rancher
/
terraform-aws-access
mirror of https://github.com/rancher/terraform-aws-access.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: make subnet names static (#71) 

* fix: make network names static

Signed-off-by: matttrach <matt.trachier@suse.com>

* fix: put flag back

Signed-off-by: matttrach <matt.trachier@suse.com>

---------

Signed-off-by: matttrach <matt.trachier@suse.com>
This commit is contained in:
Matt Trachier 2024-05-03 18:26:38 -05:00 committed by GitHub
parent 916d98b7b0
commit b256b55fb6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 24 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -1,5 +1,7 @@
# Terraform AWS Access # Terraform AWS Access
WARNING! The subnets argument must not be derived from an apply time resource.
## Recent Changes ## Recent Changes
- Manage external access - Manage external access

10
examples/basic/main.tf
View File

@ -13,17 +13,11 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "basic" example = "basic"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
zone = var.zone zone = var.zone
domain = "${local.identifier}.${local.zone}" domain = "${local.identifier}.${local.zone}"
} }
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
}
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

10
examples/domain/main.tf
View File

@ -13,19 +13,13 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "domain" example = "domain"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
owner = "terraform-ci@suse.com" owner = "terraform-ci@suse.com"
zone = var.zone zone = var.zone
domain = "${local.identifier}.${local.zone}" domain = "${local.identifier}.${local.zone}"
#zone = var.domain_zone #zone = var.domain_zone
} }
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
}
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

10
examples/ingress/main.tf
View File

@ -14,17 +14,11 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "ingress" example = "ingress"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
zone = var.zone zone = var.zone
domain = "${local.identifier}.${local.zone}" domain = "${local.identifier}.${local.zone}"
} }
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
}
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

10
examples/loadbalancer/main.tf
View File

@ -13,15 +13,9 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "loadbalancer" example = "loadbalancer"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
}
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
} }
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

10
examples/securitygroup/main.tf
View File

@ -13,15 +13,9 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "securitygroup" example = "securitygroup"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
}
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
} }
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

9
examples/selectvpc/main.tf
View File

@ -14,17 +14,10 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "selectvpc" example = "selectvpc"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
zone = var.zone zone = var.zone
domain = "${local.identifier}.${local.zone}" domain = "${local.identifier}.${local.zone}"
} }
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
}
module "setup" { module "setup" {
source = "../../" source = "../../"

16
examples/subnets/main.tf
View File

@ -13,32 +13,26 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "subnets" example = "subnets"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
}
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
} }
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"
vpc_name = "${local.project_name}-vpc" vpc_name = "${local.project_name}-vpc"
vpc_cidr = "10.0.255.0/24" # gives 256 usable addresses from .1 to .254, but AWS reserves .1 to .4 and .255, leaving .5 to .254 vpc_cidr = "10.0.255.0/24" # gives 256 usable addresses from .1 to .254, but AWS reserves .1 to .4 and .255, leaving .5 to .254
subnets = { subnets = {
"subnetA" = { "${local.project_name}A" = {
cidr = "10.0.255.0/26" cidr = "10.0.255.0/26"
availability_zone = "us-west-2a" availability_zone = "us-west-2a"
public = false # when true AWS will automatically provision public ips for instances in this subnet public = false # when true AWS will automatically provision public ips for instances in this subnet
} }
"subnetB" = { "${local.project_name}B" = {
cidr = "10.0.255.64/26" cidr = "10.0.255.64/26"
availability_zone = "us-west-2b" availability_zone = "us-west-2b"
public = false # when true AWS will automatically provision public ips for instances in this subnet public = false # when true AWS will automatically provision public ips for instances in this subnet
} }
"subnetC" = { "${local.project_name}C" = {
cidr = "10.0.255.128/26" cidr = "10.0.255.128/26"
availability_zone = "us-west-2c" availability_zone = "us-west-2c"
public = false # when true AWS will automatically provision public ips for instances in this subnet public = false # when true AWS will automatically provision public ips for instances in this subnet

10
examples/vpc/main.tf
View File

@ -13,15 +13,9 @@ provider "acme" {
locals { locals {
identifier = var.identifier identifier = var.identifier
example = "vpc" example = "vpc"
project_name = "tf-${substr(md5(join("-", [local.example, random_pet.string.id])), 0, 5)}-${local.identifier}" project_name = "tf-${substr(md5(join("-", [local.example, md5(local.identifier)])), 0, 5)}-${local.identifier}"
}
resource "random_pet" "string" {
keepers = {
# regenerate the pet name when the identifier changes
identifier = local.identifier
}
length = 1
} }
# AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively) # AWS reserves the first four IP addresses and the last IP address in any CIDR block for its own use (cumulatively)
module "this" { module "this" {
source = "../../" source = "../../"

4
main.tf
View File

@ -47,7 +47,7 @@ locals {
vpc_cidr = (var.vpc_cidr == "" ? "10.0.255.0/24" : var.vpc_cidr) vpc_cidr = (var.vpc_cidr == "" ? "10.0.255.0/24" : var.vpc_cidr)
# subnet # subnet
subnets = (local.subnet_mod == 1 ? var.subnets : {}) subnets = var.subnets
subnet_names = keys(local.subnets) subnet_names = keys(local.subnets)
subnet_count = length(local.subnets) subnet_count = length(local.subnets)
newbits = (local.subnet_count > 1 ? ceil(log(local.subnet_count, 2)) : 1) newbits = (local.subnet_count > 1 ? ceil(log(local.subnet_count, 2)) : 1)
@ -86,7 +86,7 @@ module "subnet" {
depends_on = [ depends_on = [
module.vpc, module.vpc,
] ]
for_each = local.subnets for_each = (local.subnet_mod == 1 ? local.subnets : {})
source = "./modules/subnet" source = "./modules/subnet"
use = local.subnet_use_strategy use = local.subnet_use_strategy
vpc_id = module.vpc[0].id vpc_id = module.vpc[0].id

1
variables.tf
View File

@ -79,6 +79,7 @@ variable "subnets" {
- The cidr will be generated based on the VPC's cidr and the number of subnets you are creating. - The cidr will be generated based on the VPC's cidr and the number of subnets you are creating.
- The public flag will be set to false. - The public flag will be set to false.
If you are expecting high availability, make sure there are at least three availability zones in the region you are deploying to. If you are expecting high availability, make sure there are at least three availability zones in the region you are deploying to.
WARNING! The key for this argument must not be derived from a resource, it must be static.
EOT EOT
default = { "default" = { default = { "default" = {
cidr = "", # will be generated based on the vpc cidr cidr = "", # will be generated based on the vpc cidr