Created by: Kevon Mayers www.kevonmayers.com

Version 1.0.0

This module can dynamically create PUBLIC subnets, PRIVATE subnets, a custom VPC, Internet Gateway, NAT Gateway, Elastic IP (EIP), Route Tables, Subnet Associations, a Load Balancer (ALB, NLB, or both) and an Auto Scaling Group. The module uses Terraform's data source feature to fetch all AZs in whichever region you set in your provider block in your main.tf file. The subnets are then created from those AZs, mapped one-to-one starting from the first AZ in a region.

The default configuration for the module is to launch the following:

• Custom VPC - with your specified CIDR range. Default name is customvpc.

Every other resource and the amounts that you desire must be EXPLICITLY defined using the following variables:

• MAKE_CUSTOM_VPC - Enables VPC to be created. Default is TRUE. Set this to FALSE to bypass resource (but the point of this module is to make a custom VPC (and more!) so why would you do that 😉)
• CUSTOM_VPC_CIDR_BLOCK - (REQUIRED) - CIDR block used for Custom VPC.
• CUSTOM_VPC_NAME - (OPTIONAL) - Name tag for Custom VPC - default is customvpc.

• PUBLIC_SUBNET_COUNT - (OPTIONAL) - Number of PUBLIC subnets created.

• PUBLIC_SUBNET_CIDR - (REQUIRED if making public subnets) - CIDR ranges for each PUBLIC subnet created.

  IMPORTANT: Default value is set to "0.0.0.0/0" (all ips) to allow the module to run if creating only public or only private subnets. You must EXPLICITLY write your desired CIDR block for the code to properly run.

  IMPORTANT: The module evaluates the subnet CIDR block(s) as a list(array) multiple strings. Even if specifying only one CIDR block for one subnet, you must enclose your value in brackets for the code to properly run.

module "vpc-dynamic-subnets"{
 source = "./modules/vpc-dynamic-subnets" //location of the module
 // VPC
 CUSTOM_VPC_CIDR_BLOCK = "192.168.0.0/24"
 CUSTOM_VPC_NAME = "My_Custom_VPC"
 // PUBLIC SUBNET(S)
 PUBLIC_SUBNET_COUNT = 1
 PUBLIC_SUBNET_CIDR = ["192.168.0.0/24"]
 PUBLIC_SUBNET_NAME = "Kuwabara"
 // IGW - Required since making Public Subnets
 MAKE_IGW = true
 // Public RT
 MAKE_PUBLIC_RT = true
}

• PUBLIC_SUBNET_NAME - (OPTIONAL) - Name tag for PUBLIC subnet(s) created. Tag is YourSubnetName-pub-(count.index)+1 with the default being subnet-pub-(count.index)+1.

• PRIVATE_SUBNET_COUNT - (OPTIONAL) - Number of PRIVATE subnets created.

• PRIVATE_SUBNET_CIDR - (REQUIRED if making private subnets) - CIDR ranges for each PRIVATE subnet created.

  IMPORTANT: Default value is set to "0.0.0.0/0" (all ips) to allow the module to run if creating only public or only private subnets. You must EXPLICITLY write your desired CIDR block for the code to properly run.

  IMPORTANT: The module evaluates the subnet CIDR block(s) as a list(array) multiple strings. Even if specifying only one CIDR block for one subnet, you must enclose your value in brackets for the code to properly run.

module "vpc-dynamic-subnets"{
 source = "./modules/vpc-dynamic-subnets" //location of the module
 // VPC
 CUSTOM_VPC_CIDR_BLOCK = "192.168.0.0/24"
 CUSTOM_VPC_NAME = "My_Custom_VPC"
 // PUBLIC SUBNET - Necessary for NAT Gateway to be associated with
 PUBLIC_SUBNET_COUNT = 1
 PUBLIC_SUBNET_CIDR = ["192.168.0.0/25"]
 PUBLIC_SUBNET_NAME = "Sora"
 PRIVATE_SUBNET_COUNT = 1
 PRIVATE_SUBNET_CIDR = ["192.168.0.128/25"]
 PRIVATE_SUBNET_NAME = "Hei"
 // IGW - Required since making Public Subnet (used by NAT Instance)
 MAKE_IGW = true
 // NAT GW - Used by hosts deployed in Private Subnet
 MAKE_NAT_GW = true
 // EIP - Used by NAT Gateway
 MAKE_EIP = true
 // Public RT
 MAKE_PUBLIC_RT = true
 MAKE_PRIVATE_RT = true
}

• PRIVATE_SUBNET_NAME - (OPTIONAL) - Name tag for PRIVATE subnets created. Tag is YourSubnetName-priv-(count.index)+1 with the default being subnet-priv-(count.index)+1.

• MAKE_IGW - (REQUIRED if making public subnets) - Makes an Internet Gateway. Default is set to FALSE. Must set this to TRUE to create the resource. The name of the IGW will be YourCustomVPCName-igw. Note: an IGW is REQUIRED for a subnet to be considered public.

• MAKE_PUBLIC_RT - (REQUIRED if making public subnets) - Makes a custom Public Route Table. Default is set FALSE. Must set this to TRUE to create the resource. Default name is YourCustomVPCNAME-public-RT. IMPORTANT: to enable hosts in a public subnet to access the Internet, a route table with a route to the IGW is REQUIRED. If this resource is not created, the IGW will not be attached to any route table, and the hosts will not have Internet access.

• CUSTOM_VPC_PUBLIC_RT_CIDR_IPV4 - (OPTIONAL) - CIDR ranges for the Public RT created. Default is 0.0.0.0/0.

• MAKE_PRIVATE_RT - (REQUIRED if making private subnets) - Makes a Private Route Table. Default is set FALSE. Must set this to TRUE to create the resource. Default name is YourCustomVPCNAME-private-RT. IMPORTANT: to enable hosts in a private subnet to access the Internet, you will either need to create a NAT Gateway (recommended), NAT Instance, or use one of the hosts in a public subnet as a Bastion(Jump) Host. If using a NAT Gateway, a route table with a route to the NAT Gateway must be created.

• CUSTOM_VPC_PRIVATE_RT_CIDR_IPV4 - (REQUIRED if making private subnets) - CIDR ranges for the Private RT created. Default is 0.0.0.0/0.

• MAKE_NAT_GW - (OPTIONAL) - Enables NAT Gateway to be created. Set this to be false to ignore. Default is set to true. Default name is YourCustomVPCName-nat-gw.

• MAKE_EIP - (REQUIRED if making a NAT Gateway) - Enables EIP to be created. Default is FALSE. Must set this to TRUE to create resource. Default name is YourCustomVPCName-nat-eip.

module "vpc-dynamic-subnets"{
source = "./modules/vpc-dynamic-subnets" //location of the module
// VPC
CUSTOM_VPC_CIDR_BLOCK = "192.168.0.0/24"
CUSTOM_VPC_NAME = "My_Custom_VPC"
// PUBLIC SUBNET(S)
PUBLIC_SUBNET_COUNT = 2
PUBLIC_SUBNET_CIDR = ["192.168.0.0/26", "192.168.0.64/26"]
PUBLIC_SUBNET_NAME = "Yusuke"
// PRIVATE SUBNET(S)
PRIVATE_SUBNET_COUNT = 2
PRIVATE_SUBNET_CIDR = ["192.168.0.128/26", "192.168.0.192/26"]
PRIVATE_SUBNET_NAME = "Togoro"
// IGW - Required since making Public Subnets
MAKE_IGW = true
// Public RT
MAKE_PUBLIC_RT = true
//Private RT
MAKE_PRIVATE_RT = true
//Optional NAT Gateway
MAKE_NAT_GW = true
//Optional EIP (Necessary if making NAT Gateway)
MAKE_EIP = true
}

module "vpc-dynamic-subnets"{
source = "./modules/vpc-dynamic-subnets" //location of the module
 // VPC
CUSTOM_VPC_CIDR_BLOCK = "192.168.0.0/24"
CUSTOM_VPC_NAME = "My_Custom_VPC"
// PUBLIC SUBNET(S)
PUBLIC_SUBNET_COUNT = 2
PUBLIC_SUBNET_CIDR = ["192.168.0.0/25", "192.168.0.128/25"]
PUBLIC_SUBNET_NAME = "Kuwabara"
// PRIVATE SUBNET(S)
PRIVATE_SUBNET_COUNT = 0
MAKE_PRIVATE_RT = false
MAKE_EIP = false
MAKE_NAT_GW = false
}

The AZ for each subnet is dynamically set using Terraform's data source feature to fetch all AZs in whichever region you set in your provider block. The data source returns an array, or list, depending on which programming language you're familiar with. The subnets are then created from those AZs, mapped one-to-one starting from the first AZ in a region.

IMPORTANT! - If you set the count of a subnet to be greater than the amount of availbility zones for your selected region, the module will return to the beginning of the AZ list after iterating through it, and then continue down the list.

PUBLIC_SUBNET_COUNT = 4

Assumming you selected non-overlapping CIDR blocks, the following will be created:

• 1st Public Subnet: AZ - us-east-2a
• 2nd Public Subnet: AZ - us-east-2b
• 3rd Public Subnet: AZ - us-east-2c
• 4th Public Subnet: AZ - us-east-2a

PUBLIC_SUBNET_COUNT = 6

Assumming you selected non-overlapping CIDR blocks, the following will be created:

• 1st Public Subnet: AZ - us-east-1a
• 2nd Public Subnet: AZ - us-east-1b
• 3rd Public Subnet: AZ - us-east-1c
• 4th Public Subnet: AZ - us-east-1d
• 5th Public Subnet: AZ - us-east-1e
• 6th Public Subnet: AZ - us-east-1f

For more information, refer to Terraform's documentation on the element() function and the count Meta-Argument. https://www.terraform.io/docs/language/functions/element.html https://www.terraform.io/docs/language/meta-arguments/count.html

Ex. AWS_REGION = "us-east-1" (This region has 6 AZs) PUBLIC_SUBNET_COUNT = 6

When deciding on your CIDR ranges, keep in mind a few things:

• A VPC must be between a /16 and /28 range.

• CIDR ranges must not overlap

• Beyond the 2 IPs reserved for gateway and broadcast addresses, AWS reserves 3 additional addresses, so 5 in total.

• IMPORTANT: If you have a NAT Gateway, it must be attached to a public subnet. The NAT gateway will use 1 of the available IP addresses. So, for a public subnet with a NAT Gatway attached to it, it will have 1 available IP address less than public subnets without a NAT Gateway attached.

For more information on VPCs and Subnets, refer to AWS documentation. https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html

An Internet Gateway will automatically be created and the PUBLIC subnet(s) you create will be automatically associated with it. The default name for the Internet Gateway is YourCustomVPCName-igw.

For more information on Internet Gateways, refer to AWS documentation. https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html

When you set the value for the variable MAKE_PUBLIC_RT to TRUE, a custom Route Table will automatically be created with a route for the IGW. The custom public subnets will automatically be associated with this route table. This is separate from the default route table that is provided by AWS with every new VPC creation.

The default CIDR block for the route to IGW is 0.0.0.0/0 (all ips). You can change this by modifying the vaule of the variable named CUSTOM_VPC_PUBLIC_RT_CIDR_IPV4.

For more information on Route Tables, refer to AWS documentation. https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html

For a PUBLIC RT, the default name for the route table is YourCustomVPCName-public-RT. For a PRIVATE RT, the default name for the route table is YourCustomVPCName-private-RT.

When you set the value for the variable MAKE_NAT_GW to TRUE, a NAT Gateway will automatically be created and hosts deployed in PRIVATE subnets will be able to use it. The module creates only 1 NAT Gateway. To enable creation of the NAT Gateway, make sure you change the value of MAKE_NAT_GW from the default value of FALSE to TRUE. The default name for the NAT Gateway is YourCustomVPCName-nat-gw

For more information on NAT Gateways, refer to AWS documentation. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html

When you set the value for the variable MAKE_EIP to TRUE, an EIP will automatically be created and associated with the NAT Gateway. To enable creation of the EIP, make sure you change the value of MAKE_EIP from the default of FALSE to TRUE. The default name for the NAT Gateway is YourCustomVPCName-nat-eip

For more information on Elastic IPs (EIP), refer to AWS documentation. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html

When you set the value for the variable MAKE_PRIVATE_RT to TRUE, a custom Route table will automatically be created with a route for the NAT Gateway. The custom private subnets will automatically be associated with this route table. This is separate from the default route table that is provided by AWS with every new VPC creation. To enable creation of the route table for the PRIVATE subnets, make sure you change the value of MAKE_PRIVATE_RT from the default value of FALSE to TRUE.

The default CIDR block for the route to NAT Gateway is 0.0.0.0/0 (all ips). You can change this by modifying the vaule of the variable named CUSTOM_VPC_PRIVATE_RT_CIDR_IPV4.