- subnets

  - add offset, enabled, availability_zone

CHANGELOG.md

@@ -218,3 +218,7 @@
   - vpc-transit-gateway-association 
     - data: add vpn prefix list
     - self: add routes for vpn
+
+* 2.4.4 -- 2022-11-04
+  - subnets
+    - add offset, enabled, availability_zone

common/variables.common.subnets.tf

@@ -1,26 +1,34 @@
+# availability_zone does nothign at this point
 variable "public_subnets" {
   description = "List of objects with public subnet information to be created"
   type = list(object({
-    base_cidr = string
-    label     = string
-    bits      = number
-    private   = bool
-    tags      = map(string)
+    base_cidr         = string
+    label             = string
+    bits              = number
+    offset            = optional(number, 0)
+    private           = bool
+    tags              = map(string)
+    enabled           = optional(bool, true)
+    availability_zone = optional(string)
     #      subnets     = list(string)
     #      labels      = list(string)
     #      availability_zones = list(string)
   }))
   default = []
 }
 
+# availability_zone does nothign at this point
 variable "private_subnets" {
   description = "List of objects with private subnet information to be created"
   type = list(object({
-    base_cidr = string
-    label     = string
-    bits      = number
-    private   = bool
-    tags      = map(string)
+    base_cidr         = string
+    label             = string
+    bits              = number
+    offset            = optional(number, 0)
+    private           = bool
+    tags              = map(string)
+    enabled           = optional(bool, true)
+    availability_zone = optional(string)
     #      subnets     = list(string)
     #      labels      = list(string)
     #      availability_zones = list(string)

common/version.tf

@@ -1,5 +1,5 @@
 locals {
-  _module_version = "2.4.3"
+  _module_version = "2.4.4"
   _module_names = {
     "_main_" = "aws-vpc-setup"
 

subnets/README.md

@@ -31,7 +31,10 @@ information _objects_:
     base\_cidr = string
     label     = string
     bits      = number
+    offset    = number
     private   = bool
+    enabled   = bool
+    availability\_zone = string
     tags = map(string)
   }))
 ```
@@ -43,8 +46,12 @@ block.  You'll get errors.
 * label: a text label to be applied to each subnet, which will be formatted aws {vpc_full_name}-{label}-{availability_zone}
 * bits: number of additional bits to add to the mask.  Generally, for four availability zones, you'll want to use
 2 here (2^2 = 4).  For two AZs, you can use 1 (2^1 = 2).
+* offset: a number determining which CIDR block to start with when splitting the subnet (base_cidr) into N bits more parts.  This can be used
+for off-boundary aggregating
 * private: boolean flag indicating whether the subnet is for public use (like with an EIB and NAT gateway or ALB), or private.  Most will
 be private.
+* enabled: boolean indicaiting the subnet is enabled or not (use enabled=false for free blocks)
+* availability_zone: a way to make a subnet in a specific AZ.  Not implemented at this time.
 * tags: map of key/value pairs for per-subnet block tags. This was introduced to support EKS subnet tagging.
 ```
 
@@ -55,6 +62,7 @@ be private.
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.66.0 |
 | <a name="requirement_ldap"></a> [ldap](#requirement\_ldap) | >= 0.5.4 |
+| <a name="requirement_local"></a> [local](#requirement\_local) | >= 1.0.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 3.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
 | <a name="requirement_template"></a> [template](#requirement\_template) | >= 2.0 |
@@ -90,8 +98,8 @@ No modules.
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | AWS Account ID (default: will pull from current user) | `string` | `""` | no |
 | <a name="input_availability_zones"></a> [availability\_zones](#input\_availability\_zones) | AWS Availability Zones to use (by default will use all available) | `list(string)` | `[]` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
-| <a name="input_private_subnets"></a> [private\_subnets](#input\_private\_subnets) | List of objects with private subnet information to be created | <pre>list(object({<br>    base_cidr = string<br>    label     = string<br>    bits      = number<br>    private   = bool<br>    tags      = map(string)<br>    #      subnets     = list(string)<br>    #      labels      = list(string)<br>    #      availability_zones = list(string)<br>  }))</pre> | `[]` | no |
-| <a name="input_public_subnets"></a> [public\_subnets](#input\_public\_subnets) | List of objects with public subnet information to be created | <pre>list(object({<br>    base_cidr = string<br>    label     = string<br>    bits      = number<br>    private   = bool<br>    tags      = map(string)<br>    #      subnets     = list(string)<br>    #      labels      = list(string)<br>    #      availability_zones = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_private_subnets"></a> [private\_subnets](#input\_private\_subnets) | List of objects with private subnet information to be created | <pre>list(object({<br>    base_cidr         = string<br>    label             = string<br>    bits              = number<br>    offset            = optional(number, 0)<br>    private           = bool<br>    tags              = map(string)<br>    enabled           = optional(bool, true)<br>    availability_zone = optional(string)<br>    #      subnets     = list(string)<br>    #      labels      = list(string)<br>    #      availability_zones = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_public_subnets"></a> [public\_subnets](#input\_public\_subnets) | List of objects with public subnet information to be created | <pre>list(object({<br>    base_cidr         = string<br>    label             = string<br>    bits              = number<br>    offset            = optional(number, 0)<br>    private           = bool<br>    tags              = map(string)<br>    enabled           = optional(bool, true)<br>    availability_zone = optional(string)<br>    #      subnets     = list(string)<br>    #      labels      = list(string)<br>    #      availability_zones = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 | <a name="input_vpc_environment"></a> [vpc\_environment](#input\_vpc\_environment) | VPC environment purpose (infrastructure, common, shared, dev, stage, ite, prod) | `string` | `null` | no |
 | <a name="input_vpc_full_name"></a> [vpc\_full\_name](#input\_vpc\_full\_name) | VPC full name component (vpc{index}-{vpc\_name}) | `string` | `null` | no |

subnets/main.tf

@@ -32,7 +32,10 @@
 *     base_cidr = string
 *     label     = string
 *     bits      = number
+*     offset    = number
 *     private   = bool
+*     enabled   = bool
+*     availability_zone = string
 *     tags = map(string)
 *   }))
 * ```
@@ -44,8 +47,12 @@
 * * label: a text label to be applied to each subnet, which will be formatted aws {vpc_full_name}-{label}-{availability_zone}
 * * bits: number of additional bits to add to the mask.  Generally, for four availability zones, you'll want to use
 * 2 here (2^2 = 4).  For two AZs, you can use 1 (2^1 = 2).
+* * offset: a number determining which CIDR block to start with when splitting the subnet (base_cidr) into N bits more parts.  This can be used
+* for off-boundary aggregating
 * * private: boolean flag indicating whether the subnet is for public use (like with an EIB and NAT gateway or ALB), or private.  Most will
 * be private.
+* * enabled: boolean indicaiting the subnet is enabled or not (use enabled=false for free blocks)
+* * availability_zone: a way to make a subnet in a specific AZ.  Not implemented at this time.
 * * tags: map of key/value pairs for per-subnet block tags. This was introduced to support EKS subnet tagging.
 *
 */
@@ -77,11 +84,11 @@ locals {
       label              = v.label
       bits               = v.bits
       private            = v.private
-      subnets            = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, i)]
+      subnets            = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, v.offset + i)]
       labels             = [for az in local.availability_zones : format("%s-%s", v.label, az)]
       availability_zones = local.availability_zones
       tags               = lookup(v, "tags", {})
-    }
+    } if v.enabled
   }
   public_map = flatten([for k, v in local.public_subnets :
     #  [for i in local.az_count_list : tomap({ "subnet" = v.subnets[i], "label" = v.labels[i], "availability_zone" = v.availability_zones[i], "tags" = v.tags })]])
@@ -114,11 +121,11 @@ locals {
       label              = v.label
       bits               = v.bits
       private            = v.private
-      subnets            = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, i)]
+      subnets            = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, v.offset + i)]
       labels             = [for az in local.availability_zones : format("%s-%s", v.label, az)]
       availability_zones = local.availability_zones
       tags               = lookup(v, "tags", {})
-    }
+    } if v.enabled
   }
   private_map = flatten([for k, v in local.private_subnets :
     #  [for i in local.az_count_list : tomap({ "subnet" = v.subnets[i], "label" = v.labels[i], "availability_zone" = v.availability_zones[i], "tags" = v.tags })]])