add ipam ipv4 support

examples/ipam-vpc/main.tf

@@ -0,0 +1,56 @@
+provider "aws" {
+  region = "eu-west-1"
+}
+
+locals {
+  name = "ipam-vpc-example"
+}
+
+# IPAM Setup
+data "aws_region" "current" {}
+
+resource "aws_vpc_ipam" "example" {
+  operating_regions {
+    region_name = data.aws_region.current.name
+  }
+}
+
+resource "aws_vpc_ipam_pool" "ipv4_example" {
+  address_family                    = "ipv4"
+  ipam_scope_id                     = aws_vpc_ipam.example.private_default_scope_id
+  locale                            = data.aws_region.current.name
+  allocation_default_netmask_length = 28
+}
+
+resource "aws_vpc_ipam_pool_cidr" "ipv4_example" {
+  ipam_pool_id = aws_vpc_ipam_pool.ipv4_example.id
+  cidr         = "172.2.0.0/16"
+}
+
+# Usage Patterns
+
+module "no_ipam_vpc_example" {
+  source = "../.."
+  name   = "no-ipam-${local.name}"
+  cidr   = "172.2.0.32/28"
+}
+
+module "ipv4_ipam_explicit_cidr_vpc" {
+  source            = "../.."
+  name              = "ipv4-explicit-cidr-${local.name}"
+  ipv4_ipam_pool_id = aws_vpc_ipam_pool.ipv4_example.id
+  cidr              = "172.2.0.32/28"
+}
+
+module "ipv4_ipam_explicit_netmask_vpc" {
+  source              = "../.."
+  name                = "ipv4-explicit-netmask-${local.name}"
+  ipv4_ipam_pool_id   = aws_vpc_ipam_pool.ipv4_example.id
+  ipv4_netmask_length = 28
+}
+
+module "ipv4_ipam_default_netmask_vpc" {
+  source            = "../.."
+  name              = "ipv4-default-netmask-${local.name}"
+  ipv4_ipam_pool_id = aws_vpc_ipam_pool.ipv4_example.id
+}

examples/ipam-vpc/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 0.13.1"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.68"
+    }
+  }
+}

main.tf

@@ -16,6 +16,10 @@ locals {
     ),
     0,
   )
+  ipv4_using_ipam                 = var.ipv4_ipam_pool_id == null ? false : true
+  ipv4_ipam_with_explicit_cidr    = var.ipv4_ipam_pool_id != null && var.cidr != null ? true : false
+  ipv4_ipam_with_explicit_netmask = local.ipv4_using_ipam && var.ipv4_netmask_length != null ? var.ipv4_netmask_length : null
+  cidr                            = !local.ipv4_using_ipam || local.ipv4_ipam_with_explicit_cidr == true ? var.cidr : null
 }
 
 ################################################################################
@@ -25,7 +29,10 @@ locals {
 resource "aws_vpc" "this" {
   count = var.create_vpc ? 1 : 0
 
-  cidr_block                       = var.cidr
+  cidr_block          = local.cidr
+  ipv4_ipam_pool_id   = local.ipv4_using_ipam ? var.ipv4_ipam_pool_id : null
+  ipv4_netmask_length = local.ipv4_ipam_with_explicit_netmask
+
   instance_tenancy                 = var.instance_tenancy
   enable_dns_hostnames             = var.enable_dns_hostnames
   enable_dns_support               = var.enable_dns_support

variables.tf

@@ -11,9 +11,9 @@ variable "name" {
 }
 
 variable "cidr" {
-  description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden"
+  description = "(Optional) The IPv4 CIDR block for the VPC. CIDR can be explicitly set or it can be derived from IPAM using `ipv4_netmask_length` & `ipv4_ipam_pool_id`"
   type        = string
-  default     = "0.0.0.0/0"
+  default     = null
 }
 
 variable "enable_ipv6" {
@@ -1174,3 +1174,15 @@ variable "flow_log_per_hour_partition" {
   type        = bool
   default     = false
 }
+
+variable "ipv4_ipam_pool_id" {
+  description = "(Optional) The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR."
+  type        = string
+  default     = null
+}
+
+variable "ipv4_netmask_length" {
+  description = "(Optional) The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id."
+  type        = number
+  default     = null
+}

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.63"
+      version = ">= 3.68"
     }
   }
 }