cloudposse / terraform-aws-named-subnets Goto Github PK

what

• Add example invocation

why

• We need this so we can soon enable automated continuous integration testing of module

After creating subnets with the cloudposse terraform-aws-named-subnets module, There might be a need to re-name the subnets.
I would expect that simply changing the items in the 'subnet_names' list would let the subnets name tag be updated, or if needed, a subnet be recreated with the new name.
I get the following error if I change the subnet_name list item.
To work around this I had to destroy my project and re-create all resources again with the new name.
Even If I update the name in the AWS gui, I was not able to get around this.

Error: Error refreshing state: 2 error(s) occurred:

* module.private_subnets.output.named_subnet_ids: zipmap: count of keys (1) does not match count of values (0) in:

${zipmap(var.subnet_names, matchkeys(coalescelist(aws_subnet.private.*.id, aws_subnet.public.*.id), coalescelist(aws_subnet.private.*.tags.Named, aws_subnet.public.*.tags.Named), var.subnet_names))}
* module.public_subnets.output.named_subnet_ids: zipmap: count of keys (1) does not match count of values (0) in:

${zipmap(var.subnet_names, matchkeys(coalescelist(aws_subnet.private.*.id, aws_subnet.public.*.id), coalescelist(aws_subnet.private.*.tags.Named, aws_subnet.public.*.tags.Named), var.subnet_names))}

Terraform Version

Terraform v0.10.8

Output

ngw_id

Terraform Configuration Files

module "vpc" {
  source     = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=master"
  namespace  = "global"
  name       = "vpc"
  stage      = "dev"
  cidr_block = "172.32.0.0/16"
}

module "us_east_1a_public_subnets" {
  source            = "git::https://github.com/cloudposse/terraform-aws-named-subnets.git?ref=master"
  namespace         = "global"
  stage             = "dev"
  name              = "subnets"
  subnet_names      = ["alfa"]
  vpc_id            = "${module.vpc.vpc_id}"
  cidr_block        = "172.32.93.0/24"
  type              = "public"
  availability_zone = "us-east-1a"
  attributes        = ["us-east-1a"]
  igw_id            = "${module.vpc.igw_id}"
}

output "ngw_id" {
  value = "${module.us_east_1a_public_subnets.ngw_id}"
}

Debug Output

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
ngw_id =

Expected Behavior

Output should return NAT gateway id

Actual Behavior

Otput is empty

Steps to Reproduce

• terraform apply

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Describe the Feature

Allow users to specify an offset for the netnum value when calculating subnet cidr blocks.
e.g.

subnet_names = ["one", "two"]
cidr_block = 10.10.0.0/16
netnum_offset = 1

Which would result in 2 subnets with cidr blocks, 10.10.16.0/20 and 10.10.32.0/20

Expected Behavior

Specifying a netnum offset would offset the call to cidrsubnet by the given value
e.g.

cidrsubnet(var.cidr_block, ceil(log(var.max_subnets, 2)), count.index + var.netnum_offset)

Use Case

This valuable in cases where you want to use available addresses in a cidr block before needing to add an additional cidr block to the vpc.

Describe Ideal Solution

An optional variable (type = number) is added to the module that allows specification of a netnum offset. This offset is then used to offset the netnum value when calculating the subnet cidr block via the call to the cidrsubnet function.

Alternatives Considered

I could just add a new cidr block to the vpc, forego any netnum offset, and calling it a day. This is a totally valid and easy solution, but the addition of an offset doesn't seem too difficult either, and maybe someone else would also find value in this option.

Describe the Feature

IPv6

Expected Behavior

Currently only supports IPv4. Dynamic Subnets module supports this, but these two modules are interoperable, so those using named-subnets are relegated at the moment to IPv4 only.

Use Case

IPv6 is becoming more mainstream. AWS is charging for IPv4 pubic use.

Describe Ideal Solution

Add IPv6 support.

Alternatives Considered

No response

Additional Context

No response

Found a bug? Maybe our Slack Community can help.

Describe the Bug

Hitting something related with the latest AWS provider as of right now (3.34.0) which adds some new validation enhancements with aws_route: "resource/aws_route: Validate route destination and target attributes (#16930)".

The module was provisioned using the 3.33.0 version of the AWS provider. Then after updating to 3.34.0 via terraform init -upgrade, the following errors occur during terraform plan:

      Error: ExactlyOne
        on .terraform/modules/us_east_1a_private_subnets/private.tf line 41, in resource "aws_route" "private":
        41: resource "aws_route" "private" {
      "vpc_endpoint_id": only one of
  `egress_only_gateway_id,gateway_id,instance_id,local_gateway_id,nat_gateway_id,network_interface_id,transit_gateway_id,vpc_endpoint_id,vpc_peering_connection_id`
      can be specified, but `nat_gateway_id,network_interface_id` were specified.

I believe it's getting a list value of nat_gateway_id,network_interface_id and expecting a single value of nat_gateway_id or network_interface_id.

I don't think the values matter but this is the config, very much similar like the examples:

module "vpc" {
  source  = "cloudposse/vpc/aws"
  version = "0.21.1"

  context    = module.this.context
  cidr_block = var.vpc_cidr_block
}

locals {
  us_east_1a_public_cidr_block  = cidrsubnet(module.vpc.vpc_cidr_block, 2, 0)
  us_east_1a_private_cidr_block = cidrsubnet(module.vpc.vpc_cidr_block, 2, 1)
}

module "us_east_1a_public_subnets" {
  source  = "cloudposse/named-subnets/aws"
  version = "0.11.0"

  context           = module.this.context
  subnet_names      = var.public_subnet_names
  vpc_id            = module.vpc.vpc_id
  cidr_block        = local.us_east_1a_public_cidr_block
  type              = "public"
  igw_id            = module.vpc.igw_id
  availability_zone = "us-east-1a"
  attributes        = ["us-east-1a"]
}

module "us_east_1a_private_subnets" {
  source  = "cloudposse/named-subnets/aws"
  version = "0.11.0"

  context           = module.this.context
  subnet_names      = var.private_subnet_names
  vpc_id            = module.vpc.vpc_id
  cidr_block        = local.us_east_1a_private_cidr_block
  type              = "private"
  availability_zone = "us-east-1a"
  attributes        = ["us-east-1a"]
  ngw_id            = module.us_east_1a_public_subnets.ngw_id
}

Expected Behavior

The infrastructure created by this module is compatible with the latest 3.34.0 AWS provider after being provisioned earlier using AWS provider 3.33.0.

Steps to Reproduce

Steps to reproduce the behavior:

1. Provision examples config using AWS provider 3.33.0. (terraform init, terraform apply)
2. Run terraform init -upgrade
3. Run terraform play
4. See error

Environment (please complete the following information):

Anything that will help us triage the bug will help. Here are some ideas:

• OS: OSX 10.15
• Terraform v0.14.7

Additional Context

Workaround is to pin the provider to 3.33.0 going forward but don't know yet what the remediation of this would be to get past 3.33.0.

Found a bug? Maybe our Slack Community can help.

Describe the Bug

Even though the variable private_network_acl_id exists, if you pass it from the vpc module you get a count error

Error: Invalid count argument

  on .terraform/modules/dev_subnets/private.tf line 56, in resource "aws_network_acl" "private":
  56:   count      = module.this.enabled && var.type == "private" && signum(length(var.private_network_acl_id)) == 0 ? 1 : 0

The "count" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the count depends on.

Expected Behavior

I would expect to be able to pass the acl reference down. Perhaps this is a limitation in terraform?

I'm not sure if you guys are attempting to maintain backward compatibility with 0.11 but the module doesn't run under 0.12. Supporting 0.11/0.12 is probably beyond my current understanding of Terraform.

Regardless, I will fork and update this as I want to use the module and we only use 0.12.

Found a bug? Maybe our Slack Community can help.

Describe the Bug

Seems like the context.tf is out of date compared to others with respect to null-label? The current null-label is pointing to a version that doesn't work with tf 0.14.0

Expected Behavior

I would expect null-label to be updated to the latest version especially since there seems to be an auto-update process.