ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 14:54:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Terraform Foundation - AWS Landing Zone

Browse Source 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
This commit is contained in:
Greg Hendrickson
2026-02-01 20:06:28 +00:00
commit 6136cde9bb
145 changed files with 30832 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
terraform/modules/tenant-vpc/outputs.tf Normal file
View File

@@ -0,0 +1,57 @@
################################################################################
# Tenant VPC - Outputs
################################################################################
output "vpc_id" {
value = aws_vpc.this.id
description = "VPC ID"
}
output "vpc_cidr" {
value = aws_vpc.this.cidr_block
description = "VPC CIDR block"
}
output "public_subnet_ids" {
value = aws_subnet.public[*].id
description = "Public subnet IDs"
}
output "private_subnet_ids" {
value = aws_subnet.private[*].id
description = "Private subnet IDs"
}
output "public_route_table_id" {
value = try(aws_route_table.public[0].id, null)
description = "Public route table ID"
}
output "private_route_table_id" {
value = try(aws_route_table.private[0].id, null)
description = "Private route table ID"
}
output "nat_public_ip" {
value = var.nat_mode == "gateway" ? (
try(aws_eip.nat[0].public_ip, null)
) : (
try(aws_instance.nat[0].public_ip, null)
)
description = "NAT Gateway/Instance public IP"
}
output "tgw_attachment_id" {
value = try(aws_ec2_transit_gateway_vpc_attachment.this[0].id, null)
description = "Transit Gateway attachment ID"
}
output "flow_log_group" {
value = try(aws_cloudwatch_log_group.flow_logs[0].name, null)
description = "Flow log CloudWatch log group"
}
output "azs" {
value = local.azs
description = "Availability zones used"
}