From 058a0276c28e9761379372e10b7aa1d0c28d5f98 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Wed, 20 Oct 2021 15:26:59 -0400
Subject: [PATCH] v1.3.0: peer: add peer_network_acl_filter

---
 .tflint.hcl            | 7 +++++++
 CHANGELOG.md           | 4 ++++
 common/version.tf      | 2 +-
 peer/README.md         | 1 +
 peer/data.peer.tf      | 8 ++++++++
 peer/variables.peer.tf | 6 ++++++
 6 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/.tflint.hcl b/.tflint.hcl
index fcc2fa8..40cca33 100644
--- a/.tflint.hcl
+++ b/.tflint.hcl
@@ -19,3 +19,10 @@ rule "aws_instance_invalid_type" {
 plugin "aws" {
   enabled = true
 }
+
+rule "terraform_module_pinned_source" {
+  enabled = false
+#  style = "flexible"
+#  default_branches = ["dev"]
+}
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc3a338..1a767ca 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -58,3 +58,7 @@
 * v1.2.0 -- 20211019
   - vpn
     - add create variable to create/not-create the resources
+
+* v1.3.0 -- 20211020
+  - peer
+    - add peer_network_acl_filter
diff --git a/common/version.tf b/common/version.tf
index 1ee6619..08f3f68 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.2.0"
+  _module_version = "1.3.0"
 }
diff --git a/peer/README.md b/peer/README.md
index fb78dfe..4c1bea6 100644
--- a/peer/README.md
+++ b/peer/README.md
@@ -123,6 +123,7 @@ No requirements.
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_peer_account_alias"></a> [peer\_account\_alias](#input\_peer\_account\_alias) | Peer AWS Account Alias | `string` | `""` | no |
 | <a name="input_peer_account_id"></a> [peer\_account\_id](#input\_peer\_account\_id) | Peer AWS Account ID | `string` | `""` | no |
+| <a name="input_peer_network_acl_filter"></a> [peer\_network\_acl\_filter](#input\_peer\_network\_acl\_filter) | Peer VPC Network ACL filter list | `list(string)` | `[]` | no |
 | <a name="input_peer_network_acl_ids"></a> [peer\_network\_acl\_ids](#input\_peer\_network\_acl\_ids) | Peer VPC Network ACL IDs | `list(string)` | `[]` | no |
 | <a name="input_peer_route_table_filter"></a> [peer\_route\_table\_filter](#input\_peer\_route\_table\_filter) | Peer VPC route table search filter list (default: services) | `list(string)` | <pre>[<br>  "route-*-services",<br>  "route-*-services-private*"<br>]</pre> | no |
 | <a name="input_peer_route_table_ids"></a> [peer\_route\_table\_ids](#input\_peer\_route\_table\_ids) | Peer VPC route table IDs (default: all *private* route tables at peer VPC) | `list(string)` | `[]` | no |
diff --git a/peer/data.peer.tf b/peer/data.peer.tf
index 1caa2ce..075cd04 100644
--- a/peer/data.peer.tf
+++ b/peer/data.peer.tf
@@ -46,6 +46,14 @@ data "aws_network_acls" "default_peer_network_acls" {
     name   = "association.subnet-id"
     values = local.peer_subnets
   }
+  dynamic "filter" {
+    for_each = length(var.peer_network_acl_filter) > 0 ? toset({ 1 = 1 }) : toset({})
+    iterator = f
+    content {
+      name   = "tag:Name"
+      values = var.peer_network_acl_filter
+    }
+  }
 }
 
 data "aws_subnet" "peer_subnets" {
diff --git a/peer/variables.peer.tf b/peer/variables.peer.tf
index 3022db6..32626f0 100644
--- a/peer/variables.peer.tf
+++ b/peer/variables.peer.tf
@@ -75,6 +75,12 @@ variable "peer_network_acl_ids" {
   default     = []
 }
 
+variable "peer_network_acl_filter" {
+  description = "Peer VPC Network ACL filter list"
+  type        = list(string)
+  default     = []
+}
+
 variable "peer_rule_number" {
   description = "Peer Starting rule number within the rule"
   type        = number