diff --git a/terraform/modules/network/main.tf b/terraform/modules/network/main.tf
new file mode 100644
index 0000000..3d053b6
--- /dev/null
+++ b/terraform/modules/network/main.tf
@@ -0,0 +1,80 @@
+# VPC
+resource "google_compute_network" "vpc" {
+    name                    = "${var.project_name}-vpc"
+    auto_create_subnetworks = false
+}
+
+# Sous-réseaux
+resource "google_compute_subnetwork" "frontend" {
+    name          = "${var.project_name}-frontend"
+    network       = google_compute_network.vpc.id
+    ip_cidr_range = var.frontend_cidr
+    region        = var.region
+}
+
+resource "google_compute_subnetwork" "backend" {
+    name          = "${var.project_name}-backend"
+    network       = google_compute_network.vpc.id
+    ip_cidr_range = var.backend_cidr
+    region        = var.region
+}
+
+resource "google_compute_subnetwork" "database" {
+    name          = "${var.project_name}-database"
+    network       = google_compute_network.vpc.id
+    ip_cidr_range = var.database_cidr
+    region        = var.region
+}
+
+# Firewall
+resource "google_compute_firewall" "allow_http" {
+    name    = "${var.project_name}-allow-http"
+    network = google_compute_network.vpc.id
+
+    allow {
+        protocol = "tcp"
+        ports    = ["80", "443"]
+    }
+
+    source_ranges = ["0.0.0.0/0"]
+    target_tags   = ["frontend"]
+}
+
+resource "google_compute_firewall" "allow_ssh" {
+    name    = "${var.project_name}-allow-ssh"
+    network = google_compute_network.vpc.id
+
+    allow {
+        protocol = "tcp"
+        ports    = ["22"]
+    }
+
+    source_ranges = [var.ssh_source_ranges]
+    target_tags   = ["ssh"]
+}
+
+resource "google_compute_firewall" "allow_frontend_to_backend" {
+    name    = "${var.project_name}-allow-frontend-to-backend"
+    network = google_compute_network.vpc.id
+
+    allow {
+        protocol = "tcp"
+        ports    = ["8000"]
+    }
+
+    source_ranges = [var.frontend_cidr]
+    target_tags   = ["backend"]
+}
+
+resource "google_compute_firewall" "allow_backend_to_database" {
+    name    = "${var.project_name}-allow-backend-to-database"
+    network = google_compute_network.vpc.id
+
+    allow {
+        protocol = "tcp"
+        ports    = ["3306"]
+    }
+
+    source_ranges = [var.backend_cidr]
+    target_tags   = ["database"]
+}
\ No newline at end of file
diff --git a/terraform/modules/network/outputs.tf b/terraform/modules/network/outputs.tf
new file mode 100644
index 0000000..c8d67e0
--- /dev/null
+++ b/terraform/modules/network/outputs.tf
@@ -0,0 +1,13 @@
+output "vpc_id" {
+    description = "ID du VPC"
+    value       = google_compute_network.vpc.id
+}
+
+output "subnet_ids" {
+    description = "IDs des sous-réseaux frontend, backend, database"
+    value = {
+        frontend = google_compute_subnetwork.frontend.id
+        backend  = google_compute_subnetwork.backend.id
+        database = google_compute_subnetwork.database.id
+    }
+}
\ No newline at end of file
diff --git a/terraform/modules/network/variables.tf b/terraform/modules/network/variables.tf
new file mode 100644
index 0000000..ae9256a
--- /dev/null
+++ b/terraform/modules/network/variables.tf
@@ -0,0 +1,34 @@
+variable "project_name" {
+    description = "Nom du projet"
+    type        = string
+    default     = "mon-projet"
+}
+
+variable "region" {
+    description = "Région du projet"
+    type        = string
+    default     = "europe-west9"
+}
+
+variable "frontend_cidr" {
+    description = "CIDR pour frontend"
+    type        = string
+    default     = "10.0.1.0/24"
+}
+
+variable "backend_cidr" {
+    description = "CIDR pour backend"
+    type        = string
+    default     = "10.0.2.0/24"
+}
+
+variable "database_cidr" {
+    description = "CIDR pour database"
+    type        = string
+    default     = "10.0.3.0/24"
+}
+
+variable "ssh_source_ranges" {
+    description = "Plages d'adresses IP source autorisées pour SSH"
+    type        = string
+}
\ No newline at end of file