remove vpc endpoint network interface data resource

terraform-modules · Jan 19, 2022 · 21b5c0f · 21b5c0f
1 parent d0bacb0
commit 21b5c0f
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 18 deletions.
diff --git a/vpc-interface-endpoint/README.md b/vpc-interface-endpoint/README.md
@@ -35,8 +35,20 @@ This outputs an object with the following elements:
 * dns\_entry: DNS name for the VPC endpoint
 * subnet\_ids: list of subnet IDs on which the VPC endpoint resides
 * network\_interface\_ids: List of network interface IDs (ENIs), one per subnet
-* subnet\_interface\_id\_map: map of subnet id to network interface ID
-* subnet\_interface\_ip\_map: map of subnet id to network interface IPv4 address
+
+To get the IPs or subnets, you'll need to get the ENIs in a `data` resource like this
+```hcl
+data "aws_network_interface" "interfaces" {
+  for_each = toset(module.vpce_secretsmanager.vpc_service_info.network_interface_ids)
+  id       = each.key
+}
+locals {
+  "subnet_interface_id_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => k }
+  "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => v.private_ip }
+}
+```
+
+These are not included in the module because they don't exist until the resource has been created.
 
 ## Requirements
 
@@ -64,7 +76,6 @@ No modules.
 | [aws_vpc_endpoint.interface_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_network_interface.vpce_interfaces](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/network_interface) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 | [aws_vpc_endpoint_service.interface_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc_endpoint_service) | data source |
 

diff --git a/vpc-interface-endpoint/main.tf b/vpc-interface-endpoint/main.tf
@@ -36,9 +36,20 @@
 * * dns_entry: DNS name for the VPC endpoint
 * * subnet_ids: list of subnet IDs on which the VPC endpoint resides
 * * network_interface_ids: List of network interface IDs (ENIs), one per subnet
-* * subnet_interface_id_map: map of subnet id to network interface ID
-* * subnet_interface_ip_map: map of subnet id to network interface IPv4 address
 *
+* To get the IPs or subnets, you'll need to get the ENIs in a `data` resource like this
+* ```hcl
+* data "aws_network_interface" "interfaces" {
+*   for_each = toset(module.vpce_secretsmanager.vpc_service_info.network_interface_ids)
+*   id       = each.key
+* }
+* locals {
+*   "subnet_interface_id_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => k }
+*   "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => v.private_ip }
+* }
+* ```
+* 
+* These are not included in the module because they don't exist until the resource has been created.
 */
 
 locals {

diff --git a/vpc-interface-endpoint/outputs.tf b/vpc-interface-endpoint/outputs.tf
@@ -1,19 +1,19 @@
-data "aws_network_interface" "vpce_interfaces" {
-  for_each = toset(aws_vpc_endpoint.interface_endpoint.network_interface_ids)
-  id       = each.key
-}
+# data "aws_network_interface" "vpce_interfaces" {
+#   for_each = toset(aws_vpc_endpoint.interface_endpoint.network_interface_ids)
+#   id       = each.key
+# }
 
 output "vpce_service_info" {
   description = "VPC Interface Endpoint information for service"
   value = {
-    "name"                    = local.short_service,
-    "service_name"            = aws_vpc_endpoint.interface_endpoint.service_name,
-    "id"                      = aws_vpc_endpoint.interface_endpoint.id,
-    "dns_entry"               = aws_vpc_endpoint.interface_endpoint.dns_entry,
-    "subnet_ids"              = aws_vpc_endpoint.interface_endpoint.subnet_ids,
-    "network_interface_ids"   = aws_vpc_endpoint.interface_endpoint.network_interface_ids,
-    "subnet_interface_id_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => k }
-    #    "subnet_interface_id_map" = zipmap(tolist(aws_vpc_endpoint.interface_endpoint.subnet_ids), tolist(aws_vpc_endpoint.interface_endpoint.network_interface_ids)),
-    "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => v.private_ip }
+    "name"                  = local.short_service,
+    "service_name"          = aws_vpc_endpoint.interface_endpoint.service_name,
+    "id"                    = aws_vpc_endpoint.interface_endpoint.id,
+    "dns_entry"             = aws_vpc_endpoint.interface_endpoint.dns_entry,
+    "subnet_ids"            = aws_vpc_endpoint.interface_endpoint.subnet_ids,
+    "network_interface_ids" = aws_vpc_endpoint.interface_endpoint.network_interface_ids,
+    # "subnet_interface_id_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => k }
+    "subnet_interface_id_map" = zipmap(tolist(aws_vpc_endpoint.interface_endpoint.subnet_ids), tolist(aws_vpc_endpoint.interface_endpoint.network_interface_ids)),
+    # "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => v.private_ip }
   }
 }