allow private/public subnets to be individually tagged (#1)

Co-authored-by: Sung Kang <[email protected]>
PaytmLabs · Mar 21, 2022 · 4457efc · 4457efc
1 parent e021186
commit 4457efc
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 8 deletions.
diff --git a/examples/eks-subnet-tagging/main.tf b/examples/eks-subnet-tagging/main.tf
@@ -0,0 +1,31 @@
+module "vpc" {
+  source = "../../"
+
+  name = "my-eks-cluster"
+
+  cidr = "10.0.0.0/16"
+
+  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
+  private_subnets = ["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19", "10.0.128.0/20", "10.0.144.0/20"]
+  public_subnets  = ["10.0.160.0/19", "10.0.192.0/19", "10.0.224.0/20", "10.0.240.0/20"]
+
+  enable_nat_gateway = true
+  single_nat_gateway = true
+
+  private_subnet_tags = {
+    global = { foo = "bar" }
+    0 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    1 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    2 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    3 = { "kubernetes.io/role/internal-elb" = 1 }
+    4 = { "component" = "some other component"}
+  }
+
+  public_subnet_tags = {
+    global = { foo = "bar" }
+    0 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    1 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    2 = { "kubernetes.io/cluster/my-eks-cluster-name" = "shared" }
+    3 = { "component" = "some other component"}
+  }
+}
diff --git a/examples/network-acls/main.tf b/examples/network-acls/main.tf
@@ -186,7 +186,7 @@ module "vpc" {
   single_nat_gateway = true
 
   public_subnet_tags = {
-    Name = "overridden-name-public"
+    global = { Name = "overridden-name-public" }
   }
 
   tags = {

diff --git a/examples/secondary-cidr-blocks/main.tf b/examples/secondary-cidr-blocks/main.tf
@@ -28,7 +28,7 @@ module "vpc" {
   single_nat_gateway = true
 
   public_subnet_tags = {
-    Name = "overridden-name-public"
+    global = { Name = "overridden-name-public"}
   }
 
   tags = {

diff --git a/main.tf b/main.tf
@@ -11,6 +11,18 @@ locals {
   vpc_id = try(aws_vpc_ipv4_cidr_block_association.this[0].vpc_id, aws_vpc.this[0].id, "")
 
   create_vpc = var.create_vpc && var.putin_khuylo
+
+  private_subnet_tags = merge(
+    { "global" = {} },
+    { for i in range(length(var.private_subnets)): i => {} },
+    var.private_subnet_tags
+  )
+
+  public_subnet_tags = merge(
+    { "global" = {} },
+    { for i in range(length(var.public_subnets)): i => {} },
+    var.public_subnet_tags
+  )
 }
 
 ################################################################################
@@ -369,7 +381,8 @@ resource "aws_subnet" "public" {
       )
     },
     var.tags,
-    var.public_subnet_tags,
+    local.public_subnet_tags["global"],
+    local.public_subnet_tags[count.index],
   )
 }
 
@@ -396,7 +409,8 @@ resource "aws_subnet" "private" {
       )
     },
     var.tags,
-    var.private_subnet_tags,
+    local.private_subnet_tags["global"],
+    local.private_subnet_tags[count.index],
   )
 }
 

diff --git a/variables.tf b/variables.tf
@@ -437,14 +437,14 @@ variable "igw_tags" {
 }
 
 variable "public_subnet_tags" {
-  description = "Additional tags for the public subnets"
-  type        = map(string)
+  description = "Additional tags for the public subnets. Keyed based on subnets, global tags will be applied to all subnets"
+  type        = map(map(string))
   default     = {}
 }
 
 variable "private_subnet_tags" {
-  description = "Additional tags for the private subnets"
-  type        = map(string)
+  description = "Additional tags for the private subnets. Keyed based on subnets, global tags will be applied to all subnets"
+  type        = map(map(string))
   default     = {}
 }