Terraform module which creates VPC resources on AWS and Confluent Cloud networking resources.
Options:
- Use an exisiting VPC, provide
aws.vpc.id
:
aws = {
vpc = {
id = "vpc-1234567890"
}
}
Enable auto-assign public IPv4 address for Subnets. Module uses map-public-ip-on-launch
for subnet selecting.
- Create a new VPC, provide
number_of_public_subnets
andnumber_of_private_subnets
:
aws = {
vpc = {
number_of_public_subnets = 3
number_of_private_subnets = 3
}
}
Optional: jump host to access the private network.
- EC2 Instance
- Security Group
- Key Pair
Provide instance name and type:
aws = {
instance = {
name = "mcolomer-central"
type = "t2.micro"
}
}
Options: TRANSITGATEWAY or PRIVATELINK or PEERING
confluent_network = {
display_name = "confluent-plink-network"
connection_type = "PRIVATELINK"
}
-
Connection type: TRANSITGATEWAY
- Confluent:
- Transit Gateway network
- Transit Gateway Attachment
- AWS:
- Transit Gateway
- Transit Gateway Attachment
- Transit Gateway Route
- Resource Share (RAM)
- Confluent:
-
Connection type: PRIVATELINK
- Confluent:
- Private Link Network
- Private Link Access
- AWS:
- Endpoint
- Service Group
- Private Hosted Zone (Route53)
- Confluent:
-
Connection type: PEERING
- Confluent:
- Peering Network
- Peering Connection
- AWS:
- VPC Peering Connection
- Peering Connection Accepter
- Route Table
- Route
- Confluent:
## Usage
- New Confluent Cloud Private Link Network with AWS Provided VPC (vpc_id)
#AWS
aws = {
region = "eu-central-1",
prefix = "mcol",
owner = "mcolomercornejo@confluent.io",
vpc = {
id = "vpc-08a7122ab9509d860"
}
account_id = "492737776546"
}
# Confluent
environment = "env-zmz2zd"
confluent_network = {
display_name = "confluent-plink-network"
connection_type = "PRIVATELINK"
}
module "network" {
source = "github.com/mcolomerc/terraform-confluent-aws-network"
environment = var.confluent.environment.id
providers = {
confluent.confluent_cloud = confluent
aws = aws
}
aws = {
region = var.confluent.environment.network.aws.region,
prefix = var.confluent.environment.network.aws.prefix,
owner = var.confluent.environment.network.aws.owner,
vpc = {
id = var.confluent.environment.network.aws.vpc.id,
}
account_id = var.confluent.environment.network.aws.account_id,
}
confluent_network = {
display_name = var.confluent.environment.network.display_name,
connection_type = var.confluent.environment.network.connection_type,
}
}
- New Confluent Cloud Private Link Network & New AWS VPC - TODO
- New Confluent Cloud Private Link Network & New AWS VPC & New Jump Host - TODO
- New Confluent Cloud Transit Gateway Network with AWS Provided VPC - TODO
- New Confluent Cloud Transit Gateway Network & New AWS VPC & New Jump Host TODO
- New Confluent Cloud Peering network with AWS Provided VPC and Jump Host TODO
- New Confluent Cloud Peering network & New AWS VPC & New Jump Host TODO
mv <prefix>-key-pair.pem ~/.ssh/
cd ~/.ssh/
chmod 400 <prefix>-key-pair.pem
ssh -i "<prefix>-key-pair.pem" ubuntu@<outputs.bastion.public_dns>
Name | Version |
---|---|
terraform | >= 1.3 |
aws | 5.0.1 |
confluent | >=1.51.0 |
tls | ~> 4.0 |
No providers.
Name | Source | Version |
---|---|---|
aws_bastion | ./modules/aws_bastion | n/a |
aws_vpc | ./modules/aws_vpc | n/a |
plink | ./modules/plink | n/a |
No resources.
Name | Description | Type | Default | Required |
---|---|---|---|---|
aws | AWS | object({ |
n/a | yes |
confluent_cloud_api_key | Confluent Cloud API KEY. export TF_VAR_confluent_cloud_api_key="API_KEY" | string |
n/a | yes |
confluent_cloud_api_secret | Confluent Cloud API KEY. export TF_VAR_confluent_cloud_api_secret="API_SECRET" | string |
n/a | yes |
confluent_network | Confluent Network | object({ |
n/a | yes |
environment | Confluent Environment | string |
"dev" |
no |
Name | Description |
---|---|
aws_route53_records | n/a |
aws_route53_zone | n/a |
bastion | n/a |
confluent_private_link | n/a |
private_link_confluent_network | Private LINK |
private_subnets | n/a |
public_subnets | n/a |
vpc | n/a |