Merge pull request #12 from ankur6405/main

Removed vpc source version to remove deprecated warning

Author: RohitSquareops

README.md

@@ -58,30 +58,52 @@ This module supports three scenarios to create Network resource on AWS. Each wil
 
 - **simple-vpc (default behavior):** To create a VPC with public subnets and IGW.
   - `vpc_cidr       = ""`
-  - `enable_public_subnet = true`
+  - `public_subnet_enabled = true`
+  - `auto_assign_public_ip = true`
 - **vpc-with-private-sub:** To create a VPC with public subnets, private subnets, IGW gateway and NAT gateway.
   - `vpc_cidr              = ""`
   - `public_subnet_enabled  = true`
   - `private_subnet_enabled = true`
+  - `auto_assign_public_ip = true`
 
 - **complete-vpc-with-vpn:** To create a VPC with public, private, database and intra subnets along with an IGW and NAT gateway. Jump server/Bastion Host is also configured.
-  - `vpc_cidr               = ""`
+  - `vpc_cidr                = ""`
   - `public_subnet_enabled   = true`
   - `private_subnet_enabled  = true`
   - `database_subnet_enabled = true`
   - `intra_subnet_enabled    = true`
+  - `auto_assign_public_ip  = true`
   - `one_nat_gateway_per_az = true`
   - `vpn_server_enabled     = true`
   - `vpn_server_instance_type = "t3a.small"`
-  - `vpn_key_pair             = ""`
+  - `vpn_key_pair_name         = ""`
+  - `availability_zones        = 2`
   - `flow_log_enabled          = true`
   - `flow_log_max_aggregation_interval               = 60`
   - `flow_log_cloudwatch_log_group_retention_in_days = 90`
 
 - **vpc-peering:** VPC peering support is available using submodule `vpc_peering`. Refer [Peering Docs](https://github.com/squareops/terraform-aws-vpc/tree/main/modules/vpc_peering) for more information
+  - `accepter_name          = ""`
+  - `accepter_vpc_id        = ""`
+  - `accepter_vpc_region    = ""`
+  - `requester_name         = ""`
+  - `requester_vpc_id       = ""`
+  - `requester_vpc_region   = ""`
+  - `auto_assign_public_ip  = true`
+  - `one_nat_gateway_per_az = true`
 
 - **vpc-with-ipv6:** To create VPC with IPv6 support, you only need to enable the parameter `ipv6_enabled`. Rest all the configurations will be taken care by module. Refer for example [vpc-with-ipv6](https://github.com/squareops/terraform-aws-vpc/tree/main/examples/vpc-with-ipv6) for more information.
-
+  - `vpc_cidr                = ""`
+  - `public_subnet_enabled   = true`
+  - `private_subnet_enabled  = true`
+  - `database_subnet_enabled = true`
+  - `intra_subnet_enabled    = true`
+  - `auto_assign_public_ip  = true`
+  - `ipv6_enabled = true`
+  - `public_subnet_assign_ipv6_address_on_creation   = true`
+  - `private_subnet_assign_ipv6_address_on_creation  = true`
+  - `database_subnet_assign_ipv6_address_on_creation = true`
+  - `intra_subnet_assign_ipv6_address_on_creation    = true`
 
 # IAM Permissions
 The required IAM permissions to create resources from this module can be found [here](https://github.com/squareops/terraform-aws-vpc/blob/main/IAM.md)
@@ -138,7 +160,7 @@ In this module, we have implemented the following CIS Compliance checks for VPC:
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 4.0.2 |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 5.1.1 |
 | <a name="module_vpn_server"></a> [vpn\_server](#module\_vpn\_server) | ./modules/vpn | n/a |
 
 ## Resources

main.tf

@@ -35,7 +35,7 @@ data "aws_ec2_instance_type" "arch" {
 
 module "vpc" {
   source                                          = "terraform-aws-modules/vpc/aws"
-  version                                         = "4.0.2"
+  version                                         = "5.1.1"
   name                                            = format("%s-%s-vpc", var.environment, var.name)
   cidr                                            = var.vpc_cidr # CIDR FOR VPC
   azs                                             = [for n in range(0, var.availability_zones) : data.aws_availability_zones.available.names[n]]

modules/vpn/README.md

@@ -25,6 +25,7 @@ Refer [this](https://pritunl.com/) for more information.
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.23 |
+| <a name="provider_null"></a> [null](#provider\_null) | n/a |
 | <a name="provider_template"></a> [template](#provider\_template) | >= 2.2.0 |
 | <a name="provider_time"></a> [time](#provider\_time) | >= 0.9.1 |
 
@@ -46,7 +47,8 @@ Refer [this](https://pritunl.com/) for more information.
 | [aws_iam_role_policy_attachment.SecretsManagerReadWrite_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_ssm_association.ssm_association](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_association) | resource |
 | [aws_ssm_document.ssm_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_document) | resource |
-| [time_sleep.wait_2_min](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
+| [null_resource.delete_secret](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [time_sleep.wait_3_min](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
 | [aws_ami.ubuntu_20_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
 | [aws_iam_policy.SSMManagedInstanceCore](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source |
 | [aws_iam_policy.SecretsManagerReadWrite](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source |

modules/vpn/main.tf

@@ -1,5 +1,5 @@
 resource "aws_eip" "vpn" {
-  vpc      = true
+  domain   = "vpc"
   instance = module.vpn_server.id
 }
 
@@ -206,11 +206,11 @@ DOC
 resource "null_resource" "delete_secret" {
   triggers = {
     environment = var.environment
-    name = var.name
-    region = data.aws_region.current.name
+    name        = var.name
+    region      = data.aws_region.current.name
   }
   provisioner "local-exec" {
-    when = destroy
+    when        = destroy
     interpreter = ["/bin/bash", "-c"]
     command     = <<EOT
     aws secretsmanager delete-secret --secret-id ${self.triggers.environment}-${self.triggers.name}-vpn --force-delete-without-recovery --region ${self.triggers.region}

modules/vpn/scripts/pritunl-vpn.sh

@@ -28,4 +28,4 @@ sleep 10
 sudo pritunl set-mongodb mongodb://localhost:27017/pritunl
 
 sudo systemctl enable mongod pritunl
-sudo systemctl start mongod pritunl
+sudo systemctl start mongod pritunl