Skip to content

Commit

Permalink
fix: Add dns64 routes (#924)
Browse files Browse the repository at this point in the history
  • Loading branch information
mikesplain authored May 15, 2023
1 parent 6051692 commit 743798d
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 1 deletion.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -310,9 +310,11 @@ No modules.
| [aws_network_acl_rule.redshift_inbound](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl_rule) | resource |
| [aws_network_acl_rule.redshift_outbound](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_acl_rule) | resource |
| [aws_redshift_subnet_group.redshift](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/redshift_subnet_group) | resource |
| [aws_route.database_dns64_nat_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.database_internet_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.database_ipv6_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.database_nat_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.private_dns64_nat_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.private_ipv6_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.private_nat_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
| [aws_route.public_internet_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
Expand Down
2 changes: 1 addition & 1 deletion examples/ipv6-dualstack/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ module "vpc" {
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 4)]
database_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 8)]

enable_nat_gateway = false
enable_nat_gateway = true

create_database_subnet_route_table = true
create_database_internet_gateway_route = true
Expand Down
24 changes: 24 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,18 @@ resource "aws_route" "database_nat_gateway" {
}
}

resource "aws_route" "database_dns64_nat_gateway" {
count = local.create_database_route_table && !var.create_database_internet_gateway_route && var.create_database_nat_gateway_route && var.enable_nat_gateway && var.enable_ipv6 && var.private_subnet_enable_dns64 ? var.single_nat_gateway ? 1 : local.len_database_subnets : 0

route_table_id = element(aws_route_table.database[*].id, count.index)
destination_ipv6_cidr_block = "64:ff9b::/96"
nat_gateway_id = element(aws_nat_gateway.this[*].id, count.index)

timeouts {
create = "5m"
}
}

resource "aws_route" "database_ipv6_egress" {
count = local.create_database_route_table && var.create_egress_only_igw && var.enable_ipv6 && var.create_database_internet_gateway_route ? 1 : 0

Expand Down Expand Up @@ -1081,6 +1093,18 @@ resource "aws_route" "private_nat_gateway" {
}
}

resource "aws_route" "private_dns64_nat_gateway" {
count = local.create_vpc && var.enable_nat_gateway && var.enable_ipv6 && var.private_subnet_enable_dns64 ? local.nat_gateway_count : 0

route_table_id = element(aws_route_table.private[*].id, count.index)
destination_ipv6_cidr_block = "64:ff9b::/96"
nat_gateway_id = element(aws_nat_gateway.this[*].id, count.index)

timeouts {
create = "5m"
}
}

################################################################################
# Customer Gateways
################################################################################
Expand Down

0 comments on commit 743798d

Please sign in to comment.