ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 06:45:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
terraform-foundation/terraform/modules/shared-vpc/README.md
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

1.4 KiB
Raw Permalink Blame History

shared-vpc

Shared VPC Module Single VPC shared across all tenants via AWS RAM Isolation via: Security Groups, ABAC (tags), optional subnet segmentation

Usage

module "shared_vpc" {
  source = "../modules/shared-vpc"
  
  # Required variables
  workloads_ou_arn = ""

  # Optional: see variables.tf for all options
}

Requirements

Name Version
terraform >= 1.5.0
aws >= 5.0

Inputs

Name Description Type Required
vpc_cidr CIDR block for the shared VPC string no
tenant_subnet_cidr CIDR block for tenant-specific subnets (if enabled) string no
availability_zones List of availability zones list(string) no
enable_nat_gateway Enable NAT Gateway for private subnet internet access bool no
tenants List of tenant names (for per-tenant subnets) list(string) no
create_tenant_subnets Create separate subnets per tenant (stricter isolation) bool no
workloads_ou_arn ARN of the Workloads OU to share subnets with string yes

Outputs

Name Description
vpc_id
vpc_cidr
public_subnet_ids
private_shared_subnet_ids
private_tenant_subnet_ids
nat_gateway_ip
ram_share_arn

License

Apache 2.0 - See LICENSE for details.

Reference in New Issue View Git Blame Copy Permalink