From 21b5c0fd3607cda2d3c9c73a29d97105dfe1f994 Mon Sep 17 00:00:00 2001 From: badra001 Date: Wed, 19 Jan 2022 10:23:39 -0500 Subject: [PATCH] remove vpc endpoint network interface data resource --- vpc-interface-endpoint/README.md | 17 ++++++++++++++--- vpc-interface-endpoint/main.tf | 15 +++++++++++++-- vpc-interface-endpoint/outputs.tf | 26 +++++++++++++------------- 3 files changed, 40 insertions(+), 18 deletions(-) diff --git a/vpc-interface-endpoint/README.md b/vpc-interface-endpoint/README.md index 7a4db4e..1764ea9 100644 --- a/vpc-interface-endpoint/README.md +++ b/vpc-interface-endpoint/README.md @@ -35,8 +35,20 @@ This outputs an object with the following elements: * dns\_entry: DNS name for the VPC endpoint * subnet\_ids: list of subnet IDs on which the VPC endpoint resides * network\_interface\_ids: List of network interface IDs (ENIs), one per subnet -* subnet\_interface\_id\_map: map of subnet id to network interface ID -* subnet\_interface\_ip\_map: map of subnet id to network interface IPv4 address + +To get the IPs or subnets, you'll need to get the ENIs in a `data` resource like this +```hcl +data "aws_network_interface" "interfaces" { + for_each = toset(module.vpce_secretsmanager.vpc_service_info.network_interface_ids) + id = each.key +} +locals { + "subnet_interface_id_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => k } + "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => v.private_ip } +} +``` + +These are not included in the module because they don't exist until the resource has been created. ## Requirements @@ -64,7 +76,6 @@ No modules. | [aws_vpc_endpoint.interface_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource | | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source | | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_network_interface.vpce_interfaces](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/network_interface) | data source | | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | | [aws_vpc_endpoint_service.interface_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc_endpoint_service) | data source | diff --git a/vpc-interface-endpoint/main.tf b/vpc-interface-endpoint/main.tf index e15c218..c2d11ee 100644 --- a/vpc-interface-endpoint/main.tf +++ b/vpc-interface-endpoint/main.tf @@ -36,9 +36,20 @@ * * dns_entry: DNS name for the VPC endpoint * * subnet_ids: list of subnet IDs on which the VPC endpoint resides * * network_interface_ids: List of network interface IDs (ENIs), one per subnet -* * subnet_interface_id_map: map of subnet id to network interface ID -* * subnet_interface_ip_map: map of subnet id to network interface IPv4 address * +* To get the IPs or subnets, you'll need to get the ENIs in a `data` resource like this +* ```hcl +* data "aws_network_interface" "interfaces" { +* for_each = toset(module.vpce_secretsmanager.vpc_service_info.network_interface_ids) +* id = each.key +* } +* locals { +* "subnet_interface_id_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => k } +* "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.interfaces : v.subnet_id => v.private_ip } +* } +* ``` +* +* These are not included in the module because they don't exist until the resource has been created. */ locals { diff --git a/vpc-interface-endpoint/outputs.tf b/vpc-interface-endpoint/outputs.tf index 0475f3a..91a4a98 100644 --- a/vpc-interface-endpoint/outputs.tf +++ b/vpc-interface-endpoint/outputs.tf @@ -1,19 +1,19 @@ -data "aws_network_interface" "vpce_interfaces" { - for_each = toset(aws_vpc_endpoint.interface_endpoint.network_interface_ids) - id = each.key -} +# data "aws_network_interface" "vpce_interfaces" { +# for_each = toset(aws_vpc_endpoint.interface_endpoint.network_interface_ids) +# id = each.key +# } output "vpce_service_info" { description = "VPC Interface Endpoint information for service" value = { - "name" = local.short_service, - "service_name" = aws_vpc_endpoint.interface_endpoint.service_name, - "id" = aws_vpc_endpoint.interface_endpoint.id, - "dns_entry" = aws_vpc_endpoint.interface_endpoint.dns_entry, - "subnet_ids" = aws_vpc_endpoint.interface_endpoint.subnet_ids, - "network_interface_ids" = aws_vpc_endpoint.interface_endpoint.network_interface_ids, - "subnet_interface_id_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => k } - # "subnet_interface_id_map" = zipmap(tolist(aws_vpc_endpoint.interface_endpoint.subnet_ids), tolist(aws_vpc_endpoint.interface_endpoint.network_interface_ids)), - "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => v.private_ip } + "name" = local.short_service, + "service_name" = aws_vpc_endpoint.interface_endpoint.service_name, + "id" = aws_vpc_endpoint.interface_endpoint.id, + "dns_entry" = aws_vpc_endpoint.interface_endpoint.dns_entry, + "subnet_ids" = aws_vpc_endpoint.interface_endpoint.subnet_ids, + "network_interface_ids" = aws_vpc_endpoint.interface_endpoint.network_interface_ids, + # "subnet_interface_id_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => k } + "subnet_interface_id_map" = zipmap(tolist(aws_vpc_endpoint.interface_endpoint.subnet_ids), tolist(aws_vpc_endpoint.interface_endpoint.network_interface_ids)), + # "subnet_interface_ip_map" = { for k, v in data.aws_network_interface.vpce_interfaces : v.subnet_id => v.private_ip } } }