module "vpc" {
source = "../../../../"
name = "so.ai-vpc"
cidr = "xxxxxx"
azs = ["us-east-2a","us-east-2b"]
public_subnets = ["xxxxxx", "xxxxx"]
private_subnets = ["xxxxx","xxxx"]
enable_nat_gateway = true
enable_vpn_gateway = false
single_nat_gateway = true
one_nat_gateway_per_az = false
enable_ipv6 = false
enable_classiclink = false
enable_classiclink_dns_support = false
tags = {
Terraform = "true"
Environment = "dev"
}
vpc_tags = {
name = "dev-so.ai-vpc"
}
}| Name | Version |
|---|---|
| terraform | >= 0.12.6, < 0.14 |
| aws | ~> 2.57 |
| Name | Version |
|---|---|
| aws | ~> 2.57 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_analyzer_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Access Analyzer endpoint | bool |
false |
no |
| access_analyzer_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Access Analyzer endpoint | list(string) |
[] |
no |
| access_analyzer_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Access Analyzer endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| acm_pca_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ACM PCA endpoint | bool |
false |
no |
| acm_pca_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ACM PCA endpoint | list |
[] |
no |
| acm_pca_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| amazon_side_asn | The Autonomous System Number (ASN) for the Amazon side of the gateway. By default the virtual private gateway is created with the current default Amazon ASN. | string |
"64512" |
no |
| apigw_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for API GW endpoint | bool |
false |
no |
| apigw_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for API GW endpoint | list(string) |
[] |
no |
| apigw_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for API GW endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| appmesh_envoy_management_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for AppMesh endpoint | bool |
false |
no |
| appmesh_envoy_management_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for AppMesh endpoint | list(string) |
[] |
no |
| appmesh_envoy_management_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for AppMesh endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| appstream_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for AppStream endpoint | bool |
false |
no |
| appstream_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for AppStream endpoint | list(string) |
[] |
no |
| appstream_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for AppStream endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| assign_ipv6_address_on_creation | Assign IPv6 address on subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
false |
no |
| athena_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Athena endpoint | bool |
false |
no |
| athena_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Athena endpoint | list(string) |
[] |
no |
| athena_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Athena endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| auto_scaling_plans_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Auto Scaling Plans endpoint | bool |
false |
no |
| auto_scaling_plans_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Auto Scaling Plans endpoint | list(string) |
[] |
no |
| auto_scaling_plans_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Auto Scaling Plans endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| azs | A list of availability zones names or ids in the region | list(string) |
[] |
no |
| cidr | The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden | string |
"0.0.0.0/0" |
no |
| cloud_directory_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Cloud Directory endpoint | bool |
false |
no |
| cloud_directory_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Cloud Directory endpoint | list(string) |
[] |
no |
| cloud_directory_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Cloud Directory endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| cloudformation_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Cloudformation endpoint | bool |
false |
no |
| cloudformation_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Cloudformation endpoint | list(string) |
[] |
no |
| cloudformation_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Cloudformation endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| cloudtrail_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for CloudTrail endpoint | bool |
false |
no |
| cloudtrail_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for CloudTrail endpoint | list(string) |
[] |
no |
| cloudtrail_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for CloudTrail endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| codebuild_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Codebuild endpoint | bool |
false |
no |
| codebuild_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Codebuild endpoint | list |
[] |
no |
| codebuild_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| codecommit_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Codecommit endpoint | bool |
false |
no |
| codecommit_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Codecommit endpoint | list |
[] |
no |
| codecommit_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| codepipeline_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for CodePipeline endpoint | bool |
false |
no |
| codepipeline_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for CodePipeline endpoint | list(string) |
[] |
no |
| codepipeline_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for CodePipeline endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| config_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for config endpoint | bool |
false |
no |
| config_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for config endpoint | list |
[] |
no |
| config_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for config endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| create_database_internet_gateway_route | Controls if an internet gateway route for public database access should be created | bool |
false |
no |
| create_database_nat_gateway_route | Controls if a nat gateway route should be created to give internet access to the database subnets | bool |
false |
no |
| create_database_subnet_group | Controls if database subnet group should be created (n.b. database_subnets must also be set) | bool |
true |
no |
| create_database_subnet_route_table | Controls if separate route table for database should be created | bool |
false |
no |
| create_egress_only_igw | Controls if an Egress Only Internet Gateway is created and its related routes. | bool |
true |
no |
| create_elasticache_subnet_group | Controls if elasticache subnet group should be created | bool |
true |
no |
| create_elasticache_subnet_route_table | Controls if separate route table for elasticache should be created | bool |
false |
no |
| create_flow_log_cloudwatch_iam_role | Whether to create IAM role for VPC Flow Logs | bool |
false |
no |
| create_flow_log_cloudwatch_log_group | Whether to create CloudWatch log group for VPC Flow Logs | bool |
false |
no |
| create_igw | Controls if an Internet Gateway is created for public subnets and the related routes that connect them. | bool |
true |
no |
| create_redshift_subnet_group | Controls if redshift subnet group should be created | bool |
true |
no |
| create_redshift_subnet_route_table | Controls if separate route table for redshift should be created | bool |
false |
no |
| create_vpc | Controls if VPC should be created (it affects almost all resources) | bool |
true |
no |
| customer_gateway_tags | Additional tags for the Customer Gateway | map(string) |
{} |
no |
| customer_gateways | Maps of Customer Gateway's attributes (BGP ASN and Gateway's Internet-routable external IP address) | map(map(any)) |
{} |
no |
| database_acl_tags | Additional tags for the database subnets network ACL | map(string) |
{} |
no |
| database_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for database subnets | bool |
false |
no |
| database_inbound_acl_rules | Database subnets inbound network ACL rules | list(map(string)) |
[ |
no |
| database_outbound_acl_rules | Database subnets outbound network ACL rules | list(map(string)) |
[ |
no |
| database_route_table_tags | Additional tags for the database route tables | map(string) |
{} |
no |
| database_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on database subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| database_subnet_group_tags | Additional tags for the database subnet group | map(string) |
{} |
no |
| database_subnet_ipv6_prefixes | Assigns IPv6 database subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| database_subnet_suffix | Suffix to append to database subnets name | string |
"db" |
no |
| database_subnet_tags | Additional tags for the database subnets | map(string) |
{} |
no |
| database_subnets | A list of database subnets | list(string) |
[] |
no |
| datasync_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Data Sync endpoint | bool |
false |
no |
| datasync_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Data Sync endpoint | list(string) |
[] |
no |
| datasync_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Data Sync endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| default_network_acl_egress | List of maps of egress rules to set on the Default Network ACL | list(map(string)) |
[ |
no |
| default_network_acl_ingress | List of maps of ingress rules to set on the Default Network ACL | list(map(string)) |
[ |
no |
| default_network_acl_name | Name to be used on the Default Network ACL | string |
"" |
no |
| default_network_acl_tags | Additional tags for the Default Network ACL | map(string) |
{} |
no |
| default_security_group_egress | List of maps of egress rules to set on the default security group | list(map(string)) |
null |
no |
| default_security_group_ingress | List of maps of ingress rules to set on the default security group | list(map(string)) |
null |
no |
| default_security_group_name | Name to be used on the default security group | string |
"default" |
no |
| default_security_group_tags | Additional tags for the default security group | map(string) |
{} |
no |
| default_vpc_enable_classiclink | Should be true to enable ClassicLink in the Default VPC | bool |
false |
no |
| default_vpc_enable_dns_hostnames | Should be true to enable DNS hostnames in the Default VPC | bool |
false |
no |
| default_vpc_enable_dns_support | Should be true to enable DNS support in the Default VPC | bool |
true |
no |
| default_vpc_name | Name to be used on the Default VPC | string |
"" |
no |
| default_vpc_tags | Additional tags for the Default VPC | map(string) |
{} |
no |
| dhcp_options_domain_name | Specifies DNS name for DHCP options set (requires enable_dhcp_options set to true) | string |
"" |
no |
| dhcp_options_domain_name_servers | Specify a list of DNS server addresses for DHCP options set, default to AWS provided (requires enable_dhcp_options set to true) | list(string) |
[ |
no |
| dhcp_options_netbios_name_servers | Specify a list of netbios servers for DHCP options set (requires enable_dhcp_options set to true) | list(string) |
[] |
no |
| dhcp_options_netbios_node_type | Specify netbios node_type for DHCP options set (requires enable_dhcp_options set to true) | string |
"" |
no |
| dhcp_options_ntp_servers | Specify a list of NTP servers for DHCP options set (requires enable_dhcp_options set to true) | list(string) |
[] |
no |
| dhcp_options_tags | Additional tags for the DHCP option set (requires enable_dhcp_options set to true) | map(string) |
{} |
no |
| ebs_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EBS endpoint | bool |
false |
no |
| ebs_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EBS endpoint | list(string) |
[] |
no |
| ebs_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EBS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| ec2_autoscaling_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EC2 Autoscaling endpoint | bool |
false |
no |
| ec2_autoscaling_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EC2 Autoscaling endpoint | list(string) |
[] |
no |
| ec2_autoscaling_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EC2 Autoscaling endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ec2_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EC2 endpoint | bool |
false |
no |
| ec2_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EC2 endpoint | list(string) |
[] |
no |
| ec2_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EC2 endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ec2messages_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EC2MESSAGES endpoint | bool |
false |
no |
| ec2messages_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EC2MESSAGES endpoint | list(string) |
[] |
no |
| ec2messages_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EC2MESSAGES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ecr_api_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECR API endpoint | bool |
false |
no |
| ecr_api_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ECR API endpoint | list(string) |
[] |
no |
| ecr_api_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for ECR api endpoint. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ecr_dkr_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECR DKR endpoint | bool |
false |
no |
| ecr_dkr_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ECR DKR endpoint | list(string) |
[] |
no |
| ecr_dkr_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for ECR dkr endpoint. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ecs_agent_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECS Agent endpoint | bool |
false |
no |
| ecs_agent_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ECS Agent endpoint | list(string) |
[] |
no |
| ecs_agent_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for ECS Agent endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ecs_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECS endpoint | bool |
false |
no |
| ecs_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ECS endpoint | list(string) |
[] |
no |
| ecs_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for ECS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ecs_telemetry_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for ECS Telemetry endpoint | bool |
false |
no |
| ecs_telemetry_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for ECS Telemetry endpoint | list(string) |
[] |
no |
| ecs_telemetry_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for ECS Telemetry endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| efs_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EFS endpoint | bool |
false |
no |
| efs_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EFS endpoint | list(string) |
[] |
no |
| efs_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EFS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| elastic_inference_runtime_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Elastic Inference Runtime endpoint | bool |
false |
no |
| elastic_inference_runtime_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Elastic Inference Runtime endpoint | list(string) |
[] |
no |
| elastic_inference_runtime_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Elastic Inference Runtime endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| elasticache_acl_tags | Additional tags for the elasticache subnets network ACL | map(string) |
{} |
no |
| elasticache_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for elasticache subnets | bool |
false |
no |
| elasticache_inbound_acl_rules | Elasticache subnets inbound network ACL rules | list(map(string)) |
[ |
no |
| elasticache_outbound_acl_rules | Elasticache subnets outbound network ACL rules | list(map(string)) |
[ |
no |
| elasticache_route_table_tags | Additional tags for the elasticache route tables | map(string) |
{} |
no |
| elasticache_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on elasticache subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| elasticache_subnet_ipv6_prefixes | Assigns IPv6 elasticache subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| elasticache_subnet_suffix | Suffix to append to elasticache subnets name | string |
"elasticache" |
no |
| elasticache_subnet_tags | Additional tags for the elasticache subnets | map(string) |
{} |
no |
| elasticache_subnets | A list of elasticache subnets | list(string) |
[] |
no |
| elasticbeanstalk_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Elastic Beanstalk endpoint | bool |
false |
no |
| elasticbeanstalk_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Elastic Beanstalk endpoint | list(string) |
[] |
no |
| elasticbeanstalk_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Elastic Beanstalk endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| elasticbeanstalk_health_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Elastic Beanstalk Health endpoint | bool |
false |
no |
| elasticbeanstalk_health_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Elastic Beanstalk Health endpoint | list(string) |
[] |
no |
| elasticbeanstalk_health_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Elastic Beanstalk Health endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| elasticloadbalancing_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Elastic Load Balancing endpoint | bool |
false |
no |
| elasticloadbalancing_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Elastic Load Balancing endpoint | list(string) |
[] |
no |
| elasticloadbalancing_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Elastic Load Balancing endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| emr_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for EMR endpoint | bool |
false |
no |
| emr_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for EMR endpoint | list(string) |
[] |
no |
| emr_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for EMR endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| enable_access_analyzer_endpoint | Should be true if you want to provision an Access Analyzer endpoint to the VPC | bool |
false |
no |
| enable_acm_pca_endpoint | Should be true if you want to provision an ACM PCA endpoint to the VPC | bool |
false |
no |
| enable_apigw_endpoint | Should be true if you want to provision an api gateway endpoint to the VPC | bool |
false |
no |
| enable_appmesh_envoy_management_endpoint | Should be true if you want to provision a AppMesh endpoint to the VPC | bool |
false |
no |
| enable_appstream_endpoint | Should be true if you want to provision a AppStream endpoint to the VPC | bool |
false |
no |
| enable_athena_endpoint | Should be true if you want to provision a Athena endpoint to the VPC | bool |
false |
no |
| enable_auto_scaling_plans_endpoint | Should be true if you want to provision an Auto Scaling Plans endpoint to the VPC | bool |
false |
no |
| enable_classiclink | Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic. | bool |
null |
no |
| enable_classiclink_dns_support | Should be true to enable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic. | bool |
null |
no |
| enable_cloud_directory_endpoint | Should be true if you want to provision an Cloud Directory endpoint to the VPC | bool |
false |
no |
| enable_cloudformation_endpoint | Should be true if you want to provision a Cloudformation endpoint to the VPC | bool |
false |
no |
| enable_cloudtrail_endpoint | Should be true if you want to provision a CloudTrail endpoint to the VPC | bool |
false |
no |
| enable_codebuild_endpoint | Should be true if you want to provision an Codebuild endpoint to the VPC | bool |
false |
no |
| enable_codecommit_endpoint | Should be true if you want to provision an Codecommit endpoint to the VPC | bool |
false |
no |
| enable_codepipeline_endpoint | Should be true if you want to provision a CodePipeline endpoint to the VPC | bool |
false |
no |
| enable_config_endpoint | Should be true if you want to provision an config endpoint to the VPC | bool |
false |
no |
| enable_datasync_endpoint | Should be true if you want to provision an Data Sync endpoint to the VPC | bool |
false |
no |
| enable_dhcp_options | Should be true if you want to specify a DHCP options set with a custom domain name, DNS servers, NTP servers, netbios servers, and/or netbios server type | bool |
false |
no |
| enable_dns_hostnames | Should be true to enable DNS hostnames in the VPC | bool |
false |
no |
| enable_dns_support | Should be true to enable DNS support in the VPC | bool |
true |
no |
| enable_dynamodb_endpoint | Should be true if you want to provision a DynamoDB endpoint to the VPC | bool |
false |
no |
| enable_ebs_endpoint | Should be true if you want to provision an EBS endpoint to the VPC | bool |
false |
no |
| enable_ec2_autoscaling_endpoint | Should be true if you want to provision an EC2 Autoscaling endpoint to the VPC | bool |
false |
no |
| enable_ec2_endpoint | Should be true if you want to provision an EC2 endpoint to the VPC | bool |
false |
no |
| enable_ec2messages_endpoint | Should be true if you want to provision an EC2MESSAGES endpoint to the VPC | bool |
false |
no |
| enable_ecr_api_endpoint | Should be true if you want to provision an ecr api endpoint to the VPC | bool |
false |
no |
| enable_ecr_dkr_endpoint | Should be true if you want to provision an ecr dkr endpoint to the VPC | bool |
false |
no |
| enable_ecs_agent_endpoint | Should be true if you want to provision a ECS Agent endpoint to the VPC | bool |
false |
no |
| enable_ecs_endpoint | Should be true if you want to provision a ECS endpoint to the VPC | bool |
false |
no |
| enable_ecs_telemetry_endpoint | Should be true if you want to provision a ECS Telemetry endpoint to the VPC | bool |
false |
no |
| enable_efs_endpoint | Should be true if you want to provision an EFS endpoint to the VPC | bool |
false |
no |
| enable_elastic_inference_runtime_endpoint | Should be true if you want to provision an Elastic Inference Runtime endpoint to the VPC | bool |
false |
no |
| enable_elasticbeanstalk_endpoint | Should be true if you want to provision a Elastic Beanstalk endpoint to the VPC | bool |
false |
no |
| enable_elasticbeanstalk_health_endpoint | Should be true if you want to provision a Elastic Beanstalk Health endpoint to the VPC | bool |
false |
no |
| enable_elasticloadbalancing_endpoint | Should be true if you want to provision a Elastic Load Balancing endpoint to the VPC | bool |
false |
no |
| enable_emr_endpoint | Should be true if you want to provision an EMR endpoint to the VPC | bool |
false |
no |
| enable_events_endpoint | Should be true if you want to provision a CloudWatch Events endpoint to the VPC | bool |
false |
no |
| enable_flow_log | Whether or not to enable VPC Flow Logs | bool |
false |
no |
| enable_git_codecommit_endpoint | Should be true if you want to provision an Git Codecommit endpoint to the VPC | bool |
false |
no |
| enable_glue_endpoint | Should be true if you want to provision a Glue endpoint to the VPC | bool |
false |
no |
| enable_ipv6 | Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. | bool |
false |
no |
| enable_kinesis_firehose_endpoint | Should be true if you want to provision a Kinesis Firehose endpoint to the VPC | bool |
false |
no |
| enable_kinesis_streams_endpoint | Should be true if you want to provision a Kinesis Streams endpoint to the VPC | bool |
false |
no |
| enable_kms_endpoint | Should be true if you want to provision a KMS endpoint to the VPC | bool |
false |
no |
| enable_logs_endpoint | Should be true if you want to provision a CloudWatch Logs endpoint to the VPC | bool |
false |
no |
| enable_monitoring_endpoint | Should be true if you want to provision a CloudWatch Monitoring endpoint to the VPC | bool |
false |
no |
| enable_nat_gateway | Should be true if you want to provision NAT Gateways for each of your private networks | bool |
false |
no |
| enable_public_redshift | Controls if redshift should have public routing table | bool |
false |
no |
| enable_qldb_session_endpoint | Should be true if you want to provision an QLDB Session endpoint to the VPC | bool |
false |
no |
| enable_rekognition_endpoint | Should be true if you want to provision a Rekognition endpoint to the VPC | bool |
false |
no |
| enable_s3_endpoint | Should be true if you want to provision an S3 endpoint to the VPC | bool |
false |
no |
| enable_sagemaker_api_endpoint | Should be true if you want to provision a SageMaker API endpoint to the VPC | bool |
false |
no |
| enable_sagemaker_notebook_endpoint | Should be true if you want to provision a Sagemaker Notebook endpoint to the VPC | bool |
false |
no |
| enable_sagemaker_runtime_endpoint | Should be true if you want to provision a SageMaker Runtime endpoint to the VPC | bool |
false |
no |
| enable_secretsmanager_endpoint | Should be true if you want to provision an Secrets Manager endpoint to the VPC | bool |
false |
no |
| enable_servicecatalog_endpoint | Should be true if you want to provision a Service Catalog endpoint to the VPC | bool |
false |
no |
| enable_ses_endpoint | Should be true if you want to provision an SES endpoint to the VPC | bool |
false |
no |
| enable_sms_endpoint | Should be true if you want to provision an SMS endpoint to the VPC | bool |
false |
no |
| enable_sns_endpoint | Should be true if you want to provision a SNS endpoint to the VPC | bool |
false |
no |
| enable_sqs_endpoint | Should be true if you want to provision an SQS endpoint to the VPC | bool |
false |
no |
| enable_ssm_endpoint | Should be true if you want to provision an SSM endpoint to the VPC | bool |
false |
no |
| enable_ssmmessages_endpoint | Should be true if you want to provision a SSMMESSAGES endpoint to the VPC | bool |
false |
no |
| enable_states_endpoint | Should be true if you want to provision a Step Function endpoint to the VPC | bool |
false |
no |
| enable_storagegateway_endpoint | Should be true if you want to provision a Storage Gateway endpoint to the VPC | bool |
false |
no |
| enable_sts_endpoint | Should be true if you want to provision a STS endpoint to the VPC | bool |
false |
no |
| enable_transfer_endpoint | Should be true if you want to provision a Transfer endpoint to the VPC | bool |
false |
no |
| enable_transferserver_endpoint | Should be true if you want to provision a Transfer Server endpoint to the VPC | bool |
false |
no |
| enable_vpn_gateway | Should be true if you want to create a new VPN Gateway resource and attach it to the VPC | bool |
false |
no |
| enable_workspaces_endpoint | Should be true if you want to provision an Workspaces endpoint to the VPC | bool |
false |
no |
| events_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Events endpoint | bool |
false |
no |
| events_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for CloudWatch Events endpoint | list(string) |
[] |
no |
| events_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for CloudWatch Events endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| external_nat_ip_ids | List of EIP IDs to be assigned to the NAT Gateways (used in combination with reuse_nat_ips) | list(string) |
[] |
no |
| external_nat_ips | List of EIPs to be used for nat_public_ips output (used in combination with reuse_nat_ips and external_nat_ip_ids) |
list(string) |
[] |
no |
| flow_log_cloudwatch_iam_role_arn | The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group. When flow_log_destination_arn is set to ARN of Cloudwatch Logs, this argument needs to be provided. | string |
"" |
no |
| flow_log_cloudwatch_log_group_kms_key_id | The ARN of the KMS Key to use when encrypting log data for VPC flow logs. | string |
null |
no |
| flow_log_cloudwatch_log_group_name_prefix | Specifies the name prefix of CloudWatch Log Group for VPC flow logs. | string |
"/aws/vpc-flow-log/" |
no |
| flow_log_cloudwatch_log_group_retention_in_days | Specifies the number of days you want to retain log events in the specified log group for VPC flow logs. | number |
null |
no |
| flow_log_destination_arn | The ARN of the CloudWatch log group or S3 bucket where VPC Flow Logs will be pushed. If this ARN is a S3 bucket the appropriate permissions need to be set on that bucket's policy. When create_flow_log_cloudwatch_log_group is set to false this argument must be provided. | string |
"" |
no |
| flow_log_destination_type | Type of flow log destination. Can be s3 or cloud-watch-logs. | string |
"cloud-watch-logs" |
no |
| flow_log_log_format | The fields to include in the flow log record, in the order in which they should appear. | string |
null |
no |
| flow_log_max_aggregation_interval | The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. Valid Values: 60 seconds or 600 seconds. |
number |
600 |
no |
| flow_log_traffic_type | The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL. | string |
"ALL" |
no |
| git_codecommit_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Git Codecommit endpoint | bool |
false |
no |
| git_codecommit_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Git Codecommit endpoint | list |
[] |
no |
| git_codecommit_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Git Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| glue_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Glue endpoint | bool |
false |
no |
| glue_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Glue endpoint | list(string) |
[] |
no |
| glue_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Glue endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| igw_tags | Additional tags for the internet gateway | map(string) |
{} |
no |
| instance_tenancy | A tenancy option for instances launched into the VPC | string |
"default" |
no |
| intra_acl_tags | Additional tags for the intra subnets network ACL | map(string) |
{} |
no |
| intra_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for intra subnets | bool |
false |
no |
| intra_inbound_acl_rules | Intra subnets inbound network ACLs | list(map(string)) |
[ |
no |
| intra_outbound_acl_rules | Intra subnets outbound network ACLs | list(map(string)) |
[ |
no |
| intra_route_table_tags | Additional tags for the intra route tables | map(string) |
{} |
no |
| intra_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on intra subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| intra_subnet_ipv6_prefixes | Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| intra_subnet_suffix | Suffix to append to intra subnets name | string |
"intra" |
no |
| intra_subnet_tags | Additional tags for the intra subnets | map(string) |
{} |
no |
| intra_subnets | A list of intra subnets | list(string) |
[] |
no |
| kinesis_firehose_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Kinesis Firehose endpoint | bool |
false |
no |
| kinesis_firehose_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Kinesis Firehose endpoint | list(string) |
[] |
no |
| kinesis_firehose_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Kinesis Firehose endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| kinesis_streams_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Kinesis Streams endpoint | bool |
false |
no |
| kinesis_streams_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Kinesis Streams endpoint | list(string) |
[] |
no |
| kinesis_streams_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Kinesis Streams endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| kms_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for KMS endpoint | bool |
false |
no |
| kms_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for KMS endpoint | list(string) |
[] |
no |
| kms_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for KMS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| logs_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Logs endpoint | bool |
false |
no |
| logs_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for CloudWatch Logs endpoint | list(string) |
[] |
no |
| logs_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for CloudWatch Logs endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| manage_default_network_acl | Should be true to adopt and manage Default Network ACL | bool |
false |
no |
| manage_default_security_group | Should be true to adopt and manage default security group | bool |
false |
no |
| manage_default_vpc | Should be true to adopt and manage Default VPC | bool |
false |
no |
| map_public_ip_on_launch | Should be false if you do not want to auto-assign public IP on launch | bool |
true |
no |
| monitoring_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Monitoring endpoint | bool |
false |
no |
| monitoring_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for CloudWatch Monitoring endpoint | list(string) |
[] |
no |
| monitoring_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for CloudWatch Monitoring endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| name | Name to be used on all the resources as identifier | string |
"" |
no |
| nat_eip_tags | Additional tags for the NAT EIP | map(string) |
{} |
no |
| nat_gateway_tags | Additional tags for the NAT gateways | map(string) |
{} |
no |
| one_nat_gateway_per_az | Should be true if you want only one NAT Gateway per availability zone. Requires var.azs to be set, and the number of public_subnets created to be greater than or equal to the number of availability zones specified in var.azs. |
bool |
false |
no |
| private_acl_tags | Additional tags for the private subnets network ACL | map(string) |
{} |
no |
| private_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for private subnets | bool |
false |
no |
| private_inbound_acl_rules | Private subnets inbound network ACLs | list(map(string)) |
[ |
no |
| private_outbound_acl_rules | Private subnets outbound network ACLs | list(map(string)) |
[ |
no |
| private_route_table_tags | Additional tags for the private route tables | map(string) |
{} |
no |
| private_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on private subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| private_subnet_ipv6_prefixes | Assigns IPv6 private subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| private_subnet_suffix | Suffix to append to private subnets name | string |
"private" |
no |
| private_subnet_tags | Additional tags for the private subnets | map(string) |
{} |
no |
| private_subnets | A list of private subnets inside the VPC | list(string) |
[] |
no |
| propagate_intra_route_tables_vgw | Should be true if you want route table propagation | bool |
false |
no |
| propagate_private_route_tables_vgw | Should be true if you want route table propagation | bool |
false |
no |
| propagate_public_route_tables_vgw | Should be true if you want route table propagation | bool |
false |
no |
| public_acl_tags | Additional tags for the public subnets network ACL | map(string) |
{} |
no |
| public_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for public subnets | bool |
false |
no |
| public_inbound_acl_rules | Public subnets inbound network ACLs | list(map(string)) |
[ |
no |
| public_outbound_acl_rules | Public subnets outbound network ACLs | list(map(string)) |
[ |
no |
| public_route_table_tags | Additional tags for the public route tables | map(string) |
{} |
no |
| public_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on public subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| public_subnet_ipv6_prefixes | Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| public_subnet_suffix | Suffix to append to public subnets name | string |
"public" |
no |
| public_subnet_tags | Additional tags for the public subnets | map(string) |
{} |
no |
| public_subnets | A list of public subnets inside the VPC | list(string) |
[] |
no |
| qldb_session_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for QLDB Session endpoint | bool |
false |
no |
| qldb_session_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for QLDB Session endpoint | list(string) |
[] |
no |
| qldb_session_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for QLDB Session endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| redshift_acl_tags | Additional tags for the redshift subnets network ACL | map(string) |
{} |
no |
| redshift_dedicated_network_acl | Whether to use dedicated network ACL (not default) and custom rules for redshift subnets | bool |
false |
no |
| redshift_inbound_acl_rules | Redshift subnets inbound network ACL rules | list(map(string)) |
[ |
no |
| redshift_outbound_acl_rules | Redshift subnets outbound network ACL rules | list(map(string)) |
[ |
no |
| redshift_route_table_tags | Additional tags for the redshift route tables | map(string) |
{} |
no |
| redshift_subnet_assign_ipv6_address_on_creation | Assign IPv6 address on redshift subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch | bool |
null |
no |
| redshift_subnet_group_tags | Additional tags for the redshift subnet group | map(string) |
{} |
no |
| redshift_subnet_ipv6_prefixes | Assigns IPv6 redshift subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list | list |
[] |
no |
| redshift_subnet_suffix | Suffix to append to redshift subnets name | string |
"redshift" |
no |
| redshift_subnet_tags | Additional tags for the redshift subnets | map(string) |
{} |
no |
| redshift_subnets | A list of redshift subnets | list(string) |
[] |
no |
| rekognition_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Rekognition endpoint | bool |
false |
no |
| rekognition_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Rekognition endpoint | list(string) |
[] |
no |
| rekognition_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Rekognition endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| reuse_nat_ips | Should be true if you don't want EIPs to be created for your NAT Gateways and will instead pass them in via the 'external_nat_ip_ids' variable | bool |
false |
no |
| sagemaker_api_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SageMaker API endpoint | bool |
false |
no |
| sagemaker_api_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SageMaker API endpoint | list(string) |
[] |
no |
| sagemaker_api_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SageMaker API endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| sagemaker_notebook_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Sagemaker Notebook endpoint | bool |
false |
no |
| sagemaker_notebook_endpoint_region | Region to use for Sagemaker Notebook endpoint | string |
"" |
no |
| sagemaker_notebook_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Sagemaker Notebook endpoint | list(string) |
[] |
no |
| sagemaker_notebook_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Sagemaker Notebook endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| sagemaker_runtime_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SageMaker Runtime endpoint | bool |
false |
no |
| sagemaker_runtime_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SageMaker Runtime endpoint | list(string) |
[] |
no |
| sagemaker_runtime_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SageMaker Runtime endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| secondary_cidr_blocks | List of secondary CIDR blocks to associate with the VPC to extend the IP Address pool | list(string) |
[] |
no |
| secretsmanager_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Secrets Manager endpoint | bool |
false |
no |
| secretsmanager_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Secrets Manager endpoint | list(string) |
[] |
no |
| secretsmanager_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Secrets Manager endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| servicecatalog_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Service Catalog endpoint | bool |
false |
no |
| servicecatalog_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Service Catalog endpoint | list(string) |
[] |
no |
| servicecatalog_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Service Catalog endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ses_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SES endpoint | bool |
false |
no |
| ses_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SES endpoint | list(string) |
[] |
no |
| ses_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| single_nat_gateway | Should be true if you want to provision a single shared NAT Gateway across all of your private networks | bool |
false |
no |
| sms_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SMS endpoint | bool |
false |
no |
| sms_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SMS endpoint | list(string) |
[] |
no |
| sms_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SMS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| sns_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SNS endpoint | bool |
false |
no |
| sns_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SNS endpoint | list(string) |
[] |
no |
| sns_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SNS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| sqs_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SQS endpoint | bool |
false |
no |
| sqs_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SQS endpoint | list |
[] |
no |
| sqs_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SQS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list |
[] |
no |
| ssm_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SSM endpoint | bool |
false |
no |
| ssm_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SSM endpoint | list(string) |
[] |
no |
| ssm_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SSM endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| ssmmessages_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for SSMMESSAGES endpoint | bool |
false |
no |
| ssmmessages_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for SSMMESSAGES endpoint | list(string) |
[] |
no |
| ssmmessages_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for SSMMESSAGES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| states_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Step Function endpoint | bool |
false |
no |
| states_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Step Function endpoint | list(string) |
[] |
no |
| states_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Step Function endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| storagegateway_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Storage Gateway endpoint | bool |
false |
no |
| storagegateway_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Storage Gateway endpoint | list(string) |
[] |
no |
| storagegateway_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Storage Gateway endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| sts_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for STS endpoint | bool |
false |
no |
| sts_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for STS endpoint | list(string) |
[] |
no |
| sts_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for STS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| transfer_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Transfer endpoint | bool |
false |
no |
| transfer_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Transfer endpoint | list(string) |
[] |
no |
| transfer_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Transfer endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| transferserver_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Transfer Server endpoint | bool |
false |
no |
| transferserver_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Transfer Server endpoint | list(string) |
[] |
no |
| transferserver_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Transfer Server endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used. | list(string) |
[] |
no |
| vpc_endpoint_tags | Additional tags for the VPC Endpoints | map(string) |
{} |
no |
| vpc_flow_log_tags | Additional tags for the VPC Flow Logs | map(string) |
{} |
no |
| vpc_tags | Additional tags for the VPC | map(string) |
{} |
no |
| vpn_gateway_az | The Availability Zone for the VPN Gateway | string |
null |
no |
| vpn_gateway_id | ID of VPN Gateway to attach to the VPC | string |
"" |
no |
| vpn_gateway_tags | Additional tags for the VPN gateway | map(string) |
{} |
no |
| workspaces_endpoint_private_dns_enabled | Whether or not to associate a private hosted zone with the specified VPC for Workspaces endpoint | bool |
false |
no |
| workspaces_endpoint_security_group_ids | The ID of one or more security groups to associate with the network interface for Workspaces endpoint | list(string) |
[] |
no |
| workspaces_endpoint_subnet_ids | The ID of one or more subnets in which to create a network interface for Workspaces endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used. | list(string) |
[] |
no |
| Name | Description |
|---|---|
| azs | A list of availability zones specified as argument to this module |
| cgw_ids | List of IDs of Customer Gateway |
| database_internet_gateway_route_id | ID of the database internet gateway route. |
| database_ipv6_egress_route_id | ID of the database IPv6 egress route. |
| database_nat_gateway_route_ids | List of IDs of the database nat gateway route. |
| database_network_acl_id | ID of the database network ACL |
| database_route_table_association_ids | List of IDs of the database route table association |
| database_route_table_ids | List of IDs of database route tables |
| database_subnet_arns | List of ARNs of database subnets |
| database_subnet_group | ID of database subnet group |
| database_subnets | List of IDs of database subnets |
| database_subnets_cidr_blocks | List of cidr_blocks of database subnets |
| database_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of database subnets in an IPv6 enabled VPC |
| default_network_acl_id | The ID of the default network ACL |
| default_route_table_id | The ID of the default route table |
| default_security_group_id | The ID of the security group created by default on VPC creation |
| default_vpc_cidr_block | The CIDR block of the VPC |
| default_vpc_default_network_acl_id | The ID of the default network ACL |
| default_vpc_default_route_table_id | The ID of the default route table |
| default_vpc_default_security_group_id | The ID of the security group created by default on VPC creation |
| default_vpc_enable_dns_hostnames | Whether or not the VPC has DNS hostname support |
| default_vpc_enable_dns_support | Whether or not the VPC has DNS support |
| default_vpc_id | The ID of the VPC |
| default_vpc_instance_tenancy | Tenancy of instances spin up within VPC |
| default_vpc_main_route_table_id | The ID of the main route table associated with this VPC |
| egress_only_internet_gateway_id | The ID of the egress only Internet Gateway |
| elasticache_network_acl_id | ID of the elasticache network ACL |
| elasticache_route_table_association_ids | List of IDs of the elasticache route table association |
| elasticache_route_table_ids | List of IDs of elasticache route tables |
| elasticache_subnet_arns | List of ARNs of elasticache subnets |
| elasticache_subnet_group | ID of elasticache subnet group |
| elasticache_subnet_group_name | Name of elasticache subnet group |
| elasticache_subnets | List of IDs of elasticache subnets |
| elasticache_subnets_cidr_blocks | List of cidr_blocks of elasticache subnets |
| elasticache_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of elasticache subnets in an IPv6 enabled VPC |
| igw_id | The ID of the Internet Gateway |
| intra_network_acl_id | ID of the intra network ACL |
| intra_route_table_association_ids | List of IDs of the intra route table association |
| intra_route_table_ids | List of IDs of intra route tables |
| intra_subnet_arns | List of ARNs of intra subnets |
| intra_subnets | List of IDs of intra subnets |
| intra_subnets_cidr_blocks | List of cidr_blocks of intra subnets |
| intra_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of intra subnets in an IPv6 enabled VPC |
| name | The name of the VPC specified as argument to this module |
| nat_ids | List of allocation ID of Elastic IPs created for AWS NAT Gateway |
| nat_public_ips | List of public Elastic IPs created for AWS NAT Gateway |
| natgw_ids | List of NAT Gateway IDs |
| private_ipv6_egress_route_ids | List of IDs of the ipv6 egress route. |
| private_nat_gateway_route_ids | List of IDs of the private nat gateway route. |
| private_network_acl_id | ID of the private network ACL |
| private_route_table_association_ids | List of IDs of the private route table association |
| private_route_table_ids | List of IDs of private route tables |
| private_subnet_arns | List of ARNs of private subnets |
| private_subnets | List of IDs of private subnets |
| private_subnets_cidr_blocks | List of cidr_blocks of private subnets |
| private_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of private subnets in an IPv6 enabled VPC |
| public_internet_gateway_ipv6_route_id | ID of the IPv6 internet gateway route. |
| public_internet_gateway_route_id | ID of the internet gateway route. |
| public_network_acl_id | ID of the public network ACL |
| public_route_table_association_ids | List of IDs of the public route table association |
| public_route_table_ids | List of IDs of public route tables |
| public_subnet_arns | List of ARNs of public subnets |
| public_subnets | List of IDs of public subnets |
| public_subnets_cidr_blocks | List of cidr_blocks of public subnets |
| public_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of public subnets in an IPv6 enabled VPC |
| redshift_network_acl_id | ID of the redshift network ACL |
| redshift_public_route_table_association_ids | List of IDs of the public redshidt route table association |
| redshift_route_table_association_ids | List of IDs of the redshift route table association |
| redshift_route_table_ids | List of IDs of redshift route tables |
| redshift_subnet_arns | List of ARNs of redshift subnets |
| redshift_subnet_group | ID of redshift subnet group |
| redshift_subnets | List of IDs of redshift subnets |
| redshift_subnets_cidr_blocks | List of cidr_blocks of redshift subnets |
| redshift_subnets_ipv6_cidr_blocks | List of IPv6 cidr_blocks of redshift subnets in an IPv6 enabled VPC |
| this_customer_gateway | Map of Customer Gateway attributes |
| vgw_id | The ID of the VPN Gateway |
| vpc_arn | The ARN of the VPC |
| vpc_cidr_block | The CIDR block of the VPC |
| vpc_enable_dns_hostnames | Whether or not the VPC has DNS hostname support |
| vpc_enable_dns_support | Whether or not the VPC has DNS support |
| vpc_endpoint_access_analyzer_dns_entry | The DNS entries for the VPC Endpoint for Access Analyzer. |
| vpc_endpoint_access_analyzer_id | The ID of VPC endpoint for Access Analyzer |
| vpc_endpoint_access_analyzer_network_interface_ids | One or more network interfaces for the VPC Endpoint for Access Analyzer. |
| vpc_endpoint_acm_pca_dns_entry | The DNS entries for the VPC Endpoint for ACM PCA. |
| vpc_endpoint_acm_pca_id | The ID of VPC endpoint for ACM PCA |
| vpc_endpoint_acm_pca_network_interface_ids | One or more network interfaces for the VPC Endpoint for ACM PCA. |
| vpc_endpoint_apigw_dns_entry | The DNS entries for the VPC Endpoint for APIGW. |
| vpc_endpoint_apigw_id | The ID of VPC endpoint for APIGW |
| vpc_endpoint_apigw_network_interface_ids | One or more network interfaces for the VPC Endpoint for APIGW. |
| vpc_endpoint_appmesh_envoy_management_dns_entry | The DNS entries for the VPC Endpoint for AppMesh. |
| vpc_endpoint_appmesh_envoy_management_id | The ID of VPC endpoint for AppMesh |
| vpc_endpoint_appmesh_envoy_management_network_interface_ids | One or more network interfaces for the VPC Endpoint for AppMesh. |
| vpc_endpoint_appstream_dns_entry | The DNS entries for the VPC Endpoint for AppStream. |
| vpc_endpoint_appstream_id | The ID of VPC endpoint for AppStream |
| vpc_endpoint_appstream_network_interface_ids | One or more network interfaces for the VPC Endpoint for AppStream. |
| vpc_endpoint_athena_dns_entry | The DNS entries for the VPC Endpoint for Athena. |
| vpc_endpoint_athena_id | The ID of VPC endpoint for Athena |
| vpc_endpoint_athena_network_interface_ids | One or more network interfaces for the VPC Endpoint for Athena. |
| vpc_endpoint_auto_scaling_plans_dns_entry | The DNS entries for the VPC Endpoint for Auto Scaling Plans. |
| vpc_endpoint_auto_scaling_plans_id | The ID of VPC endpoint for Auto Scaling Plans |
| vpc_endpoint_auto_scaling_plans_network_interface_ids | One or more network interfaces for the VPC Endpoint for Auto Scaling Plans. |
| vpc_endpoint_cloud_directory_dns_entry | The DNS entries for the VPC Endpoint for Cloud Directory. |
| vpc_endpoint_cloud_directory_id | The ID of VPC endpoint for Cloud Directory |
| vpc_endpoint_cloud_directory_network_interface_ids | One or more network interfaces for the VPC Endpoint for Cloud Directory. |
| vpc_endpoint_cloudformation_dns_entry | The DNS entries for the VPC Endpoint for Cloudformation. |
| vpc_endpoint_cloudformation_id | The ID of VPC endpoint for Cloudformation |
| vpc_endpoint_cloudformation_network_interface_ids | One or more network interfaces for the VPC Endpoint for Cloudformation. |
| vpc_endpoint_cloudtrail_dns_entry | The DNS entries for the VPC Endpoint for CloudTrail. |
| vpc_endpoint_cloudtrail_id | The ID of VPC endpoint for CloudTrail |
| vpc_endpoint_cloudtrail_network_interface_ids | One or more network interfaces for the VPC Endpoint for CloudTrail. |
| vpc_endpoint_codebuild_dns_entry | The DNS entries for the VPC Endpoint for codebuild. |
| vpc_endpoint_codebuild_id | The ID of VPC endpoint for codebuild |
| vpc_endpoint_codebuild_network_interface_ids | One or more network interfaces for the VPC Endpoint for codebuild. |
| vpc_endpoint_codecommit_dns_entry | The DNS entries for the VPC Endpoint for codecommit. |
| vpc_endpoint_codecommit_id | The ID of VPC endpoint for codecommit |
| vpc_endpoint_codecommit_network_interface_ids | One or more network interfaces for the VPC Endpoint for codecommit. |
| vpc_endpoint_codepipeline_dns_entry | The DNS entries for the VPC Endpoint for CodePipeline. |
| vpc_endpoint_codepipeline_id | The ID of VPC endpoint for CodePipeline |
| vpc_endpoint_codepipeline_network_interface_ids | One or more network interfaces for the VPC Endpoint for CodePipeline. |
| vpc_endpoint_config_dns_entry | The DNS entries for the VPC Endpoint for config. |
| vpc_endpoint_config_id | The ID of VPC endpoint for config |
| vpc_endpoint_config_network_interface_ids | One or more network interfaces for the VPC Endpoint for config. |
| vpc_endpoint_datasync_dns_entry | The DNS entries for the VPC Endpoint for DataSync. |
| vpc_endpoint_datasync_id | The ID of VPC endpoint for DataSync |
| vpc_endpoint_datasync_network_interface_ids | One or more network interfaces for the VPC Endpoint for DataSync. |
| vpc_endpoint_dynamodb_id | The ID of VPC endpoint for DynamoDB |
| vpc_endpoint_dynamodb_pl_id | The prefix list for the DynamoDB VPC endpoint. |
| vpc_endpoint_ebs_dns_entry | The DNS entries for the VPC Endpoint for EBS. |
| vpc_endpoint_ebs_id | The ID of VPC endpoint for EBS |
| vpc_endpoint_ebs_network_interface_ids | One or more network interfaces for the VPC Endpoint for EBS. |
| vpc_endpoint_ec2_autoscaling_dns_entry | The DNS entries for the VPC Endpoint for EC2 Autoscaling. |
| vpc_endpoint_ec2_autoscaling_id | The ID of VPC endpoint for EC2 Autoscaling |
| vpc_endpoint_ec2_autoscaling_network_interface_ids | One or more network interfaces for the VPC Endpoint for EC2 Autoscaling |
| vpc_endpoint_ec2_dns_entry | The DNS entries for the VPC Endpoint for EC2. |
| vpc_endpoint_ec2_id | The ID of VPC endpoint for EC2 |
| vpc_endpoint_ec2_network_interface_ids | One or more network interfaces for the VPC Endpoint for EC2 |
| vpc_endpoint_ec2messages_dns_entry | The DNS entries for the VPC Endpoint for EC2MESSAGES. |
| vpc_endpoint_ec2messages_id | The ID of VPC endpoint for EC2MESSAGES |
| vpc_endpoint_ec2messages_network_interface_ids | One or more network interfaces for the VPC Endpoint for EC2MESSAGES |
| vpc_endpoint_ecr_api_dns_entry | The DNS entries for the VPC Endpoint for ECR API. |
| vpc_endpoint_ecr_api_id | The ID of VPC endpoint for ECR API |
| vpc_endpoint_ecr_api_network_interface_ids | One or more network interfaces for the VPC Endpoint for ECR API. |
| vpc_endpoint_ecr_dkr_dns_entry | The DNS entries for the VPC Endpoint for ECR DKR. |
| vpc_endpoint_ecr_dkr_id | The ID of VPC endpoint for ECR DKR |
| vpc_endpoint_ecr_dkr_network_interface_ids | One or more network interfaces for the VPC Endpoint for ECR DKR. |
| vpc_endpoint_ecs_agent_dns_entry | The DNS entries for the VPC Endpoint for ECS Agent. |
| vpc_endpoint_ecs_agent_id | The ID of VPC endpoint for ECS Agent |
| vpc_endpoint_ecs_agent_network_interface_ids | One or more network interfaces for the VPC Endpoint for ECS Agent. |
| vpc_endpoint_ecs_dns_entry | The DNS entries for the VPC Endpoint for ECS. |
| vpc_endpoint_ecs_id | The ID of VPC endpoint for ECS |
| vpc_endpoint_ecs_network_interface_ids | One or more network interfaces for the VPC Endpoint for ECS. |
| vpc_endpoint_ecs_telemetry_dns_entry | The DNS entries for the VPC Endpoint for ECS Telemetry. |
| vpc_endpoint_ecs_telemetry_id | The ID of VPC endpoint for ECS Telemetry |
| vpc_endpoint_ecs_telemetry_network_interface_ids | One or more network interfaces for the VPC Endpoint for ECS Telemetry. |
| vpc_endpoint_efs_dns_entry | The DNS entries for the VPC Endpoint for EFS. |
| vpc_endpoint_efs_id | The ID of VPC endpoint for EFS |
| vpc_endpoint_efs_network_interface_ids | One or more network interfaces for the VPC Endpoint for EFS. |
| vpc_endpoint_elastic_inference_runtime_dns_entry | The DNS entries for the VPC Endpoint for Elastic Inference Runtime. |
| vpc_endpoint_elastic_inference_runtime_id | The ID of VPC endpoint for Elastic Inference Runtime |
| vpc_endpoint_elastic_inference_runtime_network_interface_ids | One or more network interfaces for the VPC Endpoint for Elastic Inference Runtime. |
| vpc_endpoint_elasticbeanstalk_dns_entry | The DNS entries for the VPC Endpoint for Elastic Beanstalk. |
| vpc_endpoint_elasticbeanstalk_health_dns_entry | The DNS entries for the VPC Endpoint for Elastic Beanstalk Health. |
| vpc_endpoint_elasticbeanstalk_health_id | The ID of VPC endpoint for Elastic Beanstalk Health |
| vpc_endpoint_elasticbeanstalk_health_network_interface_ids | One or more network interfaces for the VPC Endpoint for Elastic Beanstalk Health. |
| vpc_endpoint_elasticbeanstalk_id | The ID of VPC endpoint for Elastic Beanstalk |
| vpc_endpoint_elasticbeanstalk_network_interface_ids | One or more network interfaces for the VPC Endpoint for Elastic Beanstalk. |
| vpc_endpoint_elasticloadbalancing_dns_entry | The DNS entries for the VPC Endpoint for Elastic Load Balancing. |
| vpc_endpoint_elasticloadbalancing_id | The ID of VPC endpoint for Elastic Load Balancing |
| vpc_endpoint_elasticloadbalancing_network_interface_ids | One or more network interfaces for the VPC Endpoint for Elastic Load Balancing. |
| vpc_endpoint_elasticmapreduce_dns_entry | The DNS entries for the VPC Endpoint for EMR. |
| vpc_endpoint_elasticmapreduce_id | The ID of VPC endpoint for EMR |
| vpc_endpoint_elasticmapreduce_network_interface_ids | One or more network interfaces for the VPC Endpoint for EMR. |
| vpc_endpoint_events_dns_entry | The DNS entries for the VPC Endpoint for CloudWatch Events. |
| vpc_endpoint_events_id | The ID of VPC endpoint for CloudWatch Events |
| vpc_endpoint_events_network_interface_ids | One or more network interfaces for the VPC Endpoint for CloudWatch Events. |
| vpc_endpoint_git_codecommit_dns_entry | The DNS entries for the VPC Endpoint for git_codecommit. |
| vpc_endpoint_git_codecommit_id | The ID of VPC endpoint for git_codecommit |
| vpc_endpoint_git_codecommit_network_interface_ids | One or more network interfaces for the VPC Endpoint for git_codecommit. |
| vpc_endpoint_glue_dns_entry | The DNS entries for the VPC Endpoint for Glue. |
| vpc_endpoint_glue_id | The ID of VPC endpoint for Glue |
| vpc_endpoint_glue_network_interface_ids | One or more network interfaces for the VPC Endpoint for Glue. |
| vpc_endpoint_kinesis_firehose_dns_entry | The DNS entries for the VPC Endpoint for Kinesis Firehose. |
| vpc_endpoint_kinesis_firehose_id | The ID of VPC endpoint for Kinesis Firehose |
| vpc_endpoint_kinesis_firehose_network_interface_ids | One or more network interfaces for the VPC Endpoint for Kinesis Firehose. |
| vpc_endpoint_kinesis_streams_dns_entry | The DNS entries for the VPC Endpoint for Kinesis Streams. |
| vpc_endpoint_kinesis_streams_id | The ID of VPC endpoint for Kinesis Streams |
| vpc_endpoint_kinesis_streams_network_interface_ids | One or more network interfaces for the VPC Endpoint for Kinesis Streams. |
| vpc_endpoint_kms_dns_entry | The DNS entries for the VPC Endpoint for KMS. |
| vpc_endpoint_kms_id | The ID of VPC endpoint for KMS |
| vpc_endpoint_kms_network_interface_ids | One or more network interfaces for the VPC Endpoint for KMS. |
| vpc_endpoint_logs_dns_entry | The DNS entries for the VPC Endpoint for CloudWatch Logs. |
| vpc_endpoint_logs_id | The ID of VPC endpoint for CloudWatch Logs |
| vpc_endpoint_logs_network_interface_ids | One or more network interfaces for the VPC Endpoint for CloudWatch Logs. |
| vpc_endpoint_monitoring_dns_entry | The DNS entries for the VPC Endpoint for CloudWatch Monitoring. |
| vpc_endpoint_monitoring_id | The ID of VPC endpoint for CloudWatch Monitoring |
| vpc_endpoint_monitoring_network_interface_ids | One or more network interfaces for the VPC Endpoint for CloudWatch Monitoring. |
| vpc_endpoint_qldb_session_dns_entry | The DNS entries for the VPC Endpoint for QLDB Session. |
| vpc_endpoint_qldb_session_id | The ID of VPC endpoint for QLDB Session |
| vpc_endpoint_qldb_session_network_interface_ids | One or more network interfaces for the VPC Endpoint for QLDB Session. |
| vpc_endpoint_rekognition_dns_entry | The DNS entries for the VPC Endpoint for Rekognition. |
| vpc_endpoint_rekognition_id | The ID of VPC endpoint for Rekognition |
| vpc_endpoint_rekognition_network_interface_ids | One or more network interfaces for the VPC Endpoint for Rekognition. |
| vpc_endpoint_s3_id | The ID of VPC endpoint for S3 |
| vpc_endpoint_s3_pl_id | The prefix list for the S3 VPC endpoint. |
| vpc_endpoint_sagemaker_api_dns_entry | The DNS entries for the VPC Endpoint for SageMaker API. |
| vpc_endpoint_sagemaker_api_id | The ID of VPC endpoint for SageMaker API |
| vpc_endpoint_sagemaker_api_network_interface_ids | One or more network interfaces for the VPC Endpoint for SageMaker API. |
| vpc_endpoint_sagemaker_runtime_dns_entry | The DNS entries for the VPC Endpoint for SageMaker Runtime. |
| vpc_endpoint_sagemaker_runtime_id | The ID of VPC endpoint for SageMaker Runtime |
| vpc_endpoint_sagemaker_runtime_network_interface_ids | One or more network interfaces for the VPC Endpoint for SageMaker Runtime. |
| vpc_endpoint_secretsmanager_dns_entry | The DNS entries for the VPC Endpoint for secretsmanager. |
| vpc_endpoint_secretsmanager_id | The ID of VPC endpoint for secretsmanager |
| vpc_endpoint_secretsmanager_network_interface_ids | One or more network interfaces for the VPC Endpoint for secretsmanager. |
| vpc_endpoint_servicecatalog_dns_entry | The DNS entries for the VPC Endpoint for Service Catalog. |
| vpc_endpoint_servicecatalog_id | The ID of VPC endpoint for Service Catalog |
| vpc_endpoint_servicecatalog_network_interface_ids | One or more network interfaces for the VPC Endpoint for Service Catalog. |
| vpc_endpoint_ses_dns_entry | The DNS entries for the VPC Endpoint for SES. |
| vpc_endpoint_ses_id | The ID of VPC endpoint for SES |
| vpc_endpoint_ses_network_interface_ids | One or more network interfaces for the VPC Endpoint for SES. |
| vpc_endpoint_sms_dns_entry | The DNS entries for the VPC Endpoint for SMS. |
| vpc_endpoint_sms_id | The ID of VPC endpoint for SMS |
| vpc_endpoint_sms_network_interface_ids | One or more network interfaces for the VPC Endpoint for SMS. |
| vpc_endpoint_sns_dns_entry | The DNS entries for the VPC Endpoint for SNS. |
| vpc_endpoint_sns_id | The ID of VPC endpoint for SNS |
| vpc_endpoint_sns_network_interface_ids | One or more network interfaces for the VPC Endpoint for SNS. |
| vpc_endpoint_sqs_dns_entry | The DNS entries for the VPC Endpoint for SQS. |
| vpc_endpoint_sqs_id | The ID of VPC endpoint for SQS |
| vpc_endpoint_sqs_network_interface_ids | One or more network interfaces for the VPC Endpoint for SQS. |
| vpc_endpoint_ssm_dns_entry | The DNS entries for the VPC Endpoint for SSM. |
| vpc_endpoint_ssm_id | The ID of VPC endpoint for SSM |
| vpc_endpoint_ssm_network_interface_ids | One or more network interfaces for the VPC Endpoint for SSM. |
| vpc_endpoint_ssmmessages_dns_entry | The DNS entries for the VPC Endpoint for SSMMESSAGES. |
| vpc_endpoint_ssmmessages_id | The ID of VPC endpoint for SSMMESSAGES |
| vpc_endpoint_ssmmessages_network_interface_ids | One or more network interfaces for the VPC Endpoint for SSMMESSAGES. |
| vpc_endpoint_states_dns_entry | The DNS entries for the VPC Endpoint for Step Function. |
| vpc_endpoint_states_id | The ID of VPC endpoint for Step Function |
| vpc_endpoint_states_network_interface_ids | One or more network interfaces for the VPC Endpoint for Step Function. |
| vpc_endpoint_storagegateway_dns_entry | The DNS entries for the VPC Endpoint for Storage Gateway. |
| vpc_endpoint_storagegateway_id | The ID of VPC endpoint for Storage Gateway |
| vpc_endpoint_storagegateway_network_interface_ids | One or more network interfaces for the VPC Endpoint for Storage Gateway. |
| vpc_endpoint_sts_dns_entry | The DNS entries for the VPC Endpoint for STS. |
| vpc_endpoint_sts_id | The ID of VPC endpoint for STS |
| vpc_endpoint_sts_network_interface_ids | One or more network interfaces for the VPC Endpoint for STS. |
| vpc_endpoint_transfer_dns_entry | The DNS entries for the VPC Endpoint for Transfer. |
| vpc_endpoint_transfer_id | The ID of VPC endpoint for Transfer |
| vpc_endpoint_transfer_network_interface_ids | One or more network interfaces for the VPC Endpoint for Transfer. |
| vpc_endpoint_transferserver_dns_entry | The DNS entries for the VPC Endpoint for transferserver. |
| vpc_endpoint_transferserver_id | The ID of VPC endpoint for transferserver |
| vpc_endpoint_transferserver_network_interface_ids | One or more network interfaces for the VPC Endpoint for transferserver |
| vpc_endpoint_workspaces_dns_entry | The DNS entries for the VPC Endpoint for Workspaces. |
| vpc_endpoint_workspaces_id | The ID of VPC endpoint for Workspaces |
| vpc_endpoint_workspaces_network_interface_ids | One or more network interfaces for the VPC Endpoint for Workspaces. |
| vpc_flow_log_cloudwatch_iam_role_arn | The ARN of the IAM role used when pushing logs to Cloudwatch log group |
| vpc_flow_log_destination_arn | The ARN of the destination for VPC Flow Logs |
| vpc_flow_log_destination_type | The type of the destination for VPC Flow Logs |
| vpc_flow_log_id | The ID of the Flow Log resource |
| vpc_id | The ID of the VPC |
| vpc_instance_tenancy | Tenancy of instances spin up within VPC |
| vpc_ipv6_association_id | The association ID for the IPv6 CIDR block |
| vpc_ipv6_cidr_block | The IPv6 CIDR block |
| vpc_main_route_table_id | The ID of the main route table associated with this VPC |
| vpc_owner_id | The ID of the AWS account that owns the VPC |
| vpc_secondary_cidr_blocks | List of secondary CIDR blocks of the VPC |