9ee4 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,10 +1,13 @@
repos:
- repo: git://github.com/antonbabenko/pre-commit-terraform
- rev: v1.31.0
+ rev: v1.40.0
hooks:
- id: terraform_fmt
- id: terraform_docs
+ - id: terraform_tflint
+ args:
+ - '--args=--config=__GIT_WORKING_DIR__/.tflint.hcl'
- repo: git://github.com/pre-commit/pre-commit-hooks
- rev: v3.1.0
+ rev: v3.2.0
hooks:
- id: check-merge-conflict
diff --git a/.ruby-version b/.ruby-version
deleted file mode 100644
index 8e8299dcc..000000000
--- a/.ruby-version
+++ /dev/null
@@ -1 +0,0 @@
-2.4.2
diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 000000000..9ea79da1d
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,57 @@
+config {
+ deep_check = false
+ ignore_module = {}
+ varfile = []
+}
+
+rule "terraform_deprecated_interpolation" {
+ enabled = true
+}
+
+rule "terraform_deprecated_index" {
+ enabled = true
+}
+
+rule "terraform_unused_declarations" {
+ enabled = true
+}
+
+rule "terraform_comment_syntax" {
+ enabled = true
+}
+
+rule "terraform_documented_outputs" {
+ enabled = true
+}
+
+rule "terraform_documented_variables" {
+ enabled = true
+}
+
+rule "terraform_typed_variables" {
+ enabled = true
+}
+
+rule "terraform_module_pinned_source" {
+ enabled = true
+}
+
+rule "terraform_naming_convention" {
+ enabled = true
+}
+
+rule "terraform_required_version" {
+ enabled = true
+}
+
+rule "terraform_required_providers" {
+ enabled = true
+}
+
+rule "terraform_standard_module_structure" {
+ enabled = true
+}
+
+rule "terraform_workspace_remote" {
+ enabled = true
+}
diff --git a/Gemfile b/Gemfile
deleted file mode 100644
index f1de0394e..000000000
--- a/Gemfile
+++ /dev/null
@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-ruby '2.4.2'
-
-source 'https://rubygems.org/' do
- gem 'aws-sdk', '~> 3.0.1'
- gem 'awspec', '~> 1.4.0'
- gem 'kitchen-terraform', '~> 3.1'
- gem 'kitchen-verifier-awspec', '~> 0.1.1'
- gem 'rhcl', '~> 0.1.0'
-end
diff --git a/README.md b/README.md
index cd0ea5b27..dfed425d6 100644
--- a/README.md
+++ b/README.md
@@ -241,8 +241,8 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| access\_analyzer\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Access Analyzer endpoint | `list(string)` | `[]` | no |
| access\_analyzer\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Access Analyzer endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | `list(string)` | `[]` | no |
| acm\_pca\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for ACM PCA endpoint | `bool` | `false` | no |
-| acm\_pca\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for ACM PCA endpoint | `list` | `[]` | no |
-| acm\_pca\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for ACM PCA endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| acm\_pca\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for ACM PCA endpoint | `list(string)` | `[]` | no |
+| acm\_pca\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for ACM PCA endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| amazon\_side\_asn | The Autonomous System Number (ASN) for the Amazon side of the gateway. By default the virtual private gateway is created with the current default Amazon ASN. | `string` | `"64512"` | no |
| apigw\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for API GW endpoint | `bool` | `false` | no |
| apigw\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for API GW endpoint | `list(string)` | `[]` | no |
@@ -272,11 +272,11 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| cloudtrail\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for CloudTrail endpoint | `list(string)` | `[]` | no |
| cloudtrail\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for CloudTrail endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| codebuild\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for Codebuild endpoint | `bool` | `false` | no |
-| codebuild\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Codebuild endpoint | `list` | `[]` | no |
-| codebuild\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| codebuild\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Codebuild endpoint | `list(string)` | `[]` | no |
+| codebuild\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| codecommit\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for Codecommit endpoint | `bool` | `false` | no |
-| codecommit\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Codecommit endpoint | `list` | `[]` | no |
-| codecommit\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| codecommit\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Codecommit endpoint | `list(string)` | `[]` | no |
+| codecommit\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| codedeploy\_commands\_secure\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for CodeDeploy Commands Secure endpoint | `bool` | `false` | no |
| codedeploy\_commands\_secure\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for CodeDeploy Commands Secure endpoint | `list(string)` | `[]` | no |
| codedeploy\_commands\_secure\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for CodeDeploy Commands Secure endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
@@ -287,8 +287,8 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| codepipeline\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for CodePipeline endpoint | `list(string)` | `[]` | no |
| codepipeline\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for CodePipeline endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| config\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for config endpoint | `bool` | `false` | no |
-| config\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for config endpoint | `list` | `[]` | no |
-| config\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for config endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| config\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for config endpoint | `list(string)` | `[]` | no |
+| config\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for config endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| create\_database\_internet\_gateway\_route | Controls if an internet gateway route for public database access should be created | `bool` | `false` | no |
| create\_database\_nat\_gateway\_route | Controls if a nat gateway route should be created to give internet access to the database subnets | `bool` | `false` | no |
| create\_database\_subnet\_group | Controls if database subnet group should be created (n.b. database\_subnets must also be set) | `bool` | `true` | no |
@@ -311,7 +311,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| database\_route\_table\_tags | Additional tags for the database route tables | `map(string)` | `{}` | no |
| database\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on database subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
| database\_subnet\_group\_tags | Additional tags for the database subnet group | `map(string)` | `{}` | no |
-| database\_subnet\_ipv6\_prefixes | Assigns IPv6 database subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| database\_subnet\_ipv6\_prefixes | Assigns IPv6 database subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| database\_subnet\_suffix | Suffix to append to database subnets name | `string` | `"db"` | no |
| database\_subnet\_tags | Additional tags for the database subnets | `map(string)` | `{}` | no |
| database\_subnets | A list of database subnets | `list(string)` | `[]` | no |
@@ -376,7 +376,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| elasticache\_outbound\_acl\_rules | Elasticache subnets outbound network ACL rules | `list(map(string))` | [
{
"cidr_block": "0.0.0.0/0",
"from_port": 0,
"protocol": "-1",
"rule_action": "allow",
"rule_number": 100,
"to_port": 0
}
]
| no |
| elasticache\_route\_table\_tags | Additional tags for the elasticache route tables | `map(string)` | `{}` | no |
| elasticache\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on elasticache subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
-| elasticache\_subnet\_ipv6\_prefixes | Assigns IPv6 elasticache subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| elasticache\_subnet\_ipv6\_prefixes | Assigns IPv6 elasticache subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| elasticache\_subnet\_suffix | Suffix to append to elasticache subnets name | `string` | `"elasticache"` | no |
| elasticache\_subnet\_tags | Additional tags for the elasticache subnets | `map(string)` | `{}` | no |
| elasticache\_subnets | A list of elasticache subnets | `list(string)` | `[]` | no |
@@ -480,8 +480,8 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| flow\_log\_max\_aggregation\_interval | The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. Valid Values: `60` seconds or `600` seconds. | `number` | `600` | no |
| flow\_log\_traffic\_type | The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL. | `string` | `"ALL"` | no |
| git\_codecommit\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for Git Codecommit endpoint | `bool` | `false` | no |
-| git\_codecommit\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Git Codecommit endpoint | `list` | `[]` | no |
-| git\_codecommit\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Git Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| git\_codecommit\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Git Codecommit endpoint | `list(string)` | `[]` | no |
+| git\_codecommit\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Git Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| glue\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for Glue endpoint | `bool` | `false` | no |
| glue\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for Glue endpoint | `list(string)` | `[]` | no |
| glue\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for Glue endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
@@ -493,7 +493,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| intra\_outbound\_acl\_rules | Intra subnets outbound network ACLs | `list(map(string))` | [
{
"cidr_block": "0.0.0.0/0",
"from_port": 0,
"protocol": "-1",
"rule_action": "allow",
"rule_number": 100,
"to_port": 0
}
]
| no |
| intra\_route\_table\_tags | Additional tags for the intra route tables | `map(string)` | `{}` | no |
| intra\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on intra subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
-| intra\_subnet\_ipv6\_prefixes | Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| intra\_subnet\_ipv6\_prefixes | Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| intra\_subnet\_suffix | Suffix to append to intra subnets name | `string` | `"intra"` | no |
| intra\_subnet\_tags | Additional tags for the intra subnets | `map(string)` | `{}` | no |
| intra\_subnets | A list of intra subnets | `list(string)` | `[]` | no |
@@ -526,7 +526,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| private\_outbound\_acl\_rules | Private subnets outbound network ACLs | `list(map(string))` | [
{
"cidr_block": "0.0.0.0/0",
"from_port": 0,
"protocol": "-1",
"rule_action": "allow",
"rule_number": 100,
"to_port": 0
}
]
| no |
| private\_route\_table\_tags | Additional tags for the private route tables | `map(string)` | `{}` | no |
| private\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on private subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
-| private\_subnet\_ipv6\_prefixes | Assigns IPv6 private subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| private\_subnet\_ipv6\_prefixes | Assigns IPv6 private subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| private\_subnet\_suffix | Suffix to append to private subnets name | `string` | `"private"` | no |
| private\_subnet\_tags | Additional tags for the private subnets | `map(string)` | `{}` | no |
| private\_subnets | A list of private subnets inside the VPC | `list(string)` | `[]` | no |
@@ -539,7 +539,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| public\_outbound\_acl\_rules | Public subnets outbound network ACLs | `list(map(string))` | [
{
"cidr_block": "0.0.0.0/0",
"from_port": 0,
"protocol": "-1",
"rule_action": "allow",
"rule_number": 100,
"to_port": 0
}
]
| no |
| public\_route\_table\_tags | Additional tags for the public route tables | `map(string)` | `{}` | no |
| public\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on public subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
-| public\_subnet\_ipv6\_prefixes | Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| public\_subnet\_ipv6\_prefixes | Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| public\_subnet\_suffix | Suffix to append to public subnets name | `string` | `"public"` | no |
| public\_subnet\_tags | Additional tags for the public subnets | `map(string)` | `{}` | no |
| public\_subnets | A list of public subnets inside the VPC | `list(string)` | `[]` | no |
@@ -556,7 +556,7 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| redshift\_route\_table\_tags | Additional tags for the redshift route tables | `map(string)` | `{}` | no |
| redshift\_subnet\_assign\_ipv6\_address\_on\_creation | Assign IPv6 address on redshift subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map\_public\_ip\_on\_launch | `bool` | `null` | no |
| redshift\_subnet\_group\_tags | Additional tags for the redshift subnet group | `map(string)` | `{}` | no |
-| redshift\_subnet\_ipv6\_prefixes | Assigns IPv6 redshift subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list` | `[]` | no |
+| redshift\_subnet\_ipv6\_prefixes | Assigns IPv6 redshift subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | `list(string)` | `[]` | no |
| redshift\_subnet\_suffix | Suffix to append to redshift subnets name | `string` | `"redshift"` | no |
| redshift\_subnet\_tags | Additional tags for the redshift subnets | `map(string)` | `{}` | no |
| redshift\_subnets | A list of redshift subnets | `list(string)` | `[]` | no |
@@ -592,8 +592,8 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
| sns\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for SNS endpoint | `list(string)` | `[]` | no |
| sns\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for SNS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| sqs\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for SQS endpoint | `bool` | `false` | no |
-| sqs\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for SQS endpoint | `list` | `[]` | no |
-| sqs\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for SQS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list` | `[]` | no |
+| sqs\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for SQS endpoint | `list(string)` | `[]` | no |
+| sqs\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for SQS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
| ssm\_endpoint\_private\_dns\_enabled | Whether or not to associate a private hosted zone with the specified VPC for SSM endpoint | `bool` | `false` | no |
| ssm\_endpoint\_security\_group\_ids | The ID of one or more security groups to associate with the network interface for SSM endpoint | `list(string)` | `[]` | no |
| ssm\_endpoint\_subnet\_ids | The ID of one or more subnets in which to create a network interface for SSM endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | `list(string)` | `[]` | no |
@@ -906,18 +906,6 @@ It is possible to integrate this VPC module with [terraform-aws-transit-gateway
-## Tests
-
-This module has been packaged with [awspec](https://github.com/k1LoW/awspec) tests through test kitchen. To run them:
-
-1. Install [rvm](https://rvm.io/rvm/install) and the ruby version specified in the [Gemfile](https://github.com/terraform-aws-modules/terraform-aws-vpc/tree/master/Gemfile).
-2. Install bundler and the gems from our Gemfile:
-```
-gem install bundler; bundle install
-```
-3. Test using `bundle exec kitchen test` from the root of the repo.
-
-
## Authors
Module is maintained by [Anton Babenko](https://github.com/antonbabenko) with help from [these awesome contributors](https://github.com/terraform-aws-modules/terraform-aws-vpc/graphs/contributors).
diff --git a/examples/complete-vpc/README.md b/examples/complete-vpc/README.md
index 34b4b9e8e..2afe52299 100644
--- a/examples/complete-vpc/README.md
+++ b/examples/complete-vpc/README.md
@@ -19,13 +19,16 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
| Name | Version |
|------|---------|
-| aws | n/a |
+| aws | >= 2.68, < 4.0 |
## Inputs
diff --git a/examples/complete-vpc/outputs.tf b/examples/complete-vpc/outputs.tf
index a0887de5e..9ad8c338a 100644
--- a/examples/complete-vpc/outputs.tf
+++ b/examples/complete-vpc/outputs.tf
@@ -67,20 +67,3 @@ output "this_customer_gateway" {
description = "Map of Customer Gateway attributes"
value = module.vpc.this_customer_gateway
}
-
-//
-//# VPC endpoints
-//output "vpc_endpoint_ec2_id" {
-// description = "The ID of VPC endpoint for EC2"
-// value = "${module.vpc.vpc_endpoint_ec2_id}"
-//}
-//
-//output "vpc_endpoint_ec2_network_interface_ids" {
-// description = "One or more network interfaces for the VPC Endpoint for EC2."
-// value = ["${module.vpc.vpc_endpoint_ec2_network_interface_ids}"]
-//}
-//
-//output "vpc_endpoint_ec2_dns_entry" {
-// description = "The DNS entries for the VPC Endpoint for EC2."
-// value = ["${module.vpc.vpc_endpoint_ec2_dns_entry}"]
-//}
diff --git a/examples/complete-vpc/variables.tf b/examples/complete-vpc/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/complete-vpc/versions.tf b/examples/complete-vpc/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/complete-vpc/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/ipv6/README.md b/examples/ipv6/README.md
index 9d012ebf5..8e7237bfa 100644
--- a/examples/ipv6/README.md
+++ b/examples/ipv6/README.md
@@ -17,13 +17,16 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
| Name | Version |
|------|---------|
-| aws | n/a |
+| aws | >= 2.68, < 4.0 |
## Inputs
diff --git a/examples/ipv6/variables.tf b/examples/ipv6/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/ipv6/versions.tf b/examples/ipv6/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/ipv6/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/issue-108-route-already-exists/README.md b/examples/issue-108-route-already-exists/README.md
index fcff3a059..0834f2fd2 100644
--- a/examples/issue-108-route-already-exists/README.md
+++ b/examples/issue-108-route-already-exists/README.md
@@ -21,7 +21,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/issue-108-route-already-exists/variables.tf b/examples/issue-108-route-already-exists/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/issue-108-route-already-exists/versions.tf b/examples/issue-108-route-already-exists/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/issue-108-route-already-exists/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/issue-224-vpcendpoint-apigw/main.tf b/examples/issue-224-vpcendpoint-apigw/main.tf
deleted file mode 100644
index d91c10334..000000000
--- a/examples/issue-224-vpcendpoint-apigw/main.tf
+++ /dev/null
@@ -1,46 +0,0 @@
-provider "aws" {
- region = "us-east-1"
-}
-
-#################
-# Security group
-#################
-module "http_sg" {
- source = "terraform-aws-modules/security-group/aws//modules/http-80"
- version = "~> 3.0"
-
- name = "http-sg"
- description = "Security group with HTTP ports open for everybody (IPv4 CIDR), egress ports are all world open"
- vpc_id = module.vpc.vpc_id
-
- ingress_cidr_blocks = ["0.0.0.0/0"]
-}
-
-######
-# VPC
-######
-module "vpc" {
- source = "../../"
-
- name = "vpcendpoint-example"
-
- cidr = "10.15.0.0/16"
-
- azs = ["us-east-1a"]
- private_subnets = ["10.15.1.0/24"]
-
- enable_dns_hostnames = true
- enable_dns_support = true
-
- # VPC endpoint for API gateway
- enable_apigw_endpoint = true
- apigw_endpoint_security_group_ids = [module.http_sg.this_security_group_id]
- apigw_endpoint_private_dns_enabled = true
-
- tags = {
- Owner = "user"
- Environment = "test"
- Name = "test-224"
- }
-}
-
diff --git a/examples/issue-44-asymmetric-private-subnets/README.md b/examples/issue-44-asymmetric-private-subnets/README.md
index 8d4ec8055..f282aeb5d 100644
--- a/examples/issue-44-asymmetric-private-subnets/README.md
+++ b/examples/issue-44-asymmetric-private-subnets/README.md
@@ -19,7 +19,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/issue-44-asymmetric-private-subnets/variables.tf b/examples/issue-44-asymmetric-private-subnets/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/issue-44-asymmetric-private-subnets/versions.tf b/examples/issue-44-asymmetric-private-subnets/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/issue-44-asymmetric-private-subnets/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/issue-46-no-private-subnets/README.md b/examples/issue-46-no-private-subnets/README.md
index 07e8345fa..1a5408471 100644
--- a/examples/issue-46-no-private-subnets/README.md
+++ b/examples/issue-46-no-private-subnets/README.md
@@ -19,7 +19,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/issue-46-no-private-subnets/variables.tf b/examples/issue-46-no-private-subnets/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/issue-46-no-private-subnets/versions.tf b/examples/issue-46-no-private-subnets/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/issue-46-no-private-subnets/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/manage-default-vpc/README.md b/examples/manage-default-vpc/README.md
index 8a5536c4a..c559901d3 100644
--- a/examples/manage-default-vpc/README.md
+++ b/examples/manage-default-vpc/README.md
@@ -19,7 +19,10 @@ Run `terraform destroy` when you don't need these resources.
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/manage-default-vpc/variables.tf b/examples/manage-default-vpc/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/manage-default-vpc/versions.tf b/examples/manage-default-vpc/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/manage-default-vpc/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/network-acls/README.md b/examples/network-acls/README.md
index 2252fac6e..01204db06 100644
--- a/examples/network-acls/README.md
+++ b/examples/network-acls/README.md
@@ -21,7 +21,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/network-acls/outputs.tf b/examples/network-acls/outputs.tf
index 8bf1d7f48..4c590e764 100644
--- a/examples/network-acls/outputs.tf
+++ b/examples/network-acls/outputs.tf
@@ -10,11 +10,6 @@ output "vpc_cidr_block" {
value = module.vpc.vpc_cidr_block
}
-//output "vpc_ipv6_cidr_block" {
-// description = "The IPv6 CIDR block"
-// value = ["${module.vpc.vpc_ipv6_cidr_block}"]
-//}
-
# Subnets
output "private_subnets" {
description = "List of IDs of private subnets"
diff --git a/examples/network-acls/variables.tf b/examples/network-acls/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/network-acls/versions.tf b/examples/network-acls/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/network-acls/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/secondary-cidr-blocks/README.md b/examples/secondary-cidr-blocks/README.md
index 6a6ff1a67..b8ad1a61d 100644
--- a/examples/secondary-cidr-blocks/README.md
+++ b/examples/secondary-cidr-blocks/README.md
@@ -19,7 +19,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/secondary-cidr-blocks/variables.tf b/examples/secondary-cidr-blocks/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/secondary-cidr-blocks/versions.tf b/examples/secondary-cidr-blocks/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/secondary-cidr-blocks/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/simple-vpc/README.md b/examples/simple-vpc/README.md
index 98670b9ef..91ac840ef 100644
--- a/examples/simple-vpc/README.md
+++ b/examples/simple-vpc/README.md
@@ -23,13 +23,14 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
-| Name | Version |
-|------|---------|
-| aws | n/a |
+No provider.
## Inputs
diff --git a/examples/simple-vpc/main.tf b/examples/simple-vpc/main.tf
index 5f577ae8c..99bcb3da2 100644
--- a/examples/simple-vpc/main.tf
+++ b/examples/simple-vpc/main.tf
@@ -2,11 +2,6 @@ provider "aws" {
region = "eu-west-1"
}
-data "aws_security_group" "default" {
- name = "default"
- vpc_id = module.vpc.vpc_id
-}
-
module "vpc" {
source = "../../"
diff --git a/examples/simple-vpc/outputs.tf b/examples/simple-vpc/outputs.tf
index 251969ca2..288dc8729 100644
--- a/examples/simple-vpc/outputs.tf
+++ b/examples/simple-vpc/outputs.tf
@@ -10,11 +10,6 @@ output "vpc_cidr_block" {
value = module.vpc.vpc_cidr_block
}
-//output "vpc_ipv6_cidr_block" {
-// description = "The IPv6 CIDR block"
-// value = ["${module.vpc.vpc_ipv6_cidr_block}"]
-//}
-
# Subnets
output "private_subnets" {
description = "List of IDs of private subnets"
diff --git a/examples/simple-vpc/variables.tf b/examples/simple-vpc/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/simple-vpc/versions.tf b/examples/simple-vpc/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/simple-vpc/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/examples/test_fixture/README.md b/examples/test_fixture/README.md
deleted file mode 100644
index 622b06ce8..000000000
--- a/examples/test_fixture/README.md
+++ /dev/null
@@ -1,46 +0,0 @@
-# Test fixture of simple VPC
-
-Configuration in this directory creates a set of VPC resources to be tested by test kitchen.
-
-There is a public and private subnet created per availability zone in addition to single NAT Gateway shared between 2 availability zones.
-
-## Usage
-
-To run the tests, from the repo root execute:
-
-```bash
-$ kitchen test
-...
-Finished in 4.25 seconds (files took 2.75 seconds to load)
-20 examples, 0 failures
-
- Finished verifying (0m9.03s).
------> Kitchen is finished. (0m9.40s)
-```
-
-This will destroy any existing test resources, create the resources afresh, run the tests, report back, and destroy the resources.
-
-
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| aws | n/a |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| region | n/a | `string` | `"eu-west-1"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| region | Region we created the resources in. |
-
-
diff --git a/examples/test_fixture/main.tf b/examples/test_fixture/main.tf
deleted file mode 100644
index 5752aba2e..000000000
--- a/examples/test_fixture/main.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-provider "aws" {
- region = var.region
-}
-
-data "aws_availability_zones" "available" {
-}
-
-module "vpc" {
- source = "../.."
- name = "test-example"
- cidr = "10.0.0.0/16"
- azs = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]]
- private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
- public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
- enable_nat_gateway = true
- single_nat_gateway = true
-
- tags = {
- Owner = "user"
- Environment = "dev"
- }
-}
-
diff --git a/examples/test_fixture/outputs.tf b/examples/test_fixture/outputs.tf
deleted file mode 100644
index c6ec3716b..000000000
--- a/examples/test_fixture/outputs.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-output "region" {
- description = "Region we created the resources in."
- value = var.region
-}
-
diff --git a/examples/test_fixture/variables.tf b/examples/test_fixture/variables.tf
deleted file mode 100644
index f8455295f..000000000
--- a/examples/test_fixture/variables.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-variable "region" {
- default = "eu-west-1"
-}
-
diff --git a/examples/vpc-flow-logs/README.md b/examples/vpc-flow-logs/README.md
index 1b74fc296..47df9926b 100644
--- a/examples/vpc-flow-logs/README.md
+++ b/examples/vpc-flow-logs/README.md
@@ -21,14 +21,18 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
+| random | >= 2 |
## Providers
| Name | Version |
|------|---------|
-| aws | n/a |
-| random | n/a |
+| aws | >= 2.68, < 4.0 |
+| random | >= 2 |
## Inputs
diff --git a/examples/vpc-flow-logs/variables.tf b/examples/vpc-flow-logs/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/vpc-flow-logs/versions.tf b/examples/vpc-flow-logs/versions.tf
new file mode 100644
index 000000000..27fc5c58c
--- /dev/null
+++ b/examples/vpc-flow-logs/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ random = ">= 2"
+ }
+}
diff --git a/examples/vpc-separate-private-route-tables/README.md b/examples/vpc-separate-private-route-tables/README.md
index 6d8182325..88938f2d6 100644
--- a/examples/vpc-separate-private-route-tables/README.md
+++ b/examples/vpc-separate-private-route-tables/README.md
@@ -19,7 +19,10 @@ Note that this example may create resources which can cost money (AWS Elastic IP
## Requirements
-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.7, < 0.14 |
+| aws | >= 2.68, < 4.0 |
## Providers
diff --git a/examples/vpc-separate-private-route-tables/variables.tf b/examples/vpc-separate-private-route-tables/variables.tf
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/vpc-separate-private-route-tables/versions.tf b/examples/vpc-separate-private-route-tables/versions.tf
new file mode 100644
index 000000000..178df14b8
--- /dev/null
+++ b/examples/vpc-separate-private-route-tables/versions.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_version = ">= 0.12.7, < 0.14"
+
+ required_providers {
+ aws = ">= 2.68, < 4.0"
+ }
+}
diff --git a/outputs.tf b/outputs.tf
index ea5614817..3b3fe8b23 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -43,11 +43,6 @@ output "vpc_enable_dns_hostnames" {
value = concat(aws_vpc.this.*.enable_dns_hostnames, [""])[0]
}
-//output "vpc_enable_classiclink" {
-// description = "Whether or not the VPC has Classiclink enabled"
-// value = concat(aws_vpc.this.*.enable_classiclink, [""])[0]
-//}
-
output "vpc_main_route_table_id" {
description = "The ID of the main route table associated with this VPC"
value = concat(aws_vpc.this.*.main_route_table_id, [""])[0]
@@ -417,26 +412,11 @@ output "default_vpc_enable_dns_hostnames" {
value = concat(aws_default_vpc.this.*.enable_dns_hostnames, [""])[0]
}
-//output "default_vpc_enable_classiclink" {
-// description = "Whether or not the VPC has Classiclink enabled"
-// value = concat(aws_default_vpc.this.*.enable_classiclink, [""])[0]
-//}
-
output "default_vpc_main_route_table_id" {
description = "The ID of the main route table associated with this VPC"
value = concat(aws_default_vpc.this.*.main_route_table_id, [""])[0]
}
-//output "default_vpc_ipv6_association_id" {
-// description = "The association ID for the IPv6 CIDR block"
-// value = concat(aws_default_vpc.this.*.ipv6_association_id, [""])[0]
-//}
-//
-//output "default_vpc_ipv6_cidr_block" {
-// description = "The IPv6 CIDR block"
-// value = concat(aws_default_vpc.this.*.ipv6_cidr_block, [""])[0]
-//}
-
output "public_network_acl_id" {
description = "ID of the public network ACL"
value = concat(aws_network_acl.public.*.id, [""])[0]
diff --git a/test/integration/default/test_vpc.rb b/test/integration/default/test_vpc.rb
deleted file mode 100755
index 7a74a4518..000000000
--- a/test/integration/default/test_vpc.rb
+++ /dev/null
@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-require 'awspec'
-require 'aws-sdk'
-require 'rhcl'
-
-# should strive to randomize the region for more robust testing
-example_main = Rhcl.parse(File.open('examples/test_fixture/main.tf'))
-vpc_name = example_main['module']['vpc']['name']
-user_tag = example_main['module']['vpc']['tags']['Owner']
-environment_tag = example_main['module']['vpc']['tags']['Environment']
-state_file = 'terraform.tfstate.d/kitchen-terraform-default-aws/terraform.tfstate'
-tf_state = JSON.parse(File.open(state_file).read)
-region = tf_state['modules'][0]['outputs']['region']['value']
-ENV['AWS_REGION'] = region
-
-ec2 = Aws::EC2::Client.new(region: region)
-azs = ec2.describe_availability_zones
-zone_names = azs.to_h[:availability_zones].first(2).map { |az| az[:zone_name] }
-
-describe vpc(vpc_name.to_s) do
- it { should exist }
- it { should be_available }
- it { should have_tag('Name').value(vpc_name.to_s) }
- it { should have_tag('Owner').value(user_tag.to_s) }
- it { should have_tag('Environment').value(environment_tag.to_s) }
- it { should have_route_table("#{vpc_name}-public") }
- zone_names.each do |az|
- it { should have_route_table("#{vpc_name}-private-#{az}") }
- end
-end
-
-zone_names.each do |az|
- describe subnet("#{vpc_name}-public-#{az}") do
- it { should exist }
- it { should be_available }
- it { should belong_to_vpc(vpc_name.to_s) }
- it { should have_tag('Name').value("#{vpc_name}-public-#{az}") }
- it { should have_tag('Owner').value(user_tag.to_s) }
- it { should have_tag('Environment').value(environment_tag.to_s) }
- end
-end
diff --git a/variables.tf b/variables.tf
index c467ec682..821c614b9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -24,37 +24,37 @@ variable "enable_ipv6" {
variable "private_subnet_ipv6_prefixes" {
description = "Assigns IPv6 private subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
variable "public_subnet_ipv6_prefixes" {
description = "Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
variable "database_subnet_ipv6_prefixes" {
description = "Assigns IPv6 database subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
variable "redshift_subnet_ipv6_prefixes" {
description = "Assigns IPv6 redshift subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
variable "elasticache_subnet_ipv6_prefixes" {
description = "Assigns IPv6 elasticache subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
variable "intra_subnet_ipv6_prefixes" {
description = "Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"
- type = list
+ type = list(string)
default = []
}
@@ -324,101 +324,121 @@ variable "enable_s3_endpoint" {
variable "enable_codebuild_endpoint" {
description = "Should be true if you want to provision an Codebuild endpoint to the VPC"
+ type = bool
default = false
}
variable "codebuild_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for Codebuild endpoint"
+ type = list(string)
default = []
}
variable "codebuild_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "codebuild_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for Codebuild endpoint"
+ type = bool
default = false
}
variable "enable_codecommit_endpoint" {
description = "Should be true if you want to provision an Codecommit endpoint to the VPC"
+ type = bool
default = false
}
variable "codecommit_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for Codecommit endpoint"
+ type = list(string)
default = []
}
variable "codecommit_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "codecommit_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for Codecommit endpoint"
+ type = bool
default = false
}
variable "enable_git_codecommit_endpoint" {
description = "Should be true if you want to provision an Git Codecommit endpoint to the VPC"
+ type = bool
default = false
}
variable "git_codecommit_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for Git Codecommit endpoint"
+ type = list(string)
default = []
}
variable "git_codecommit_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for Git Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "git_codecommit_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for Git Codecommit endpoint"
+ type = bool
default = false
}
variable "enable_config_endpoint" {
description = "Should be true if you want to provision an config endpoint to the VPC"
+ type = bool
default = false
}
variable "config_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for config endpoint"
+ type = list(string)
default = []
}
variable "config_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for config endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "config_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for config endpoint"
+ type = bool
default = false
}
variable "enable_sqs_endpoint" {
description = "Should be true if you want to provision an SQS endpoint to the VPC"
+ type = bool
default = false
}
variable "sqs_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for SQS endpoint"
+ type = list(string)
default = []
}
variable "sqs_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for SQS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "sqs_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for SQS endpoint"
+ type = bool
default = false
}
@@ -1649,6 +1669,7 @@ variable "states_endpoint_private_dns_enabled" {
variable "enable_acm_pca_endpoint" {
description = "Should be true if you want to provision an ACM PCA endpoint to the VPC"
+ type = bool
default = false
}
@@ -1726,16 +1747,19 @@ variable "codedeploy_commands_secure_endpoint_private_dns_enabled" {
variable "acm_pca_endpoint_security_group_ids" {
description = "The ID of one or more security groups to associate with the network interface for ACM PCA endpoint"
+ type = list(string)
default = []
}
variable "acm_pca_endpoint_subnet_ids" {
description = "The ID of one or more subnets in which to create a network interface for ACM PCA endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."
+ type = list(string)
default = []
}
variable "acm_pca_endpoint_private_dns_enabled" {
description = "Whether or not to associate a private hosted zone with the specified VPC for ACM PCA endpoint"
+ type = bool
default = false
}
@@ -1759,11 +1783,13 @@ variable "enable_vpn_gateway" {
variable "vpn_gateway_id" {
description = "ID of VPN Gateway to attach to the VPC"
+ type = string
default = ""
}
variable "amazon_side_asn" {
description = "The Autonomous System Number (ASN) for the Amazon side of the gateway. By default the virtual private gateway is created with the current default Amazon ASN."
+ type = string
default = "64512"
}