Terraform module which creates VPC resources on AWS and Confluent Cloud networking resources.
Options:
- Use an exisiting VPC, provide
aws.vpc.id:
aws = {
vpc = {
id = "vpc-1234567890"
}
}Enable auto-assign public IPv4 address for Subnets. Module uses map-public-ip-on-launch for subnet selecting.
- Create a new VPC, provide
number_of_public_subnetsandnumber_of_private_subnets:
aws = {
vpc = {
number_of_public_subnets = 3
number_of_private_subnets = 3
}
}Optional: jump host to access the private network.
- EC2 Instance
- Security Group
- Key Pair
Provide instance name and type:
aws = {
instance = {
name = "mcolomer-central"
type = "t2.micro"
}
}Options: TRANSITGATEWAY or PRIVATELINK or PEERING
confluent_network = {
display_name = "confluent-plink-network"
connection_type = "PRIVATELINK"
}-
Connection type: TRANSITGATEWAY
- Confluent:
- Transit Gateway network
- Transit Gateway Attachment
- AWS:
- Transit Gateway
- Transit Gateway Attachment
- Transit Gateway Route
- Resource Share (RAM)
- Confluent:
-
Connection type: PRIVATELINK
- Confluent:
- Private Link Network
- Private Link Access
- AWS:
- Endpoint
- Service Group
- Private Hosted Zone (Route53)
- Confluent:
-
Connection type: PEERING
- Confluent:
- Peering Network
- Peering Connection
- AWS:
- VPC Peering Connection
- Peering Connection Accepter
- Route Table
- Route
- Confluent:
## Usage
- New Confluent Cloud Private Link Network with AWS Provided VPC (vpc_id)
#AWS
aws = {
region = "eu-central-1",
prefix = "mcol",
owner = "[email protected]",
vpc = {
id = "vpc-08a7122ab9509d860"
}
account_id = "492737776546"
}
# Confluent
environment = "env-zmz2zd"
confluent_network = {
display_name = "confluent-plink-network"
connection_type = "PRIVATELINK"
}module "network" {
source = "github.com/mcolomerc/terraform-confluent-aws-network"
environment = var.confluent.environment.id
providers = {
confluent.confluent_cloud = confluent
aws = aws
}
aws = {
region = var.confluent.environment.network.aws.region,
prefix = var.confluent.environment.network.aws.prefix,
owner = var.confluent.environment.network.aws.owner,
vpc = {
id = var.confluent.environment.network.aws.vpc.id,
}
account_id = var.confluent.environment.network.aws.account_id,
}
confluent_network = {
display_name = var.confluent.environment.network.display_name,
connection_type = var.confluent.environment.network.connection_type,
}
}- New Confluent Cloud Private Link Network & New AWS VPC - TODO
- New Confluent Cloud Private Link Network & New AWS VPC & New Jump Host - TODO
- New Confluent Cloud Transit Gateway Network with AWS Provided VPC - TODO
- New Confluent Cloud Transit Gateway Network & New AWS VPC & New Jump Host TODO
- New Confluent Cloud Peering network with AWS Provided VPC and Jump Host TODO
- New Confluent Cloud Peering network & New AWS VPC & New Jump Host TODO
mv <prefix>-key-pair.pem ~/.ssh/
cd ~/.ssh/
chmod 400 <prefix>-key-pair.pem
ssh -i "<prefix>-key-pair.pem" ubuntu@<outputs.bastion.public_dns>
| Name | Version |
|---|---|
| terraform | >= 1.3 |
| aws | 5.0.1 |
| confluent | >=1.51.0 |
| tls | ~> 4.0 |
No providers.
| Name | Source | Version |
|---|---|---|
| aws_bastion | ./modules/aws_bastion | n/a |
| aws_vpc | ./modules/aws_vpc | n/a |
| plink | ./modules/plink | n/a |
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws | AWS | object({ |
n/a | yes |
| confluent_cloud_api_key | Confluent Cloud API KEY. export TF_VAR_confluent_cloud_api_key="API_KEY" | string |
n/a | yes |
| confluent_cloud_api_secret | Confluent Cloud API KEY. export TF_VAR_confluent_cloud_api_secret="API_SECRET" | string |
n/a | yes |
| confluent_network | Confluent Network | object({ |
n/a | yes |
| environment | Confluent Environment | string |
"dev" |
no |
| Name | Description |
|---|---|
| aws_route53_records | n/a |
| aws_route53_zone | n/a |
| bastion | n/a |
| confluent_private_link | n/a |
| private_link_confluent_network | Private LINK |
| private_subnets | n/a |
| public_subnets | n/a |
| vpc | n/a |