diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 41c1baa..bed3c96 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,4 +1,14 @@ # Use this file to define individuals or teams that are responsible for code in a repository. # Read more: +# +# Order is important: the last matching pattern takes the most precedence -* @cloudposse/engineering \ No newline at end of file +# These owners will be the default owners for everything +* @cloudposse/engineering @cloudposse/contributors + +# Cloud Posse must review any changes to Makefiles +**/Makefile @cloudposse/engineering +**/Makefile.* @cloudposse/engineering + +# Cloud Posse must review any changes to GitHub actions +.github/* @cloudposse/engineering diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index ecc9eb6..39a8686 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -7,7 +7,7 @@ assignees: '' --- -Have a question? Please checkout our [Slack Community](https://slack.cloudposse.com) in the `#geodesic` channel or visit our [Slack Archive](https://archive.sweetops.com/geodesic/). +Have a question? Please checkout our [Slack Community](https://slack.cloudposse.com) or visit our [Slack Archive](https://archive.sweetops.com/). [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) @@ -33,4 +33,4 @@ Explain what alternative solutions or features you've considered. ## Additional Context -Add any other context or screenshots about the feature request here. \ No newline at end of file +Add any other context or screenshots about the feature request here. diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml new file mode 100644 index 0000000..a6bb11b --- /dev/null +++ b/.github/workflows/chatops.yml @@ -0,0 +1,37 @@ +name: chatops +on: + issue_comment: + types: [created] + +jobs: + default: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: "Handle common commands" + uses: cloudposse/actions/github/slash-command-dispatch@0.15.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: cloudposse/actions + commands: rebuild-readme, terraform-fmt + permission: none + issue-type: pull-request + + test: + runs-on: ubuntu-latest + steps: + - name: "Checkout commit" + uses: actions/checkout@v2 + - name: "Run tests" + uses: cloudposse/actions/github/slash-command-dispatch@0.15.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: cloudposse/actions + commands: test + permission: none + issue-type: pull-request + reactions: false + + diff --git a/.github/workflows/slash-command-dispatch.yml b/.github/workflows/slash-command-dispatch.yml deleted file mode 100644 index 3e3c138..0000000 --- a/.github/workflows/slash-command-dispatch.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Slash Command Dispatch -on: - issue_comment: - types: [created] - -jobs: - slashCommandDispatch: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Slash Command Dispatch - uses: cloudposse/actions/github/slash-command-dispatch@0.12.0 - with: - token: ${{ secrets.GITHUB_BOT_TOKEN }} - reaction-token: ${{ secrets.GITHUB_TOKEN }} - repository: cloudposse/actions - commands: rebuild-readme, terraform-fmt - permission: none - issue-type: pull-request diff --git a/README.md b/README.md index 7d27e26..e2cb1aa 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ [![Cloud Posse][logo]](https://cpco.io/homepage) -# terraform-aws-named-subnets [![Codefresh Build Status](https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-named-subnets?type=cf-1)](https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d2f63aa58ad25c1f8ee8e94) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-named-subnets.svg)](https://github.com/cloudposse/terraform-aws-named-subnets/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) +# terraform-aws-named-subnets [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-named-subnets.svg)](https://github.com/cloudposse/terraform-aws-named-subnets/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) Terraform module for named [`subnets`](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) provisioning. @@ -333,44 +333,58 @@ Available targets: lint Lint terraform code ``` +## Requirements + +| Name | Version | +|------|---------| +| terraform | ~> 0.12.0 | +| aws | ~> 2.0 | +| null | ~> 2.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws | ~> 2.0 | + ## Inputs | Name | Description | Type | Default | Required | -|------|-------------|:----:|:-----:|:-----:| -| attributes | Additional attributes (e.g. `policy` or `role`) | list(string) | `` | no | -| availability_zone | Availability Zone | string | - | yes | -| cidr_block | Base CIDR block which will be divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | string | - | yes | -| delimiter | Delimiter to be used between `name`, `namespace`, `stage`, `attributes` | string | `-` | no | -| enabled | Set to false to prevent the module from creating any resources | bool | `true` | no | -| eni_id | An ID of a network interface which is used as a default route in private route tables (_e.g._ `eni-9c26a123`) | string | `` | no | -| igw_id | Internet Gateway ID which will be used as a default route in public route tables (e.g. `igw-9c26a123`). Conflicts with `ngw_id` | string | `` | no | -| max_subnets | Maximum number of subnets which can be created. This variable is being used for CIDR blocks calculation. Defaults to length of `subnet_names` argument | number | `16` | no | -| name | Application or solution name | string | - | yes | -| namespace | Namespace (e.g. `eg` or `cp`) | string | `` | no | -| nat_enabled | Enable/disable NAT Gateway | bool | `true` | no | -| ngw_id | NAT Gateway ID which will be used as a default route in private route tables (e.g. `igw-9c26a123`). Conflicts with `igw_id` | string | `` | no | -| private_network_acl_egress | Private network egress ACL rules | object | `` | no | -| private_network_acl_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | string | `` | no | -| private_network_acl_ingress | Private network ingress ACL rules | object | `` | no | -| public_network_acl_egress | Public network egress ACL rules | object | `` | no | -| public_network_acl_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | string | `` | no | -| public_network_acl_ingress | Public network ingress ACL rules | object | `` | no | -| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no | -| subnet_names | List of subnet names (e.g. `['apples', 'oranges', 'grapes']`) | list(string) | - | yes | -| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map(string) | `` | no | -| type | Type of subnets (`private` or `public`) | string | `private` | no | -| vpc_id | VPC ID | string | - | yes | +|------|-------------|------|---------|:--------:| +| attributes | Additional attributes (e.g. `policy` or `role`) | `list(string)` | `[]` | no | +| availability\_zone | Availability Zone | `string` | n/a | yes | +| cidr\_block | Base CIDR block which will be divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | `string` | n/a | yes | +| delimiter | Delimiter to be used between `name`, `namespace`, `stage`, `attributes` | `string` | `"-"` | no | +| enabled | Set to false to prevent the module from creating any resources | `bool` | `true` | no | +| eni\_id | An ID of a network interface which is used as a default route in private route tables (\_e.g.\_ `eni-9c26a123`) | `string` | `""` | no | +| igw\_id | Internet Gateway ID which will be used as a default route in public route tables (e.g. `igw-9c26a123`). Conflicts with `ngw_id` | `string` | `""` | no | +| max\_subnets | Maximum number of subnets which can be created. This variable is being used for CIDR blocks calculation. Defaults to length of `subnet_names` argument | `number` | `16` | no | +| name | Application or solution name | `string` | n/a | yes | +| namespace | Namespace (e.g. `eg` or `cp`) | `string` | `""` | no | +| nat\_enabled | Enable/disable NAT Gateway | `bool` | `true` | no | +| ngw\_id | NAT Gateway ID which will be used as a default route in private route tables (e.g. `igw-9c26a123`). Conflicts with `igw_id` | `string` | `""` | no | +| private\_network\_acl\_egress | Private network egress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| private\_network\_acl\_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | `string` | `""` | no | +| private\_network\_acl\_ingress | Private network ingress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| public\_network\_acl\_egress | Public network egress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| public\_network\_acl\_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | `string` | `""` | no | +| public\_network\_acl\_ingress | Public network ingress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| stage | Stage (e.g. `prod`, `dev`, `staging`) | `string` | `""` | no | +| subnet\_names | List of subnet names (e.g. `['apples', 'oranges', 'grapes']`) | `list(string)` | n/a | yes | +| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | `map(string)` | `{}` | no | +| type | Type of subnets (`private` or `public`) | `string` | `"private"` | no | +| vpc\_id | VPC ID | `string` | n/a | yes | ## Outputs | Name | Description | |------|-------------| -| named_subnet_ids | Map of subnet names to subnet IDs | -| ngw_id | NAT Gateway ID | -| ngw_private_ip | Private IP address of the NAT Gateway | -| ngw_public_ip | Public IP address of the NAT Gateway | -| route_table_ids | Route table IDs | -| subnet_ids | Subnet IDs | +| named\_subnet\_ids | Map of subnet names to subnet IDs | +| ngw\_id | NAT Gateway ID | +| ngw\_private\_ip | Private IP address of the NAT Gateway | +| ngw\_public\_ip | Public IP address of the NAT Gateway | +| route\_table\_ids | Route table IDs | +| subnet\_ids | Subnet IDs | @@ -427,6 +441,10 @@ We deliver 10x the value for a fraction of the cost of a full-time engineer. Our Join our [Open Source Community][slack] on Slack. It's **FREE** for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build totally *sweet* infrastructure. +## Discourse Forums + +Participate in our [Discourse Forums][discourse]. Here you'll find answers to commonly asked questions. Most questions will be related to the enormous number of projects we support on our GitHub. Come here to collaborate on answers, find solutions, and get ideas about the products and services we value. It only takes a minute to get started! Just sign in with SSO using your GitHub account. + ## Newsletter Sign up for [our newsletter][newsletter] that covers everything on our technology radar. Receive updates on what we're up to on GitHub as well as awesome new projects we discover. @@ -544,6 +562,7 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply [testimonial]: https://cpco.io/leave-testimonial?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=testimonial [office_hours]: https://cloudposse.com/office-hours?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=office_hours [newsletter]: https://cpco.io/newsletter?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=newsletter + [discourse]: https://ask.sweetops.com/?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=discourse [email]: https://cpco.io/email?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=email [commercial_support]: https://cpco.io/commercial-support?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=commercial_support [we_love_open_source]: https://cpco.io/we-love-open-source?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-named-subnets&utm_content=we_love_open_source diff --git a/README.yaml b/README.yaml index ed54b5d..bf9293b 100644 --- a/README.yaml +++ b/README.yaml @@ -1,4 +1,3 @@ ---- # # This is the canonical configuration for the `README.md` # Run `make readme` to rebuild the `README.md` @@ -6,13 +5,11 @@ # Name of this project name: terraform-aws-named-subnets - # Logo for this project #logo: docs/logo.png # License of this project license: "APACHE2" - # Tags of this project tags: - aws @@ -25,26 +22,19 @@ tags: - vpc - cidr - dynamic - # Categories of this project categories: - terraform-modules/networking - # Canonical GitHub repo github_repo: cloudposse/terraform-aws-named-subnets - # Badges to display badges: - - name: "Codefresh Build Status" - image: "https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-named-subnets?type=cf-1" - url: "https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d2f63aa58ad25c1f8ee8e94" - name: "Latest Release" image: "https://img.shields.io/github/release/cloudposse/terraform-aws-named-subnets.svg" url: "https://github.com/cloudposse/terraform-aws-named-subnets/releases/latest" - name: "Slack Community" image: "https://slack.cloudposse.com/badge.svg" url: "https://slack.cloudposse.com" - related: - name: "terraform-aws-multi-az-subnets" description: "Terraform module for multi-AZ public and private subnets provisioning." @@ -58,13 +48,11 @@ related: - name: "terraform-aws-cloudwatch-flow-logs" description: "Terraform module for enabling flow logs for vpc and subnets." url: "https://github.com/cloudposse/terraform-aws-cloudwatch-flow-logs" - # Short description of this project description: |- Terraform module for named [`subnets`](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) provisioning. - # How to use this project -usage: |- +usage: |2- Simple example, with private and public subnets in one Availability Zone: @@ -296,12 +284,9 @@ usage: |- `public_named_subnet_ids["web1"]` `lookup(private_named_subnet_ids, "kafka")` - - include: - "docs/targets.md" - "docs/terraform.md" - # Contributors to this project contributors: - name: "Erik Osterman" diff --git a/codefresh/test.yml b/codefresh/test.yml deleted file mode 100644 index ddd07f9..0000000 --- a/codefresh/test.yml +++ /dev/null @@ -1,74 +0,0 @@ -version: '1.0' - -stages: - - Prepare - - Test - -steps: - wait: - title: Wait - stage: Prepare - image: codefresh/cli:latest - commands: - - codefresh get builds --pipeline=${{CF_REPO_NAME}} --status running --limit 1000 -o json | jq --arg id ${{CF_BUILD_ID}} -ser 'flatten|.[-1].id==$id' - retry: - maxAttempts: 10 - delay: 20 - exponentialFactor: 1.1 - - main_clone: - title: "Clone repository" - type: git-clone - stage: Prepare - description: "Initialize" - repo: ${{CF_REPO_OWNER}}/${{CF_REPO_NAME}} - git: CF-default - revision: ${{CF_REVISION}} - - clean_init: - title: Prepare build-harness and test-harness - image: ${{TEST_IMAGE}} - stage: Prepare - commands: - - cf_export PATH="/usr/local/terraform/0.12/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - - make init - - git -C build-harness checkout master - - make -C test/ clean init TEST_HARNESS_BRANCH=master - - make -C test/src clean init - - find . -type d -name '.terraform' | xargs rm -rf - - find . -type f -name 'terraform.tfstate*' -exec rm -f {} \; - - test: - type: "parallel" - title: "Run tests" - description: "Run all tests in parallel" - stage: Test - steps: - test_readme_lint: - title: "Test README.md updated" - stage: "Test" - image: ${{TEST_IMAGE}} - description: Test "readme/lint" - commands: - - make readme/lint - - test_module: - title: Test module with bats - image: ${{TEST_IMAGE}} - stage: Test - commands: - - make -C test/ module - - test_examples_complete: - title: Test "examples/complete" with bats - image: ${{TEST_IMAGE}} - stage: Test - commands: - - make -C test/ examples/complete - - test_examples_complete_terratest: - title: Test "examples/complete" with terratest - image: ${{TEST_IMAGE}} - stage: Test - commands: - - make -C test/src diff --git a/docs/terraform.md b/docs/terraform.md index 9688168..5768553 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -1,39 +1,53 @@ +## Requirements + +| Name | Version | +|------|---------| +| terraform | ~> 0.12.0 | +| aws | ~> 2.0 | +| null | ~> 2.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws | ~> 2.0 | + ## Inputs | Name | Description | Type | Default | Required | -|------|-------------|:----:|:-----:|:-----:| -| attributes | Additional attributes (e.g. `policy` or `role`) | list(string) | `` | no | -| availability_zone | Availability Zone | string | - | yes | -| cidr_block | Base CIDR block which will be divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | string | - | yes | -| delimiter | Delimiter to be used between `name`, `namespace`, `stage`, `attributes` | string | `-` | no | -| enabled | Set to false to prevent the module from creating any resources | bool | `true` | no | -| eni_id | An ID of a network interface which is used as a default route in private route tables (_e.g._ `eni-9c26a123`) | string | `` | no | -| igw_id | Internet Gateway ID which will be used as a default route in public route tables (e.g. `igw-9c26a123`). Conflicts with `ngw_id` | string | `` | no | -| max_subnets | Maximum number of subnets which can be created. This variable is being used for CIDR blocks calculation. Defaults to length of `subnet_names` argument | number | `16` | no | -| name | Application or solution name | string | - | yes | -| namespace | Namespace (e.g. `eg` or `cp`) | string | `` | no | -| nat_enabled | Enable/disable NAT Gateway | bool | `true` | no | -| ngw_id | NAT Gateway ID which will be used as a default route in private route tables (e.g. `igw-9c26a123`). Conflicts with `igw_id` | string | `` | no | -| private_network_acl_egress | Private network egress ACL rules | object | `` | no | -| private_network_acl_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | string | `` | no | -| private_network_acl_ingress | Private network ingress ACL rules | object | `` | no | -| public_network_acl_egress | Public network egress ACL rules | object | `` | no | -| public_network_acl_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | string | `` | no | -| public_network_acl_ingress | Public network ingress ACL rules | object | `` | no | -| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no | -| subnet_names | List of subnet names (e.g. `['apples', 'oranges', 'grapes']`) | list(string) | - | yes | -| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map(string) | `` | no | -| type | Type of subnets (`private` or `public`) | string | `private` | no | -| vpc_id | VPC ID | string | - | yes | +|------|-------------|------|---------|:--------:| +| attributes | Additional attributes (e.g. `policy` or `role`) | `list(string)` | `[]` | no | +| availability\_zone | Availability Zone | `string` | n/a | yes | +| cidr\_block | Base CIDR block which will be divided into subnet CIDR blocks (e.g. `10.0.0.0/16`) | `string` | n/a | yes | +| delimiter | Delimiter to be used between `name`, `namespace`, `stage`, `attributes` | `string` | `"-"` | no | +| enabled | Set to false to prevent the module from creating any resources | `bool` | `true` | no | +| eni\_id | An ID of a network interface which is used as a default route in private route tables (\_e.g.\_ `eni-9c26a123`) | `string` | `""` | no | +| igw\_id | Internet Gateway ID which will be used as a default route in public route tables (e.g. `igw-9c26a123`). Conflicts with `ngw_id` | `string` | `""` | no | +| max\_subnets | Maximum number of subnets which can be created. This variable is being used for CIDR blocks calculation. Defaults to length of `subnet_names` argument | `number` | `16` | no | +| name | Application or solution name | `string` | n/a | yes | +| namespace | Namespace (e.g. `eg` or `cp`) | `string` | `""` | no | +| nat\_enabled | Enable/disable NAT Gateway | `bool` | `true` | no | +| ngw\_id | NAT Gateway ID which will be used as a default route in private route tables (e.g. `igw-9c26a123`). Conflicts with `igw_id` | `string` | `""` | no | +| private\_network\_acl\_egress | Private network egress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| private\_network\_acl\_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | `string` | `""` | no | +| private\_network\_acl\_ingress | Private network ingress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| public\_network\_acl\_egress | Public network egress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| public\_network\_acl\_id | Network ACL ID that will be added to the subnets. If empty, a new ACL will be created | `string` | `""` | no | +| public\_network\_acl\_ingress | Public network ingress ACL rules | 
list(object(
    {
      rule_no    = number
      action     = string
      cidr_block = string
      from_port  = number
      to_port    = number
      protocol   = string
  }))
| 
[
  {
    "action": "allow",
    "cidr_block": "0.0.0.0/0",
    "from_port": 0,
    "protocol": "-1",
    "rule_no": 100,
    "to_port": 0
  }
]
| no | +| stage | Stage (e.g. `prod`, `dev`, `staging`) | `string` | `""` | no | +| subnet\_names | List of subnet names (e.g. `['apples', 'oranges', 'grapes']`) | `list(string)` | n/a | yes | +| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | `map(string)` | `{}` | no | +| type | Type of subnets (`private` or `public`) | `string` | `"private"` | no | +| vpc\_id | VPC ID | `string` | n/a | yes | ## Outputs | Name | Description | |------|-------------| -| named_subnet_ids | Map of subnet names to subnet IDs | -| ngw_id | NAT Gateway ID | -| ngw_private_ip | Private IP address of the NAT Gateway | -| ngw_public_ip | Public IP address of the NAT Gateway | -| route_table_ids | Route table IDs | -| subnet_ids | Subnet IDs | +| named\_subnet\_ids | Map of subnet names to subnet IDs | +| ngw\_id | NAT Gateway ID | +| ngw\_private\_ip | Private IP address of the NAT Gateway | +| ngw\_public\_ip | Public IP address of the NAT Gateway | +| route\_table\_ids | Route table IDs | +| subnet\_ids | Subnet IDs |