From da05f24c5c603a31d320d5ad92493bb39fea9f3d Mon Sep 17 00:00:00 2001 From: KevinSnyderCodes Date: Wed, 24 Apr 2024 17:29:32 -0700 Subject: [PATCH] feat: Add support for multiple route tables to public and intra subnets (#1051) Co-authored-by: Kevin Snyder Co-authored-by: Bryant Biggs --- .pre-commit-config.yaml | 4 ++-- README.md | 2 ++ main.tf | 30 ++++++++++++++++++++++++------ variables.tf | 12 ++++++++++++ 4 files changed, 40 insertions(+), 8 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 395404e80..52094d450 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.88.0 + rev: v1.89.0 hooks: - id: terraform_fmt - id: terraform_docs @@ -24,7 +24,7 @@ repos: - '--args=--only=terraform_unused_required_providers' - id: terraform_validate - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v4.6.0 hooks: - id: check-merge-conflict - id: end-of-file-fixer diff --git a/README.md b/README.md index 127493807..3e60ca885 100644 --- a/README.md +++ b/README.md @@ -369,6 +369,8 @@ No modules. | [create\_flow\_log\_cloudwatch\_iam\_role](#input\_create\_flow\_log\_cloudwatch\_iam\_role) | Whether to create IAM role for VPC Flow Logs | `bool` | `false` | no | | [create\_flow\_log\_cloudwatch\_log\_group](#input\_create\_flow\_log\_cloudwatch\_log\_group) | Whether to create CloudWatch log group for VPC Flow Logs | `bool` | `false` | no | | [create\_igw](#input\_create\_igw) | Controls if an Internet Gateway is created for public subnets and the related routes that connect them | `bool` | `true` | no | +| [create\_multiple\_intra\_route\_tables](#input\_create\_multiple\_intra\_route\_tables) | Indicates whether to create a separate route table for each intra subnet. Default: `false` | `bool` | `false` | no | +| [create\_multiple\_public\_route\_tables](#input\_create\_multiple\_public\_route\_tables) | Indicates whether to create a separate route table for each public subnet. Default: `false` | `bool` | `false` | no | | [create\_redshift\_subnet\_group](#input\_create\_redshift\_subnet\_group) | Controls if redshift subnet group should be created | `bool` | `true` | no | | [create\_redshift\_subnet\_route\_table](#input\_create\_redshift\_subnet\_route\_table) | Controls if separate route table for redshift should be created | `bool` | `false` | no | | [create\_vpc](#input\_create\_vpc) | Controls if VPC should be created (it affects almost all resources) | `bool` | `true` | no | diff --git a/main.tf b/main.tf index fa144b221..2c1e97f39 100644 --- a/main.tf +++ b/main.tf @@ -123,13 +123,22 @@ resource "aws_subnet" "public" { ) } +locals { + num_public_route_tables = var.create_multiple_public_route_tables ? local.len_public_subnets : 1 +} + resource "aws_route_table" "public" { - count = local.create_public_subnets ? 1 : 0 + count = local.create_public_subnets ? local.num_public_route_tables : 0 vpc_id = local.vpc_id tags = merge( - { "Name" = "${var.name}-${var.public_subnet_suffix}" }, + { + "Name" = var.create_multiple_public_route_tables ? format( + "${var.name}-${var.public_subnet_suffix}-%s", + element(var.azs, count.index), + ) : "${var.name}-${var.public_subnet_suffix}" + }, var.tags, var.public_route_table_tags, ) @@ -139,7 +148,7 @@ resource "aws_route_table_association" "public" { count = local.create_public_subnets ? local.len_public_subnets : 0 subnet_id = element(aws_subnet.public[*].id, count.index) - route_table_id = aws_route_table.public[0].id + route_table_id = element(aws_route_table.public[*].id, var.create_multiple_public_route_tables ? count.index : 0) } resource "aws_route" "public_internet_gateway" { @@ -816,13 +825,22 @@ resource "aws_subnet" "intra" { ) } +locals { + num_intra_route_tables = var.create_multiple_intra_route_tables ? local.len_intra_subnets : 1 +} + resource "aws_route_table" "intra" { - count = local.create_intra_subnets ? 1 : 0 + count = local.create_intra_subnets ? local.num_intra_route_tables : 0 vpc_id = local.vpc_id tags = merge( - { "Name" = "${var.name}-${var.intra_subnet_suffix}" }, + { + "Name" = var.create_multiple_intra_route_tables ? format( + "${var.name}-${var.intra_subnet_suffix}-%s", + element(var.azs, count.index), + ) : "${var.name}-${var.intra_subnet_suffix}" + }, var.tags, var.intra_route_table_tags, ) @@ -832,7 +850,7 @@ resource "aws_route_table_association" "intra" { count = local.create_intra_subnets ? local.len_intra_subnets : 0 subnet_id = element(aws_subnet.intra[*].id, count.index) - route_table_id = element(aws_route_table.intra[*].id, 0) + route_table_id = element(aws_route_table.intra[*].id, var.create_multiple_intra_route_tables ? count.index : 0) } ################################################################################ diff --git a/variables.tf b/variables.tf index ce81d687a..bd4dc3b29 100644 --- a/variables.tf +++ b/variables.tf @@ -196,6 +196,12 @@ variable "public_subnet_enable_resource_name_dns_a_record_on_launch" { default = false } +variable "create_multiple_public_route_tables" { + description = "Indicates whether to create a separate route table for each public subnet. Default: `false`" + type = bool + default = false +} + variable "public_subnet_ipv6_prefixes" { description = "Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list" type = list(string) @@ -914,6 +920,12 @@ variable "intra_subnet_enable_resource_name_dns_a_record_on_launch" { default = false } +variable "create_multiple_intra_route_tables" { + description = "Indicates whether to create a separate route table for each intra subnet. Default: `false`" + type = bool + default = false +} + variable "intra_subnet_ipv6_prefixes" { description = "Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list" type = list(string)