From 33a24a35bad4c9335f2ed551ab8f06a302a31fdf Mon Sep 17 00:00:00 2001 From: Benjamin Smith Date: Mon, 27 Jun 2022 19:38:49 -0700 Subject: [PATCH] Re-support Default Routing Table #44 (#62) * revert PR #44 * Auto Format * Apply suggestions from code review Co-authored-by: Andriy Knysh * revert accidental dleetion * pr comments * Auto Format * more pr comments * Auto Format * ids not id * Auto Format * working map * Auto Format * remove extra tests for now * revert more tests * Apply suggestions from code review Co-authored-by: Andriy Knysh * Auto Format * PR Comments * Apply suggestions from code review Co-authored-by: Nuru Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Andriy Knysh Co-authored-by: Nuru --- README.md | 6 ++++-- accepter.tf | 52 ++++++++++++++++++++++++++++++++++------------- docs/terraform.md | 6 ++++-- 3 files changed, 46 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index c7678ea..6f9cd8b 100644 --- a/README.md +++ b/README.md @@ -357,10 +357,11 @@ Available targets: | [aws_caller_identity.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | | [aws_region.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | | [aws_region.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_route_table.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_table) | data source | | [aws_route_table.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_table) | data source | -| [aws_subnet_ids.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) | data source | +| [aws_route_tables.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_tables) | data source | +| [aws_route_tables.default_rts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_tables) | data source | | [aws_subnet_ids.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) | data source | +| [aws_subnets.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source | | [aws_vpc.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | | [aws_vpc.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | @@ -419,6 +420,7 @@ Available targets: |------|-------------| | [accepter\_accept\_status](#output\_accepter\_accept\_status) | Accepter VPC peering connection request status | | [accepter\_connection\_id](#output\_accepter\_connection\_id) | Accepter VPC peering connection ID | +| [accepter\_subnet\_route\_table\_map](#output\_accepter\_subnet\_route\_table\_map) | Map of accepter VPC subnet IDs to route table IDs | | [requester\_accept\_status](#output\_requester\_accept\_status) | Requester VPC peering connection request status | | [requester\_connection\_id](#output\_requester\_connection\_id) | Requester VPC peering connection ID | diff --git a/accepter.tf b/accepter.tf index 828a00d..0eac658 100644 --- a/accepter.tf +++ b/accepter.tf @@ -48,46 +48,65 @@ data "aws_vpc" "accepter" { } # Lookup accepter subnets -data "aws_subnet_ids" "accepter" { +data "aws_subnets" "accepter" { count = local.accepter_count provider = aws.accepter - vpc_id = local.accepter_vpc_id - tags = var.accepter_subnet_tags + filter { + name = "vpc-id" + values = [local.accepter_vpc_id] + } + tags = var.accepter_subnet_tags } locals { - accepter_subnet_ids = try(distinct(sort(flatten(data.aws_subnet_ids.accepter.*.ids))), []) + accepter_subnet_ids = local.accepter_enabled ? data.aws_subnets.accepter[0].ids : [] accepter_subnet_ids_count = length(local.accepter_subnet_ids) accepter_vpc_id = join("", data.aws_vpc.accepter.*.id) accepter_account_id = join("", data.aws_caller_identity.accepter.*.account_id) accepter_region = join("", data.aws_region.accepter.*.name) } -# Lookup accepter route tables -data "aws_route_table" "accepter" { - count = local.accepter_enabled ? local.accepter_subnet_ids_count : 0 - provider = aws.accepter - subnet_id = element(local.accepter_subnet_ids, count.index) +data "aws_route_tables" "accepter" { + for_each = toset(local.accepter_subnet_ids) + provider = aws.accepter + vpc_id = local.accepter_vpc_id + filter { + name = "association.subnet-id" + values = [each.key] + } +} + +# If we had more subnets than routetables, we should update the default. +data "aws_route_tables" "default_rts" { + count = local.count + provider = aws.accepter + vpc_id = local.accepter_vpc_id + filter { + name = "association.main" + values = ["true"] + } } locals { - accepter_aws_route_table_ids = try(distinct(sort(data.aws_route_table.accepter.*.route_table_id)), []) + accepter_aws_default_rt_id = join("", flatten(data.aws_route_tables.default_rts.*.ids)) + accepter_aws_rt_map = { for s in local.accepter_subnet_ids : s => try(data.aws_route_tables.accepter[s].ids[0], local.accepter_aws_default_rt_id) } + accepter_aws_route_table_ids = distinct(sort(values(local.accepter_aws_rt_map))) accepter_aws_route_table_ids_count = length(local.accepter_aws_route_table_ids) - accepter_cidr_block_associations = try(flatten(data.aws_vpc.accepter.*.cidr_block_associations), []) + accepter_cidr_block_associations = flatten(data.aws_vpc.accepter.*.cidr_block_associations) accepter_cidr_block_associations_count = length(local.accepter_cidr_block_associations) } # Create routes from accepter to requester resource "aws_route" "accepter" { - count = local.accepter_enabled ? local.accepter_aws_route_table_ids_count * local.requester_cidr_block_associations_count : 0 + count = local.enabled ? local.accepter_aws_route_table_ids_count * local.requester_cidr_block_associations_count : 0 provider = aws.accepter route_table_id = local.accepter_aws_route_table_ids[floor(count.index / local.requester_cidr_block_associations_count)] destination_cidr_block = local.requester_cidr_block_associations[count.index % local.requester_cidr_block_associations_count]["cidr_block"] vpc_peering_connection_id = join("", aws_vpc_peering_connection.requester.*.id) depends_on = [ - data.aws_route_table.accepter, + data.aws_route_tables.accepter, aws_vpc_peering_connection_accepter.accepter, - aws_vpc_peering_connection.requester + aws_vpc_peering_connection.requester, ] timeouts { @@ -124,3 +143,8 @@ output "accepter_accept_status" { value = join("", aws_vpc_peering_connection_accepter.accepter.*.accept_status) description = "Accepter VPC peering connection request status" } + +output "accepter_subnet_route_table_map" { + value = local.accepter_aws_rt_map + description = "Map of accepter VPC subnet IDs to route table IDs" +} \ No newline at end of file diff --git a/docs/terraform.md b/docs/terraform.md index c28d899..1f79580 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -35,10 +35,11 @@ | [aws_caller_identity.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | | [aws_region.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | | [aws_region.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_route_table.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_table) | data source | | [aws_route_table.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_table) | data source | -| [aws_subnet_ids.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) | data source | +| [aws_route_tables.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_tables) | data source | +| [aws_route_tables.default_rts](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route_tables) | data source | | [aws_subnet_ids.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) | data source | +| [aws_subnets.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source | | [aws_vpc.accepter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | | [aws_vpc.requester](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | @@ -97,6 +98,7 @@ |------|-------------| | [accepter\_accept\_status](#output\_accepter\_accept\_status) | Accepter VPC peering connection request status | | [accepter\_connection\_id](#output\_accepter\_connection\_id) | Accepter VPC peering connection ID | +| [accepter\_subnet\_route\_table\_map](#output\_accepter\_subnet\_route\_table\_map) | Map of accepter VPC subnet IDs to route table IDs | | [requester\_accept\_status](#output\_requester\_accept\_status) | Requester VPC peering connection request status | | [requester\_connection\_id](#output\_requester\_connection\_id) | Requester VPC peering connection ID |