updated module reference

elasticache.tf

@@ -1,10 +1,10 @@
 resource "aws_elasticache_subnet_group" "elasticache_subnet" {
-  name       = "app-4-cache-subnet"
-  subnet_ids = [for subnet in aws_subnet.private : subnet.id]
+  name       = "${var.name}-cache-subnet"
+  subnet_ids = [for subnet in module.vpc.private_subnets : subnet.id]
 }
 
 resource "aws_secretsmanager_secret" "elasticache_auth" {
-  name                    = "app-4-elasticache-auth"
+  name                    = "${var.name}-elasticache-auth"
   recovery_window_in_days = 0
   kms_key_id              = aws_kms_key.encryption_secret.id
   #checkov:skip=CKV2_AWS_57: Disabled Secrets Manager secrets automatic rotation
@@ -18,8 +18,8 @@ resource "aws_secretsmanager_secret_version" "auth" {
 resource "aws_elasticache_replication_group" "app4" {
   automatic_failover_enabled = true
   subnet_group_name          = aws_elasticache_subnet_group.elasticache_subnet.name
-  replication_group_id       = var.replication_group_id
-  description                = "ElastiCache cluster for app4"
+  replication_group_id       = var.name
+  description                = "ElastiCache cluster for ${var.name}"
   node_type                  = "cache.t2.small"
   parameter_group_name       = "default.redis7.cluster.on"
   port                       = 6379

network.tf

@@ -1,56 +1,13 @@
-# https://docs.aws.amazon.com/glue/latest/dg/set-up-vpc-dns.html
-resource "aws_vpc" "this" {
-  cidr_block = var.vpc_cidr
-  # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_support
-  enable_dns_support = true
-  # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc#enable_dns_hostnames
-  enable_dns_hostnames = true
-  #checkov:skip=CKV2_AWS_11: Not creating a flow log for this VPC
-  tags = {
-    "Name" = "app-4"
-  }
-}
-data "aws_availability_zones" "available" {
-  state = "available"
-}
-resource "aws_subnet" "private" {
-  count             = length(var.subnet_cidr_private)
-  vpc_id            = aws_vpc.this.id
-  cidr_block        = var.subnet_cidr_private[count.index]
-  availability_zone = data.aws_availability_zones.available.names[(count.index) % length(data.aws_availability_zones.available.names)]
-  tags = {
-    "Name" = "app-4-private-${count.index + 1}"
-  }
-}
-resource "aws_subnet" "public" {
-  count             = length(var.subnet_cidr_public)
-  vpc_id            = aws_vpc.this.id
-  cidr_block        = var.subnet_cidr_public[count.index]
-  availability_zone = data.aws_availability_zones.available.names[(count.index) % length(data.aws_availability_zones.available.names)]
-  tags = {
-    "Name" = "app-4-public-${count.index + 1}"
-  }
-}
-resource "aws_route_table" "private" {
-  count  = length(var.subnet_cidr_private)
-  vpc_id = aws_vpc.this.id
-  tags = {
-    "Name" = "app-4-private-route-table-${count.index + 1}"
-  }
-}
-resource "aws_route_table" "public" {
-  vpc_id = aws_vpc.this.id
-  tags = {
-    "Name" = "app-4-public"
-  }
-}
-resource "aws_route_table_association" "private" {
-  count          = length(var.subnet_cidr_private)
-  subnet_id      = element(aws_subnet.private.*.id, count.index)
-  route_table_id = aws_route_table.private[count.index].id
-}
-resource "aws_route_table_association" "public" {
-  count          = length(var.subnet_cidr_public)
-  subnet_id      = element(aws_subnet.public.*.id, count.index)
-  route_table_id = aws_route_table.public.id
+module "vpc" {
+  #CKV_TF_1: Ensure Terraform module sources use a commit hash
+  #checkov:skip=CKV_TF_1: This is a self hosted module where the version number is tagged rather than the commit hash.
+  source               = "github.com/kunduso/terraform-aws-vpc?ref=v1.0.1"
+  region               = var.region
+  vpc_cidr             = var.vpc_cidr
+  enable_dns_support   = "true"
+  enable_dns_hostnames = "true"
+  vpc_name             = "app-4"
+  subnet_cidr_private  = var.subnet_cidr_private
+  subnet_cidr_public   = var.subnet_cidr_public
+  enable_flow_log      = "true"
 }