diff --git a/CHANGELOG.md b/CHANGELOG.md
index 750d48e..e95600d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -218,3 +218,7 @@
- vpc-transit-gateway-association
- data: add vpn prefix list
- self: add routes for vpn
+
+* 2.4.4 -- 2022-11-04
+ - subnets
+ - add offset, enabled, availability_zone
diff --git a/common/variables.common.subnets.tf b/common/variables.common.subnets.tf
index e3dca40..64e3f5c 100644
--- a/common/variables.common.subnets.tf
+++ b/common/variables.common.subnets.tf
@@ -1,11 +1,15 @@
+# availability_zone does nothign at this point
variable "public_subnets" {
description = "List of objects with public subnet information to be created"
type = list(object({
- base_cidr = string
- label = string
- bits = number
- private = bool
- tags = map(string)
+ base_cidr = string
+ label = string
+ bits = number
+ offset = optional(number, 0)
+ private = bool
+ tags = map(string)
+ enabled = optional(bool, true)
+ availability_zone = optional(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
@@ -13,14 +17,18 @@ variable "public_subnets" {
default = []
}
+# availability_zone does nothign at this point
variable "private_subnets" {
description = "List of objects with private subnet information to be created"
type = list(object({
- base_cidr = string
- label = string
- bits = number
- private = bool
- tags = map(string)
+ base_cidr = string
+ label = string
+ bits = number
+ offset = optional(number, 0)
+ private = bool
+ tags = map(string)
+ enabled = optional(bool, true)
+ availability_zone = optional(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
diff --git a/common/version.tf b/common/version.tf
index 9761672..d29b6e2 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,5 +1,5 @@
locals {
- _module_version = "2.4.3"
+ _module_version = "2.4.4"
_module_names = {
"_main_" = "aws-vpc-setup"
diff --git a/subnets/README.md b/subnets/README.md
index 3198692..a94888d 100644
--- a/subnets/README.md
+++ b/subnets/README.md
@@ -31,7 +31,10 @@ information _objects_:
base\_cidr = string
label = string
bits = number
+ offset = number
private = bool
+ enabled = bool
+ availability\_zone = string
tags = map(string)
}))
```
@@ -43,8 +46,12 @@ block. You'll get errors.
* label: a text label to be applied to each subnet, which will be formatted aws {vpc_full_name}-{label}-{availability_zone}
* bits: number of additional bits to add to the mask. Generally, for four availability zones, you'll want to use
2 here (2^2 = 4). For two AZs, you can use 1 (2^1 = 2).
+* offset: a number determining which CIDR block to start with when splitting the subnet (base_cidr) into N bits more parts. This can be used
+for off-boundary aggregating
* private: boolean flag indicating whether the subnet is for public use (like with an EIB and NAT gateway or ALB), or private. Most will
be private.
+* enabled: boolean indicaiting the subnet is enabled or not (use enabled=false for free blocks)
+* availability_zone: a way to make a subnet in a specific AZ. Not implemented at this time.
* tags: map of key/value pairs for per-subnet block tags. This was introduced to support EKS subnet tagging.
```
@@ -55,6 +62,7 @@ be private.
| [terraform](#requirement\_terraform) | >= 0.13 |
| [aws](#requirement\_aws) | >= 3.66.0 |
| [ldap](#requirement\_ldap) | >= 0.5.4 |
+| [local](#requirement\_local) | >= 1.0.0 |
| [null](#requirement\_null) | >= 3.0 |
| [random](#requirement\_random) | >= 3.0 |
| [template](#requirement\_template) | >= 2.0 |
@@ -90,8 +98,8 @@ No modules.
| [account\_id](#input\_account\_id) | AWS Account ID (default: will pull from current user) | `string` | `""` | no |
| [availability\_zones](#input\_availability\_zones) | AWS Availability Zones to use (by default will use all available) | `list(string)` | `[]` | no |
| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
-| [private\_subnets](#input\_private\_subnets) | List of objects with private subnet information to be created | list(object({
base_cidr = string
label = string
bits = number
private = bool
tags = map(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
})) | `[]` | no |
-| [public\_subnets](#input\_public\_subnets) | List of objects with public subnet information to be created | list(object({
base_cidr = string
label = string
bits = number
private = bool
tags = map(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
})) | `[]` | no |
+| [private\_subnets](#input\_private\_subnets) | List of objects with private subnet information to be created | list(object({
base_cidr = string
label = string
bits = number
offset = optional(number, 0)
private = bool
tags = map(string)
enabled = optional(bool, true)
availability_zone = optional(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
})) | `[]` | no |
+| [public\_subnets](#input\_public\_subnets) | List of objects with public subnet information to be created | list(object({
base_cidr = string
label = string
bits = number
offset = optional(number, 0)
private = bool
tags = map(string)
enabled = optional(bool, true)
availability_zone = optional(string)
# subnets = list(string)
# labels = list(string)
# availability_zones = list(string)
})) | `[]` | no |
| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
| [vpc\_environment](#input\_vpc\_environment) | VPC environment purpose (infrastructure, common, shared, dev, stage, ite, prod) | `string` | `null` | no |
| [vpc\_full\_name](#input\_vpc\_full\_name) | VPC full name component (vpc{index}-{vpc\_name}) | `string` | `null` | no |
diff --git a/subnets/main.tf b/subnets/main.tf
index 247a862..0d34cd7 100644
--- a/subnets/main.tf
+++ b/subnets/main.tf
@@ -32,7 +32,10 @@
* base_cidr = string
* label = string
* bits = number
+* offset = number
* private = bool
+* enabled = bool
+* availability_zone = string
* tags = map(string)
* }))
* ```
@@ -44,8 +47,12 @@
* * label: a text label to be applied to each subnet, which will be formatted aws {vpc_full_name}-{label}-{availability_zone}
* * bits: number of additional bits to add to the mask. Generally, for four availability zones, you'll want to use
* 2 here (2^2 = 4). For two AZs, you can use 1 (2^1 = 2).
+* * offset: a number determining which CIDR block to start with when splitting the subnet (base_cidr) into N bits more parts. This can be used
+* for off-boundary aggregating
* * private: boolean flag indicating whether the subnet is for public use (like with an EIB and NAT gateway or ALB), or private. Most will
* be private.
+* * enabled: boolean indicaiting the subnet is enabled or not (use enabled=false for free blocks)
+* * availability_zone: a way to make a subnet in a specific AZ. Not implemented at this time.
* * tags: map of key/value pairs for per-subnet block tags. This was introduced to support EKS subnet tagging.
*
*/
@@ -77,11 +84,11 @@ locals {
label = v.label
bits = v.bits
private = v.private
- subnets = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, i)]
+ subnets = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, v.offset + i)]
labels = [for az in local.availability_zones : format("%s-%s", v.label, az)]
availability_zones = local.availability_zones
tags = lookup(v, "tags", {})
- }
+ } if v.enabled
}
public_map = flatten([for k, v in local.public_subnets :
# [for i in local.az_count_list : tomap({ "subnet" = v.subnets[i], "label" = v.labels[i], "availability_zone" = v.availability_zones[i], "tags" = v.tags })]])
@@ -114,11 +121,11 @@ locals {
label = v.label
bits = v.bits
private = v.private
- subnets = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, i)]
+ subnets = [for i in local.az_count_list : cidrsubnet(v.base_cidr, v.bits, v.offset + i)]
labels = [for az in local.availability_zones : format("%s-%s", v.label, az)]
availability_zones = local.availability_zones
tags = lookup(v, "tags", {})
- }
+ } if v.enabled
}
private_map = flatten([for k, v in local.private_subnets :
# [for i in local.az_count_list : tomap({ "subnet" = v.subnets[i], "label" = v.labels[i], "availability_zone" = v.availability_zones[i], "tags" = v.tags })]])