From 7cdf8e8e78f3dc8a6064588063624eda540282e1 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 2 Jul 2021 09:42:45 -0400
Subject: [PATCH] v1.1.2: export vpc s3 and dynamodb cidr blocks too, change
 the way the structure is constructed

---
 CHANGELOG.md             |  6 +++++-
 common/version.tf        |  2 +-
 routing/README.md        |  6 ++++--
 routing/outputs.tf       | 19 +++++++++++++++----
 routing/vpc-endpoints.tf | 12 ++++++++----
 5 files changed, 33 insertions(+), 12 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d4b8168..604df09 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -31,6 +31,10 @@
   - vpc
     - add enable_aws_dns to use the AmazonDNS Route53 DNS
 
-* v1.1.1 -- 20200629
+* v1.1.1 -- 20210629
   - peer
     - add output of nacl_info
+
+* v1.1.2 -- 20210702
+  - routing
+    - export vpc s3 and dynamodb cidr blocks too, change the way the structure is constructed
diff --git a/common/version.tf b/common/version.tf
index a6a90ee..1cc6d9a 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.1.1"
+  _module_version = "1.1.2"
 }
diff --git a/routing/README.md b/routing/README.md
index e631975..3f69546 100644
--- a/routing/README.md
+++ b/routing/README.md
@@ -93,5 +93,7 @@ No modules.
 | <a name="output_availability_zone_suffixes"></a> [availability\_zone\_suffixes](#output\_availability\_zone\_suffixes) | VPC Availability zone suffix list (3) |
 | <a name="output_private_route_table_ids"></a> [private\_route\_table\_ids](#output\_private\_route\_table\_ids) | Private route table IDs map by availability zone |
 | <a name="output_public_route_table_ids"></a> [public\_route\_table\_ids](#output\_public\_route\_table\_ids) | Public route table IDs map by availability zone |
-| <a name="output_vpc_endpoint_id_dynamodb"></a> [vpc\_endpoint\_id\_dynamodb](#output\_vpc\_endpoint\_id\_dynamodb) | VPC Endpoint ID for DynamoDB |
-| <a name="output_vpc_endpoint_id_s3"></a> [vpc\_endpoint\_id\_s3](#output\_vpc\_endpoint\_id\_s3) | VPC Endpoint ID for S3 |
+| <a name="output_vpc_endpoint_dynamodb_cidr_blocks"></a> [vpc\_endpoint\_dynamodb\_cidr\_blocks](#output\_vpc\_endpoint\_dynamodb\_cidr\_blocks) | VPC Endpoint CIDR Blocks for DynamoDB |
+| <a name="output_vpc_endpoint_dynamodb_id"></a> [vpc\_endpoint\_dynamodb\_id](#output\_vpc\_endpoint\_dynamodb\_id) | VPC Endpoint ID for DynamoDB |
+| <a name="output_vpc_endpoint_s3_cidr_blocks"></a> [vpc\_endpoint\_s3\_cidr\_blocks](#output\_vpc\_endpoint\_s3\_cidr\_blocks) | VPC Endpoint CIDR Blocks for S3 |
+| <a name="output_vpc_endpoint_s3_id"></a> [vpc\_endpoint\_s3\_id](#output\_vpc\_endpoint\_s3\_id) | VPC Endpoint ID for S3 |
diff --git a/routing/outputs.tf b/routing/outputs.tf
index 7b98bc3..0ea51b8 100644
--- a/routing/outputs.tf
+++ b/routing/outputs.tf
@@ -48,12 +48,23 @@ output "private_route_table_ids" {
   value       = { for k in local.availability_zones : k => aws_route_table.private[k].id }
 }
 
-output "vpc_endpoint_id_s3" {
+output "vpc_endpoint_s3_id" {
   description = "VPC Endpoint ID for S3"
-  value       = local.vpce_s3
+  value       = lookup(local.vpce_s3, "id", null)
 }
 
-output "vpc_endpoint_id_dynamodb" {
+output "vpc_endpoint_dynamodb_id" {
   description = "VPC Endpoint ID for DynamoDB"
-  value       = local.vpce_dynamodb
+  value       = lookup(local.vpce_dynamodb, "id", null)
 }
+
+output "vpc_endpoint_s3_cidr_blocks" {
+  description = "VPC Endpoint CIDR Blocks for S3"
+  value       = lookup(local.vpce_s3, "cidr_blocks", [])
+}
+
+output "vpc_endpoint_dynamodb_cidr_blocks" {
+  description = "VPC Endpoint CIDR Blocks for DynamoDB"
+  value       = lookup(local.vpce_dynamodb, "cidr_blocks", [])
+}
+
diff --git a/routing/vpc-endpoints.tf b/routing/vpc-endpoints.tf
index 8bbdade..c41066c 100644
--- a/routing/vpc-endpoints.tf
+++ b/routing/vpc-endpoints.tf
@@ -3,8 +3,10 @@
 #---
 
 locals {
-  vpce_s3       = var.enable_vpc_endpoint_s3 ? element(concat(aws_vpc_endpoint.s3[*].id, tolist([""])), 0) : ""
-  vpce_dynamodb = var.enable_vpc_endpoint_dynamodb ? element(concat(aws_vpc_endpoint.dynamodb[*].id, tolist([""])), 0) : ""
+  #  vpce_s3       = var.enable_vpc_endpoint_s3 ? element(concat(aws_vpc_endpoint.s3[*].id, tolist([""])), 0) : ""
+  #  vpce_dynamodb = var.enable_vpc_endpoint_dynamodb ? element(concat(aws_vpc_endpoint.dynamodb[*].id, tolist([""])), 0) : ""
+  vpce_s3       = element(concat([for k, v in aws_vpc_endpoint.s3 : v], [{}]), 0)
+  vpce_dynamodb = element(concat([for k, v in aws_vpc_endpoint.dynamodb : v], [{}]), 0)
 }
 
 data "aws_vpc_endpoint_service" "s3" {
@@ -31,7 +33,8 @@ resource "aws_vpc_endpoint" "s3" {
 resource "aws_vpc_endpoint_route_table_association" "private_s3" {
   for_each = var.enable_vpc_endpoint_s3 ? local.availability_zones : local.empty
   #  vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
-  vpc_endpoint_id = local.vpce_s3
+  #  vpc_endpoint_id = local.vpce_s3
+  vpc_endpoint_id = lookup(local.vpce_s3, "id", null)
   route_table_id  = aws_route_table.private[each.key].id
 }
 
@@ -58,6 +61,7 @@ resource "aws_vpc_endpoint" "dynamodb" {
 resource "aws_vpc_endpoint_route_table_association" "private_dynamodb" {
   for_each = var.enable_vpc_endpoint_dynamodb ? local.availability_zones : local.empty
   #  vpc_endpoint_id = aws_vpc_endpoint.dynamodb[0].id
-  vpc_endpoint_id = local.vpce_dynamodb
+  #  vpc_endpoint_id = local.vpce_dynamodb
+  vpc_endpoint_id = lookup(local.vpce_dynamodb, "id", null)
   route_table_id  = aws_route_table.private[each.key].id
 }