Rewrite of vpc module + awscc resources

.gitignore

@@ -1,9 +1,9 @@
 build/
 plan.out
 plan.out.json
-test/test_report.html
+
 # Local .terraform directories
-**/.terraform/*
+.terraform/
 
 # .tfstate files
 *.tfstate
@@ -13,8 +13,8 @@ test/test_report.html
 crash.log
 
 # Exclude all .tfvars files, which are likely to contain sentitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 #
 *.tfvars
@@ -38,5 +38,3 @@ override.tf.json
 terraform.rc
 .terraform.lock.hcl
 
-# lsp logs
-lsp/

.header.md

@@ -0,0 +1,80 @@
+# AWS VPC Module
+
+This module can be used to deploy a pragmatic VPC with various subnets types in # AZs. Common deployment examples can be found in [examples/](https://github.com/aws-ia/terraform-aws-vpc/tree/main/examples). Subnet CIDRs can be explicitly set via list of string argument `cidrs` or set via a number `netmask` argument.
+
+## Usage
+
+The example below builds a VPC with public and private subnets in 3 AZs. Each subnet calulates a CIDR based on the `netmask` argument passed. The public subnets build nat gateways in each AZ but optionally can be switched to `single_az`.
+
+```hcl
+module "vpc" {
+  source   = "aws-ia/vpc/aws"
+  versions = ">= 1.0.0"
+
+  name           = "multi-az-vpc"
+  vpc_cidr_block = "10.0.0.0/20"
+  az_count       = 3
+
+  subnets = {
+    public = {
+      name_prefix               = "my-public" # omit to prefix with "public"
+      netmask                   = 24
+      nat_gateway_configuration = "all_azs" # options: "single_az", "none"
+    }
+
+    private = {
+      # omitting name_prefix defaults value to "private"
+      # name_prefix  = "private"
+      netmask      = 24
+      route_to_nat = true
+    }
+  }
+
+  vpc_flow_logs = {
+    log_destination_type = "cloud-watch-logs"
+    retention_in_days    = 180
+  }
+}
+```
+
+## Updating a VPC with new or removed subnets
+
+If using `netmask` to calculate subnets and you wish to either add or remove subnets (ex: adding / removing an AZ), you may have to change from using `netmask` for some subnets and set to explicit instead. Private subnets are always calculated before public.
+
+When changing to explicit cidrs, subnets are always ordered by AZ. `0` -> a, `1` -> b, etc.
+
+Example: Changing from 2 azs to 3
+
+Before:
+```hcl
+vpc_cidr_block = "10.0.0.0/16"
+az_count = 2
+
+subnets = {
+  public = {
+   netmask = 24
+  }
+
+  private = {
+   netmask = 24
+  }
+}
+```
+
+After:
+```hcl
+vpc_cidr_block = "10.0.0.0/16"
+az_count = 3
+
+subnets = {
+  public = {
+   cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.4.0/24"]
+  }
+
+  private = {
+   cidrs = ["10.0.2.0/24", "10.0.3.0/24", "10.0.5.0/24"]
+  }
+}
+```
+
+The above example will cause only creating 2 new subnets in az `c` of the region being used.

.pre-commit-config.yaml

@@ -0,0 +1,10 @@
+---
+
+fail_fast: false
+minimum_pre_commit_version: "2.6.0"
+
+repos:
+  - repo: https://github.com/aws-ia/pre-commit-configs
+    rev: ce5b80d2643c3510bd17bb309cb767b6b21dc5ea  # frozen: 1.4
+    hooks:
+      - id: aws-ia-meta-hook

.terraform-docs.yaml

@@ -0,0 +1,20 @@
+formatter: markdown
+header-from: .header.md
+settings:
+  anchor: true
+  color: true
+  default: true
+  escape: true
+  html: true
+  indent: 2
+  required: true
+  sensitive: true
+  type: true
+
+sort:
+  enabled: true
+  by: required
+
+output:
+  file: README.md
+  mode: replace

.tflint.hcl

@@ -1,76 +1,66 @@
-config {
-  module = true
-  force = false
-  disabled_by_default = false
-  variables = ["region=us-east-1", "profile=default"]
-}
+# https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/module-inspection.md
+# borrowed & modified indefinitely from https://github.com/ksatirli/building-infrastructure-you-can-mostly-trust/blob/main/.tflint.hcl
 
 plugin "aws" {
-  enabled = true
-  version = "0.7.1"
-  source  = "github.com/terraform-linters/tflint-ruleset-aws"
+    enabled = true
+    version = "0.12.0"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }
 
-rule "terraform_deprecated_interpolation" {
-  enabled = true
-}
-
-rule "terraform_deprecated_index" {
-  enabled = true
-}
-
-rule "terraform_unused_declarations" {
-  enabled = true
+config {
+  module     = false
+  force      = false
 }
 
-rule "terraform_comment_syntax" {
+rule "terraform_required_providers" {
   enabled = true
 }
 
-rule "terraform_documented_outputs" {
+rule "terraform_required_version" {
   enabled = true
 }
 
-rule "terraform_documented_variables" {
+rule "terraform_naming_convention" {
   enabled = true
+  format  = "snake_case"
 }
 
 rule "terraform_typed_variables" {
   enabled = true
 }
 
-rule "terraform_module_pinned_source" {
+rule "terraform_unused_declarations" {
   enabled = true
 }
 
-rule "terraform_naming_convention" {
+rule "terraform_comment_syntax" {
   enabled = true
 }
 
-rule "terraform_required_version" {
+rule "terraform_deprecated_index" {
   enabled = true
 }
 
-rule "terraform_unused_required_providers" {
+rule "terraform_deprecated_interpolation" {
   enabled = true
 }
 
-rule "terraform_standard_module_structure" {
+rule "terraform_documented_outputs" {
   enabled = true
 }
 
-rule "terraform_workspace_remote" {
+rule "terraform_documented_variables" {
   enabled = true
 }
 
-rule "aws_iam_policy_document_gov_friendly_arns" {
+rule "terraform_module_pinned_source" {
   enabled = true
 }
 
-rule "aws_iam_policy_gov_friendly_arns" {
+rule "terraform_standard_module_structure" {
   enabled = true
 }
 
-rule "aws_iam_role_policy_gov_friendly_arns" {
+rule "terraform_workspace_remote" {
   enabled = true
 }

CODEOWNERS

@@ -1 +1 @@
-* @tonynv @andrew-glenn @tbulding @aws-ia/aws-ia
+* @tonynv @andrew-glenn @drewmullen  @aws-ia/aws-ia-terraform-core

NOTICE.txt

@@ -1,4 +1,4 @@
-Copyright 2016-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+Copyright 2016-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at