Comments (5)
laserpedro
commented on June 2, 2024
From my understanding you have to define private subnets in the egress vpc cf here ...
from terraform-aws-vpc.
aiell0
commented on June 2, 2024
@laserpedro not quite....the egress VPC can live in another account and has just public subnets with NAT gateways living in them. You can then use a Transit Gateway to link those subnets with private subnets in separate VPCs that live in separate accounts. By creating a VPC with just public subnets for the egress VPC, you can keep the IP space small (which is desirable because this will be an internet-facing VPC after all).
from terraform-aws-vpc.
laserpedro
commented on June 2, 2024
What about using non routable IPs for the private subnets in your egress VPC ?
from terraform-aws-vpc.
github-actions
commented on June 2, 2024
This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days
from terraform-aws-vpc.
glyve99
commented on June 2, 2024
I really think this is a valid use case and it's something I already witnessed on a past project. Also, AWS documents this pattern on some architectures, like here. I also made some local changes to the module so that the reproduction code (shared by @aiell0) works as expected. Can I open a PR for this? :)
from terraform-aws-vpc.
Related Issues (20)
- Allow creating vpc flow logs resources without creating vpc HOT 3
- Support mixed IPAM / manual allocation in VPC CIDRs HOT 3
- Unable to migrate from IPv4 to IPv6 (VPC with subnets) HOT 3
- Add support for aws_cloudwatch_log_group log_group_class HOT 1
- VPC endpoints are being replaced sporadically due to `service_name` being unknown at plan time HOT 5
- Allow allowed_principals for module vpc-endpoints HOT 3
- IPv6 Route in Route Table (rtb-xxx) with destination (::/0) already exists HOT 9
- Enable the setup of fully private NAT Gateways HOT 2
- Error in function call for private_ipv6_egress in version 5.7.1 HOT 5
- Custom amount of NAT gateways HOT 4
- Introduce aws_ec2_subnet_cidr_reservation in the module HOT 2
- The aws route public_internet_gateway of the route table getting deleted then recreated HOT 3
- Support Palestine Banner same as Ukraine 🇵🇸
- Tag private subnets separately, like first 3 as app subnets and last 3 as data subnets
- DynamoDB - Cannot create both Interface and Gateway endpoints HOT 1
- Cannot define a default route table route with an IPv6 CIDR.
- deleting EC2 Subnet (subnet-xxxxxxx): DependencyViolation: The subnet 'subnet-xxxxxxx' has dependencies and cannot be deleted.
- Pass already created VPC id HOT 1
- Route table association issues
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-vpc.