Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not require NAT gateway IDs for private subnets #51

Merged
merged 1 commit into from
May 10, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -308,7 +308,7 @@ Available targets:
| <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional tags for appending to tags\_as\_list\_of\_maps. Not added to `tags`. | `map(string)` | `{}` | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| <a name="input_availability_zones"></a> [availability\_zones](#input\_availability\_zones) | List of Availability Zones (e.g. `['us-east-1a', 'us-east-1b', 'us-east-1c']`) | `list(string)` | n/a | yes |
| <a name="input_az_ngw_ids"></a> [az\_ngw\_ids](#input\_az\_ngw\_ids) | Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets | `map(string)` | `{}` | no |
| <a name="input_az_ngw_ids"></a> [az\_ngw\_ids](#input\_az\_ngw\_ids) | Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets.<br>You should either supply one NAT Gateway ID for each AZ in `var.availability_zones` or leave the map empty.<br>If empty, no default egress route will be created and you will have to create your own using `aws_route`. | `map(string)` | `{}` | no |
| <a name="input_cidr_block"></a> [cidr\_block](#input\_cidr\_block) | Base CIDR block which is divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | `string` | n/a | yes |
| <a name="input_context"></a> [context](#input\_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | <pre>{<br> "additional_tag_map": {},<br> "attributes": [],<br> "delimiter": null,<br> "enabled": true,<br> "environment": null,<br> "id_length_limit": null,<br> "label_key_case": null,<br> "label_order": [],<br> "label_value_case": null,<br> "name": null,<br> "namespace": null,<br> "regex_replace_chars": null,<br> "stage": null,<br> "tags": {}<br>}</pre> | no |
| <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
Expand Down
2 changes: 1 addition & 1 deletion docs/terraform.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
| <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional tags for appending to tags\_as\_list\_of\_maps. Not added to `tags`. | `map(string)` | `{}` | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| <a name="input_availability_zones"></a> [availability\_zones](#input\_availability\_zones) | List of Availability Zones (e.g. `['us-east-1a', 'us-east-1b', 'us-east-1c']`) | `list(string)` | n/a | yes |
| <a name="input_az_ngw_ids"></a> [az\_ngw\_ids](#input\_az\_ngw\_ids) | Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets | `map(string)` | `{}` | no |
| <a name="input_az_ngw_ids"></a> [az\_ngw\_ids](#input\_az\_ngw\_ids) | Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets.<br>You should either supply one NAT Gateway ID for each AZ in `var.availability_zones` or leave the map empty.<br>If empty, no default egress route will be created and you will have to create your own using `aws_route`. | `map(string)` | `{}` | no |
| <a name="input_cidr_block"></a> [cidr\_block](#input\_cidr\_block) | Base CIDR block which is divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | `string` | n/a | yes |
| <a name="input_context"></a> [context](#input\_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | <pre>{<br> "additional_tag_map": {},<br> "attributes": [],<br> "delimiter": null,<br> "enabled": true,<br> "environment": null,<br> "id_length_limit": null,<br> "label_key_case": null,<br> "label_order": [],<br> "label_value_case": null,<br> "name": null,<br> "namespace": null,<br> "regex_replace_chars": null,<br> "stage": null,<br> "tags": {}<br>}</pre> | no |
| <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
Expand Down
1 change: 0 additions & 1 deletion examples/complete/fixtures.disabled.tfvars

This file was deleted.

1 change: 0 additions & 1 deletion examples/complete/fixtures.enabled.tfvars

This file was deleted.

24 changes: 18 additions & 6 deletions examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,10 @@ provider "aws" {
}

locals {
public_cidr_block = cidrsubnet(var.cidr_block, 2, 0)
public_only_cidr_block = cidrsubnet(var.cidr_block, 2, 1)
private_cidr_block = cidrsubnet(var.cidr_block, 2, 2)
public_cidr_block = cidrsubnet(var.cidr_block, 2, 0)
public_only_cidr_block = cidrsubnet(var.cidr_block, 2, 1)
private_cidr_block = cidrsubnet(var.cidr_block, 2, 2)
private_only_cidr_block = cidrsubnet(var.cidr_block, 2, 3)
}

module "vpc" {
Expand All @@ -20,7 +21,6 @@ module "vpc" {
module "public_subnets" {
source = "../../"

enabled = var.enabled
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
cidr_block = local.public_cidr_block
Expand All @@ -34,7 +34,6 @@ module "public_subnets" {
module "public_only_subnets" {
source = "../../"

enabled = var.enabled
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
cidr_block = local.public_only_cidr_block
Expand All @@ -48,7 +47,6 @@ module "public_only_subnets" {
module "private_subnets" {
source = "../../"

enabled = var.enabled
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
cidr_block = local.private_cidr_block
Expand All @@ -60,3 +58,17 @@ module "private_subnets" {
context = module.this.context
}

module "private_only_subnets" {
source = "../../"

availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
cidr_block = local.private_only_cidr_block
type = "private"

# No NAT gateways supplied, should create subnets with empty route tables
# az_ngw_ids = module.public_subnets.az_ngw_ids

context = module.this.context
}

4 changes: 2 additions & 2 deletions private.tf
Original file line number Diff line number Diff line change
Expand Up @@ -90,10 +90,10 @@ resource "aws_route_table_association" "private" {
}

resource "aws_route" "default" {
for_each = local.private_azs
for_each = var.az_ngw_ids

route_table_id = aws_route_table.private[each.key].id
nat_gateway_id = var.az_ngw_ids[each.key]
nat_gateway_id = each.value
destination_cidr_block = "0.0.0.0/0"
depends_on = [aws_route_table.private]
}
6 changes: 5 additions & 1 deletion test/src/examples_complete_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,11 @@ func TestExamplesCompleteDisabledModule(t *testing.T) {
TerraformDir: "../../examples/complete",
Upgrade: true,
// Variables to pass to our Terraform code using -var-file options
VarFiles: []string{"fixtures.us-east-2.tfvars", "fixtures.disabled.tfvars"},
VarFiles: []string{"fixtures.us-east-2.tfvars"},
Vars: map[string]interface{}{
"enabled": "false",
},

}

// At the end of the test, run `terraform destroy` to clean up any resources that were created
Expand Down
6 changes: 5 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,11 @@ variable "igw_id" {

variable "az_ngw_ids" {
type = map(string)
description = "Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets"
description = <<-EOT
Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets.
You should either supply one NAT Gateway ID for each AZ in `var.availability_zones` or leave the map empty.
If empty, no default egress route will be created and you will have to create your own using `aws_route`.
EOT
default = {}
}

Expand Down