v1.3.0: peer: add peer_network_acl_filter

terraform-modules · Oct 20, 2021 · 058a027 · 058a027
1 parent 8a1c291
commit 058a027
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 1 deletion.
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -19,3 +19,10 @@ rule "aws_instance_invalid_type" {
 plugin "aws" {
   enabled = true
 }
+
+rule "terraform_module_pinned_source" {
+  enabled = false
+#  style = "flexible"
+#  default_branches = ["dev"]
+}
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -58,3 +58,7 @@
 * v1.2.0 -- 20211019
   - vpn
     - add create variable to create/not-create the resources
+
+* v1.3.0 -- 20211020
+  - peer
+    - add peer_network_acl_filter
diff --git a/common/version.tf b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.2.0"
+  _module_version = "1.3.0"
 }
diff --git a/peer/README.md b/peer/README.md
@@ -123,6 +123,7 @@ No requirements.
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_peer_account_alias"></a> [peer\_account\_alias](#input\_peer\_account\_alias) | Peer AWS Account Alias | `string` | `""` | no |
 | <a name="input_peer_account_id"></a> [peer\_account\_id](#input\_peer\_account\_id) | Peer AWS Account ID | `string` | `""` | no |
+| <a name="input_peer_network_acl_filter"></a> [peer\_network\_acl\_filter](#input\_peer\_network\_acl\_filter) | Peer VPC Network ACL filter list | `list(string)` | `[]` | no |
 | <a name="input_peer_network_acl_ids"></a> [peer\_network\_acl\_ids](#input\_peer\_network\_acl\_ids) | Peer VPC Network ACL IDs | `list(string)` | `[]` | no |
 | <a name="input_peer_route_table_filter"></a> [peer\_route\_table\_filter](#input\_peer\_route\_table\_filter) | Peer VPC route table search filter list (default: services) | `list(string)` | <pre>[<br>  "route-*-services",<br>  "route-*-services-private*"<br>]</pre> | no |
 | <a name="input_peer_route_table_ids"></a> [peer\_route\_table\_ids](#input\_peer\_route\_table\_ids) | Peer VPC route table IDs (default: all *private* route tables at peer VPC) | `list(string)` | `[]` | no |

diff --git a/peer/data.peer.tf b/peer/data.peer.tf
@@ -46,6 +46,14 @@ data "aws_network_acls" "default_peer_network_acls" {
     name   = "association.subnet-id"
     values = local.peer_subnets
   }
+  dynamic "filter" {
+    for_each = length(var.peer_network_acl_filter) > 0 ? toset({ 1 = 1 }) : toset({})
+    iterator = f
+    content {
+      name   = "tag:Name"
+      values = var.peer_network_acl_filter
+    }
+  }
 }
 
 data "aws_subnet" "peer_subnets" {

diff --git a/peer/variables.peer.tf b/peer/variables.peer.tf
@@ -75,6 +75,12 @@ variable "peer_network_acl_ids" {
   default     = []
 }
 
+variable "peer_network_acl_filter" {
+  description = "Peer VPC Network ACL filter list"
+  type        = list(string)
+  default     = []
+}
+
 variable "peer_rule_number" {
   description = "Peer Starting rule number within the rule"
   type        = number