README
¶
cdk-vpc-module
cdk-vpc-module construct library is an open-source extension of the AWS Cloud Development Kit (AWS CDK) to deploy configurable aws vpc and its individual components in less than 50 lines of code and human readable configuration which can be managed by pull requests!
✨ Features
- ✅ Option to configure custom IPv4 CIDR(10.10.0.0/24)
- ✅ VPC Peering with route table entry
- ✅ Configurable NACL as per subnet group
- ✅ NATGateway as per availabilityZones
Using cdk a vpc can be deployed using the following sample code snippet:
import { Network } from "@smallcase/cdk-vpc-module/lib/constructs/network";
import { aws_ec2 as ec2, App, Stack, StackProps } from "aws-cdk-lib";
import { Construct } from "constructs";
export class VPCStack extends Stack {
constructor(scope: Construct, id: string, props: StackProps = {}) {
super(scope, id, props);
new Network(this, 'NETWORK', {
vpc: {
cidr: '10.10.0.0/16',
subnetConfiguration: [],
},
peeringConfigs: {
"TEST-PEERING": { // this key will be used as your peering id, which you will have to mention below when you configure a route table for your subnets
peeringVpcId: "vpc-0000",
tags: {
"Name": "TEST-PEERING to CREATED-VPC",
"Description": "Connect"
}
}
},
subnets: [
{
subnetGroupName: 'NATGateway',
subnetType: ec2.SubnetType.PUBLIC,
cidrBlock: ['10.10.0.0/28', '10.10.0.16/28', '10.10.0.32/28'],
availabilityZones: ['ap-south-1a', 'ap-south-1b', 'ap-south-1c'],
ingressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
routes: [
],
egressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
},
{
subnetGroupName: 'Public',
subnetType: ec2.SubnetType.PUBLIC,
cidrBlock: ['10.10.2.0/24', '10.10.3.0/24', '10.10.4.0/24'],
availabilityZones: ['ap-south-1a', 'ap-south-1b', 'ap-south-1c'],
ingressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
egressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
routes: [
],
tags: {
// if you use this vpc for your eks cluster, you have to tag your subnets [read more](https://aws.amazon.com/premiumsupport/knowledge-center/eks-vpc-subnet-discovery/)
'kubernetes.io/role/elb': '1',
'kubernetes.io/cluster/TEST-CLUSTER': 'owned',
},
},
{
subnetGroupName: 'Private',
subnetType: ec2.SubnetType.PRIVATE_WITH_NAT,
cidrBlock: ['10.10.5.0/24', '10.10.6.0/24', '10.10.7.0/24'],
availabilityZones: ['ap-south-1a', 'ap-south-1b', 'ap-south-1c'],
ingressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
egressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
routes: [
{
// if you use this vpc for your eks cluster, you have to tag your subnets [read more](https://aws.amazon.com/premiumsupport/knowledge-center/eks-vpc-subnet-discovery/)
routerType: ec2.RouterType.VPC_PEERING_CONNECTION,
destinationCidrBlock: "<destinationCidrBlock>",
//<Your VPC PeeringConfig KEY, in this example TEST-PEERING will be your ID>
existingVpcPeeringRouteKey: "TEST-PEERING"
}
],
tags: {
'kubernetes.io/role/internal-elb': '1',
'kubernetes.io/cluster/TEST-CLUSTER': 'owned',
},
},
{
subnetGroupName: 'Database',
subnetType: ec2.SubnetType.PRIVATE_WITH_NAT,
cidrBlock: ['10.10.14.0/27', '10.10.14.32/27', '10.10.14.64/27'],
availabilityZones: ['ap-south-1a', 'ap-south-1b', 'ap-south-1c'],
ingressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
egressNetworkACL: [
{
cidr: ec2.AclCidr.ipv4('0.0.0.0/0'),
traffic: ec2.AclTraffic.allTraffic(),
},
],
routes: [
],
tags: {
},
},
],
});
}
}
const envDef = {
account: '<AWS-ID>',
region: '<AWS-REGION>',
};
const app = new App();
new VPCStack(app, 'TEST', {
env: envDef,
terminationProtection: true,
tags: {
});
app.synth();
Please refer here to check how to use individual resource constructs.
🎬 Quick Start
The quick start shows you how to create an AWS-VPC using this module.
Prerequisites
- A working
awsCLI installation with access to an account and administrator privileges - You'll need a recent NodeJS installation
To get going you'll need a CDK project. For details please refer to the detailed guide for CDK.
Create an empty directory on your system.
mkdir aws-quick-start-vpc && cd aws-quick-start-vpc
Bootstrap your CDK project, we will use TypeScript, but you can switch to any other supported language.
npx cdk init sample-vpc --language typescript
npx cdk bootstrap
Install using NPM:
npm install @smallcase/cdk-vpc-module
Using yarn
yarn add @smallcase/cdk-vpc-module
Check the changed which are to be deployed
~ -> npx cdk diff
Deploy using
~ -> npx cdk deploy
Documentation
¶
Overview ¶
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
@smallcase/cdk-vpc-module
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Network_IsConstruct ¶
func Network_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func NewNetwork_Override ¶
Types ¶
type AddRouteOptions ¶
type AddRouteOptions struct {
// What type of router to route this traffic to.
RouterType awsec2.RouterType `field:"required" json:"routerType" yaml:"routerType"`
// IPv4 range this route applies to.
DestinationCidrBlock *string `field:"optional" json:"destinationCidrBlock" yaml:"destinationCidrBlock"`
// IPv6 range this route applies to.
DestinationIpv6CidrBlock *string `field:"optional" json:"destinationIpv6CidrBlock" yaml:"destinationIpv6CidrBlock"`
// Whether this route will enable internet connectivity.
//
// If true, this route will be added before any AWS resources that depend
// on internet connectivity in the VPC will be created.
EnablesInternetConnectivity *bool `field:"optional" json:"enablesInternetConnectivity" yaml:"enablesInternetConnectivity"`
ExistingVpcPeeringRouteKey *string `field:"optional" json:"existingVpcPeeringRouteKey" yaml:"existingVpcPeeringRouteKey"`
RouterId *string `field:"optional" json:"routerId" yaml:"routerId"`
}
type ISubnetsProps ¶
type ISubnetsProps interface {
AvailabilityZones() *[]*string
CidrBlock() *[]*string
EgressNetworkACL() *[]*NetworkACL
IngressNetworkACL() *[]*NetworkACL
Routes() *[]*AddRouteOptions
SubnetGroupName() *string
SubnetType() awsec2.SubnetType
Tags() *map[string]*string
UseSubnetForNAT() *bool
}
type Network ¶
type Network interface {
constructs.Construct
NatProvider() awsec2.NatProvider
NatSubnets() *[]awsec2.PublicSubnet
SetNatSubnets(val *[]awsec2.PublicSubnet)
// The tree node.
Node() constructs.Node
PbSubnets() *[]awsec2.PublicSubnet
SetPbSubnets(val *[]awsec2.PublicSubnet)
PvSubnets() *[]awsec2.PrivateSubnet
SetPvSubnets(val *[]awsec2.PrivateSubnet)
Vpc() awsec2.Vpc
CreateSubnet(option ISubnetsProps, vpc awsec2.Vpc, peeringConnectionId *PeeringConnectionInternalType) *[]awsec2.Subnet
// Returns a string representation of this construct.
ToString() *string
}
func NewNetwork ¶
type NetworkACL ¶
type NetworkACL struct {
Cidr awsec2.AclCidr `field:"required" json:"cidr" yaml:"cidr"`
Traffic awsec2.AclTraffic `field:"required" json:"traffic" yaml:"traffic"`
}
type PeeringConfig ¶
type PeeringConfig struct {
PeeringVpcId *string `field:"required" json:"peeringVpcId" yaml:"peeringVpcId"`
Tags *map[string]*string `field:"required" json:"tags" yaml:"tags"`
PeerAssumeRoleArn *string `field:"optional" json:"peerAssumeRoleArn" yaml:"peerAssumeRoleArn"`
PeerOwnerId *string `field:"optional" json:"peerOwnerId" yaml:"peerOwnerId"`
PeerRegion *string `field:"optional" json:"peerRegion" yaml:"peerRegion"`
}
type PeeringConnectionInternalType ¶
type PeeringConnectionInternalType struct {
}
type VPCProps ¶
type VPCProps struct {
Subnets *[]ISubnetsProps `field:"required" json:"subnets" yaml:"subnets"`
Vpc *awsec2.VpcProps `field:"required" json:"vpc" yaml:"vpc"`
NatEipAllocationIds *[]*string `field:"optional" json:"natEipAllocationIds" yaml:"natEipAllocationIds"`
PeeringConfigs *map[string]*PeeringConfig `field:"optional" json:"peeringConfigs" yaml:"peeringConfigs"`
}
Source Files
¶
- smallcasecdkvpcmodule.go
- smallcasecdkvpcmodule_AddRouteOptions.go
- smallcasecdkvpcmodule_ISubnetsProps.go
- smallcasecdkvpcmodule_Network.go
- smallcasecdkvpcmodule_NetworkACL.go
- smallcasecdkvpcmodule_Network__runtime_type_checks.go
- smallcasecdkvpcmodule_PeeringConfig.go
- smallcasecdkvpcmodule_PeeringConnectionInternalType.go
- smallcasecdkvpcmodule_VPCProps.go
Directories
Click to show internal directories.
Click to hide internal directories.