update vpc to use IPv6
This commit is contained in:
parent
0492d4ed49
commit
3e588e9da7
21
vpc.tf
21
vpc.tf
|
@ -4,6 +4,7 @@ resource "aws_vpc" "vault" {
|
|||
instance_tenancy = var.vpc_instance_tenancy
|
||||
enable_dns_support = var.vpc_enable_dns_support
|
||||
enable_dns_hostnames = var.vpc_enable_dns_hostnames
|
||||
assign_generated_ipv6_cidr_block = true
|
||||
|
||||
tags = merge(
|
||||
{ "Name" = "${var.main_project_tag}-vpc" },
|
||||
|
@ -34,6 +35,17 @@ resource "aws_internet_gateway" "igw" {
|
|||
)
|
||||
}
|
||||
|
||||
## Egress Only Gateway (IPv6)
|
||||
resource "aws_egress_only_internet_gateway" "eigw" {
|
||||
vpc_id = aws_vpc.vault.id
|
||||
|
||||
tags = merge(
|
||||
{ "Name" = "${var.main_project_tag}-eigw"},
|
||||
{ "Project" = var.main_project_tag },
|
||||
var.vpc_tags
|
||||
)
|
||||
}
|
||||
|
||||
## NAT Gateway
|
||||
|
||||
#### The NAT Elastic IP
|
||||
|
@ -99,6 +111,12 @@ resource "aws_route" "public_internet_access" {
|
|||
gateway_id = aws_internet_gateway.igw.id
|
||||
}
|
||||
|
||||
resource "aws_route" "public_internet_access_ipv6" {
|
||||
route_table_id = aws_route_table.public.id
|
||||
destination_ipv6_cidr_block = "::/0"
|
||||
egress_only_gateway_id = aws_egress_only_internet_gateway.eigw.id
|
||||
}
|
||||
|
||||
## Private Route Table
|
||||
resource "aws_route_table" "private" {
|
||||
vpc_id = aws_vpc.vault.id
|
||||
|
@ -138,6 +156,9 @@ resource "aws_subnet" "public" {
|
|||
availability_zone = data.aws_availability_zones.available.names[count.index]
|
||||
map_public_ip_on_launch = true
|
||||
|
||||
ipv6_cidr_block = cidrsubnet(aws_vpc.vault.ipv6_cidr_block, 8, count.index)
|
||||
assign_ipv6_address_on_creation = true
|
||||
|
||||
tags = merge(
|
||||
{ "Name" = "${var.main_project_tag}-public-${data.aws_availability_zones.available.names[count.index]}"},
|
||||
{ "Project" = var.main_project_tag },
|
||||
|
|
Loading…
Reference in New Issue