update vpc to use IPv6
This commit is contained in:
parent
0492d4ed49
commit
3e588e9da7
21
vpc.tf
21
vpc.tf
|
@ -4,6 +4,7 @@ resource "aws_vpc" "vault" {
|
||||||
instance_tenancy = var.vpc_instance_tenancy
|
instance_tenancy = var.vpc_instance_tenancy
|
||||||
enable_dns_support = var.vpc_enable_dns_support
|
enable_dns_support = var.vpc_enable_dns_support
|
||||||
enable_dns_hostnames = var.vpc_enable_dns_hostnames
|
enable_dns_hostnames = var.vpc_enable_dns_hostnames
|
||||||
|
assign_generated_ipv6_cidr_block = true
|
||||||
|
|
||||||
tags = merge(
|
tags = merge(
|
||||||
{ "Name" = "${var.main_project_tag}-vpc" },
|
{ "Name" = "${var.main_project_tag}-vpc" },
|
||||||
|
@ -34,6 +35,17 @@ resource "aws_internet_gateway" "igw" {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
## Egress Only Gateway (IPv6)
|
||||||
|
resource "aws_egress_only_internet_gateway" "eigw" {
|
||||||
|
vpc_id = aws_vpc.vault.id
|
||||||
|
|
||||||
|
tags = merge(
|
||||||
|
{ "Name" = "${var.main_project_tag}-eigw"},
|
||||||
|
{ "Project" = var.main_project_tag },
|
||||||
|
var.vpc_tags
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
## NAT Gateway
|
## NAT Gateway
|
||||||
|
|
||||||
#### The NAT Elastic IP
|
#### The NAT Elastic IP
|
||||||
|
@ -99,6 +111,12 @@ resource "aws_route" "public_internet_access" {
|
||||||
gateway_id = aws_internet_gateway.igw.id
|
gateway_id = aws_internet_gateway.igw.id
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "aws_route" "public_internet_access_ipv6" {
|
||||||
|
route_table_id = aws_route_table.public.id
|
||||||
|
destination_ipv6_cidr_block = "::/0"
|
||||||
|
egress_only_gateway_id = aws_egress_only_internet_gateway.eigw.id
|
||||||
|
}
|
||||||
|
|
||||||
## Private Route Table
|
## Private Route Table
|
||||||
resource "aws_route_table" "private" {
|
resource "aws_route_table" "private" {
|
||||||
vpc_id = aws_vpc.vault.id
|
vpc_id = aws_vpc.vault.id
|
||||||
|
@ -138,6 +156,9 @@ resource "aws_subnet" "public" {
|
||||||
availability_zone = data.aws_availability_zones.available.names[count.index]
|
availability_zone = data.aws_availability_zones.available.names[count.index]
|
||||||
map_public_ip_on_launch = true
|
map_public_ip_on_launch = true
|
||||||
|
|
||||||
|
ipv6_cidr_block = cidrsubnet(aws_vpc.vault.ipv6_cidr_block, 8, count.index)
|
||||||
|
assign_ipv6_address_on_creation = true
|
||||||
|
|
||||||
tags = merge(
|
tags = merge(
|
||||||
{ "Name" = "${var.main_project_tag}-public-${data.aws_availability_zones.available.names[count.index]}"},
|
{ "Name" = "${var.main_project_tag}-public-${data.aws_availability_zones.available.names[count.index]}"},
|
||||||
{ "Project" = var.main_project_tag },
|
{ "Project" = var.main_project_tag },
|
||||||
|
|
Loading…
Reference in New Issue