update

terraform-modules · May 3, 2021 · b5dae4d · b5dae4d
1 parent f263f7f
commit b5dae4d
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 26 deletions.
diff --git a/routing/README.md b/routing/README.md
@@ -73,6 +73,8 @@ No modules.
 | <a name="input_enable_vpc_endpoint_dynamodb"></a> [enable\_vpc\_endpoint\_dynamodb](#input\_enable\_vpc\_endpoint\_dynamodb) | Flag to enable\|disable DynamoDB VPC Endpoint (default: true) | `bool` | `true` | no |
 | <a name="input_enable_vpc_endpoint_s3"></a> [enable\_vpc\_endpoint\_s3](#input\_enable\_vpc\_endpoint\_s3) | Flag to enable\|disable S3 VPC Endpoint (default: true) | `bool` | `true` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
+| <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br>    subnet            = string<br>    label             = string<br>    availability_zone = string<br>    id                = string<br>  }))</pre> | `[]` | no |
+| <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br>    subnet            = string<br>    label             = string<br>    availability_zone = string<br>    id                = string<br>  }))</pre> | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 | <a name="input_vpc_cidr_block"></a> [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | VPC CIDR Block | `string` | n/a | yes |
 | <a name="input_vpc_environment"></a> [vpc\_environment](#input\_vpc\_environment) | VPC environment purpose (infrastructure, common, shared, dev, stage, ite, prod) | `string` | `null` | no |

diff --git a/routing/main.tf b/routing/main.tf
@@ -55,9 +55,9 @@ resource "aws_route_table" "public" {
 }
 
 resource "aws_route_table_association" "public" {
-  count          = length(local.public_subnets)
-  subnet_id      = aws_subnet.public[count.index].id
-  route_table_id = element(aws_route_table.public[*].id, count.index)
+  for_each       = { for subnet in var.public_subnet_ids : subnet.label => subnet }
+  subnet_id      = each.value.id
+  route_table_id = aws_route_table.public[each.value.availability_zone].id
 }
 
 #---
@@ -74,24 +74,12 @@ resource "aws_route_table" "private" {
   )
 }
 
-# resource "aws_route_table" "private" {
-#   count  = local.az_count
-#   vpc_id = aws_vpc.vpc.id
-#   #  propagating_vgws = var.vpc_vpn_dynamic_routing ? [ aws_vpn_gateway.vpn.id ] : []
-# 
-#   tags = merge(
-#     local.common_tags,
-#     map("Name", format("route-%s-%s-%s", var.vpc_full_name, "private", element(local.az_list, count.index)))
-#   )
-# }
-
 resource "aws_route_table_association" "private" {
-  count          = length(local.private_subnets)
-  subnet_id      = aws_subnet.private[count.index].id
-  route_table_id = element(aws_route_table.private[*].id, count.index)
+  for_each       = { for subnet in var.private_subnet_ids : subnet.label => subnet }
+  subnet_id      = each.value.id
+  route_table_id = aws_route_table.private[each.value.availability_zone].id
 }
 
-
 #---
 # NAT Gateway setup
 #   EIP
@@ -121,12 +109,16 @@ resource "aws_internet_gateway" "gateway" {
   )
 }
 
-# need public subnet ids by az
+# assume only 1 public subnet block (per AZ)
+# should figure out the first one
+locals {
+  public_subnet_ids_az = { for subnet in var.public_subnet_ids : subnet.availability_zone => subnet }
+}
+
 resource "aws_nat_gateway" "nat" {
-  for_each      = var.enable_igw && var.enable_nat ? local.availability_zones : local.empty
+  for_each      = var.enable_igw && var.enable_nat ? zipmap(local.availability_zones, local.public_subnet_ids_az) : local.empty
   allocation_id = aws_eip.nat[each.key].id
-  #  subnet_id     = element(aws_subnet.public[*].id, count.index)
-  subnet_id = "string"
+  subnet_id     = each.value
   #  depends_on    = [aws_internet_gateway.gateway]
 
   tags = merge(

diff --git a/routing/variables.tf b/routing/variables.tf
@@ -38,6 +38,29 @@ variable "availability_zones" {
   default     = []
 }
 
+variable "public_subnet_ids" {
+  description = "List of public subnet objects including: subnet, label, availability_zone, id"
+  type = list(object({
+    subnet            = string
+    label             = string
+    availability_zone = string
+    id                = string
+  }))
+  default = []
+}
+
+variable "private_subnet_ids" {
+  description = "List of private subnet objects including: subnet, label, availability_zone, id"
+  type = list(object({
+    subnet            = string
+    label             = string
+    availability_zone = string
+    id                = string
+  }))
+  default = []
+}
+
+
 ###
 ## 
 ## variable "vpc_domain_name" {

diff --git a/subnets/README.md b/subnets/README.md
@@ -74,5 +74,5 @@ No modules.
 | <a name="output_availability_zone_ids"></a> [availability\_zone\_ids](#output\_availability\_zone\_ids) | VPC Availability zone id list (3) |
 | <a name="output_availability_zone_names"></a> [availability\_zone\_names](#output\_availability\_zone\_names) | VPC Availability zone name list (3) |
 | <a name="output_availability_zone_suffixes"></a> [availability\_zone\_suffixes](#output\_availability\_zone\_suffixes) | VPC Availability zone suffix list (3) |
-| <a name="output_private_subnets_list"></a> [private\_subnets\_list](#output\_private\_subnets\_list) | Resulting private subnets list of objects: subnet, label, availability\_zone, id |
-| <a name="output_public_subnets_list"></a> [public\_subnets\_list](#output\_public\_subnets\_list) | Resulting public subnets list of objects: subnet, label, availability\_zone, id |
+| <a name="output_private_subnets_ids"></a> [private\_subnets\_ids](#output\_private\_subnets\_ids) | Resulting private subnets list of objects: subnet, label, availability\_zone, id |
+| <a name="output_public_subnets_ids"></a> [public\_subnets\_ids](#output\_public\_subnets\_ids) | Resulting public subnets list of objects: subnet, label, availability\_zone, id |
diff --git a/subnets/outputs.tf b/subnets/outputs.tf
@@ -13,12 +13,12 @@ locals {
   ]
 }
 
-output "public_subnets_list" {
+output "public_subnets_ids" {
   description = "Resulting public subnets list of objects: subnet, label, availability_zone, id"
   value       = local.output_public_subnets
 }
 
-output "private_subnets_list" {
+output "private_subnets_ids" {
   description = "Resulting private subnets list of objects: subnet, label, availability_zone, id"
   value       = local.output_private_subnets
 }