fix

terraform-modules · May 3, 2021 · 51e739e · 51e739e
1 parent b5dae4d
commit 51e739e
Showing 1 changed file with 24 additions and 14 deletions.
diff --git a/routing/vpc-endpoints.tf b/routing/vpc-endpoints.tf
@@ -1,6 +1,12 @@
 #---
 # vpc endpoint: s3
 #---
+
+locals {
+  vpce_s3       = var.enable_vpc_endpoint_s3 ? element(concat(aws_vpc_endpoint.s3[*].id, tolist("")), 0) : ""
+  vpce_dynamodb = var.enable_vpc_endpoint_dynamodb ? element(concat(aws_vpc_endpoint.dynamodb[*].id, tolist("")), 0) : ""
+}
+
 data "aws_vpc_endpoint_service" "s3" {
   service = "s3"
   #  service_name = "com.amazonaws.${local.region}.s3"
@@ -11,20 +17,22 @@ data "aws_vpc_endpoint_service" "s3" {
 }
 
 resource "aws_vpc_endpoint" "s3" {
-  vpc_id       = aws_vpc.vpc.id
+  count        = var.enable_vpc_endpoint_s3 ? 1 : 0
+  vpc_id       = var.vpc_id
   service_name = data.aws_vpc_endpoint_service.s3.service_name
-  depends_on   = [aws_vpc.vpc]
 
   tags = merge(
-    local.common_tags,
-    map("Name", "vpce-s3-${var.vpc_full_name}-"),
+    local.base_tags,
+    local.tags,
+    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "s3", var.vpc_full_name)),
   )
 }
 
 resource "aws_vpc_endpoint_route_table_association" "private_s3" {
-  count           = length(aws_route_table.private[*].id)
-  vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id  = element(aws_route_table.private[*].id, count.index)
+  for_each = var.enable_vpc_endpoint_s3 ? local.availability_zones : local.empty
+  #  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
+  vpc_endpoint_id = local.vpce_s3
+  route_table_id  = aws_route_table.private[each.key].id
 }
 
 #---
@@ -36,18 +44,20 @@ data "aws_vpc_endpoint_service" "dynamodb" {
 }
 
 resource "aws_vpc_endpoint" "dynamodb" {
-  vpc_id       = aws_vpc.vpc.id
+  count        = var.enable_vpc_endpoint_dynamodb ? 1 : 0
+  vpc_id       = var.vpc_id
   service_name = data.aws_vpc_endpoint_service.dynamodb.service_name
-  depends_on   = [aws_vpc.vpc]
 
   tags = merge(
-    local.common_tags,
-    map("Name", "vpce-dynamodb-${var.vpc_full_name}-"),
+    local.base_tags,
+    local.tags,
+    map("Name", format("%v%v-%v", local._prefixes["vpc-endpoint"], "dynamodb", var.vpc_full_name)),
   )
 }
 
 resource "aws_vpc_endpoint_route_table_association" "private_dynamodb" {
-  count           = length(aws_route_table.private[*].id)
-  vpc_endpoint_id = aws_vpc_endpoint.s3.id
-  route_table_id  = element(aws_route_table.private[*].id, count.index)
+  for_each = var.enable_vpc_endpoint_dynamodb ? local.availability_zones : local.empty
+  #  vpc_endpoint_id = aws_vpc_endpoint.dynamodb[0].id
+  vpc_endpoint_id = local.vpce_dynamodb
+  route_table_id  = aws_route_table.private[each.key].id
 }