Skip to content

Commit ef6070b

Browse files
rachit89rachit89
committed
Updated files for policy in ecr api endpoint.
1 parent 053ba95 commit ef6070b

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+50
-39
lines changed

.gitignore

100644100755
File mode changed.

.pre-commit-config.yaml

100644100755
File mode changed.

.tflint.hcl

100644100755
File mode changed.

IAM.md

100644100755
File mode changed.

LICENSE

100644100755
File mode changed.

README.md

100644100755
Lines changed: 12 additions & 5 deletions

compliance.md

100644100755
File mode changed.

examples/complete-vpc-with-vpn/README.md

100644100755
File mode changed.

examples/complete-vpc-with-vpn/main.tf

100644100755
Lines changed: 14 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
locals {
2-
vpc_name = "vpc-test"
3-
aws_region = "ap-northeast-1"
4-
aws_account_id = "767398031518"
5-
environment = "prod"
2+
vpc_name = "vpc-rachit"
3+
aws_region = "ap-south-1"
4+
aws_account_id = "654654551614"
5+
environment = "stg"
66
kms_user = null
77
vpc_cidr = "10.10.0.0/16"
8-
vpc_availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
8+
vpc_availability_zones = ["ap-south-1a", "ap-south-1b"]
99
kms_deletion_window_in_days = 7
1010
enable_key_rotation = false
11-
is_enabled = true
11+
is_enabled = false
1212
vpc_flow_log_enabled = false
1313
vpn_server_enabled = true
1414
vpc_intra_subnet_enabled = true
@@ -23,10 +23,6 @@ locals {
2323
vpc_flow_log_cloudwatch_log_group_skip_destroy = false
2424
current_identity = data.aws_caller_identity.current.arn
2525
multi_region = false
26-
vpc_public_subnets_counts = 2
27-
vpc_private_subnets_counts = 2
28-
vpc_database_subnets_counts = 2
29-
vpc_intra_subnets_counts = 2
3026
additional_aws_tags = {
3127
Owner = "Organization_Name"
3228
Expires = "Never"
@@ -38,6 +34,7 @@ data "aws_caller_identity" "current" {}
3834

3935
module "key_pair_vpn" {
4036
source = "squareops/keypair/aws"
37+
count = local.vpn_server_enabled ? 1 : 0
4138
key_name = format("%s-%s-vpn", local.environment, local.vpc_name)
4239
environment = local.environment
4340
ssm_parameter_path = format("%s-%s-vpn", local.environment, local.vpc_name)
@@ -96,8 +93,10 @@ module "vpc" {
9693
aws_region = local.aws_region
9794
vpc_cidr = local.vpc_cidr
9895
environment = local.environment
96+
ipv6_enabled = true
97+
ipam_enabled = false
9998
vpc_flow_log_enabled = local.vpc_flow_log_enabled
100-
vpn_server_key_pair_name = module.key_pair_vpn.key_pair_name
99+
vpn_server_key_pair_name = local.vpn_server_enabled ? module.key_pair_vpn[0].key_pair_name : ""
101100
vpc_availability_zones = local.vpc_availability_zones
102101
vpn_server_enabled = local.vpn_server_enabled
103102
vpc_intra_subnet_enabled = local.vpc_intra_subnet_enabled
@@ -113,10 +112,10 @@ module "vpc" {
113112
vpc_flow_log_cloudwatch_log_group_skip_destroy = local.vpc_flow_log_cloudwatch_log_group_skip_destroy
114113
vpc_flow_log_cloudwatch_log_group_retention_in_days = 90
115114
vpc_flow_log_cloudwatch_log_group_kms_key_arn = module.kms.key_arn #Enter your kms key arn
116-
vpc_public_subnets_counts = local.vpc_public_subnets_counts
117-
vpc_private_subnets_counts = local.vpc_private_subnets_counts
118-
vpc_database_subnets_counts = local.vpc_database_subnets_counts
119-
vpc_intra_subnets_counts = local.vpc_intra_subnets_counts
115+
vpc_public_subnets_counts = 2
116+
vpc_private_subnets_counts = 2
117+
vpc_database_subnets_counts = 2
118+
vpc_intra_subnets_counts = 2
120119
vpc_endpoint_type_private_s3 = "Gateway"
121120
vpc_endpoint_type_ecr_dkr = "Interface"
122121
vpc_endpoint_type_ecr_api = "Interface"

examples/complete-vpc-with-vpn/outputs.tf

100644100755
File mode changed.

0 commit comments

Comments
 (0)