Skip to content

Commit 2000bb1

Browse files
authored
Merge pull request #46 from aws-ia/update-subnets-docs
update subnet documentation
2 parents 0639b34 + 38d0cd0 commit 2000bb1

File tree

2 files changed

+52
-19
lines changed

2 files changed

+52
-19
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ The above example will cause only creating 2 new subnets in az `c` of the region
137137
|------|-------------|------|---------|:--------:|
138138
| <a name="input_az_count"></a> [az\_count](#input\_az\_count) | Searches region for # of AZs to use and takes a slice based on count. Assume slice is sorted a-z. | `number` | n/a | yes |
139139
| <a name="input_name"></a> [name](#input\_name) | Name to give VPC. Note: does not effect subnet names, which get assigned name based on name\_prefix. | `string` | n/a | yes |
140-
| <a name="input_subnets"></a> [subnets](#input\_subnets) | Configuration of subnets to build in VPC. Valid key restriction information found in variables.tf. | `any` | n/a | yes |
140+
| <a name="input_subnets"></a> [subnets](#input\_subnets) | Configuration of subnets to build in VPC. 1 Subnet per AZ is created. Subnet types are defined as maps with the available keys: "private", "public", "transit\_gateway". Each Subnet type offers its own set of available arguments detailed below.<br><br>Attributes shared across subnet types:<br>- `cidrs` = (Optional\|list(string)) **Cannot set if `netmask` is set.** List of CIDRs to set to subnets. Count of CIDRs defined must match quatity of azs in `az_count`.<br>- `netmask` = (Optional\|Int) Netmask of the `var.cidr_block` to calculate for each subnet. **Cannot set if `cidrs` is set.**<br>- `name_prefix` = (Optional\|String) A string prefix to use for the name of your subnet and associated resources. Subnet type key name is used if omitted (aka private, public, transit\_gateway). Example `name_prefix = "private"` for `var.subnets.private` is redundant.<br>- `tags` = (Optional\|map(string)) Tags to set on the subnet and associated resources.<br><br>`private` subnet type options:<br>- All shared keys above<br>- `route_to_nat` = (Optional\|bool) Determines if routes to NAT Gateways should be created. Default = false. Must also set `var.subnets.public.nat_gateway_configuration`.<br>- `route_to_transit_gateway` = (Optional\|list(string)) Optionally create routes from private subnets to transit gateway subnets.<br><br>`public` subnet type options:<br>- All shared keys above<br>- `nat_gateway_configuration` = (Optional\|string) Determines if NAT Gateways should be created and in how many AZs. Valid values = `"none"`, `"single_az"`, `"all_azs"`. Default = "none". Must also set `var.subnets.private.route_to_nat = true`.<br>- `route_to_transit_gateway` = (Optional\|list(string)) Optionally create routes from private subnets to transit gateway subnets.<br><br>`transit_gateway` subnet type options:<br>- All shared keys above<br>- `route_to_nat` = (Optional\|bool) Determines if routes to NAT Gateways should be created. Default = false. Must also set `var.subnets.public.nat_gateway_configuration`.<br>- `transit_gateway_id` = (Required\|string) Transit gateway to attach VPC to.<br>- `transit_gateway_default_route_table_association` = (Optional\|bool) Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways.<br>- `transit_gateway_default_route_table_propagation` = (Optional\|bool) Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways.<br><br>Example:<pre>subnets = {<br> public = {<br> netmask = 24<br> nat_gateway_configuration = "single_az"<br> route_to_transit_gateway = ["10.1.0.0/16"]<br> }<br><br> private = {<br> netmask = 24<br> route_to_nat = true<br> route_to_transit_gateway = ["10.1.0.0/16"]<br> }<br><br> transit_gateway = {<br> netmask = 24<br> transit_gateway_id = aws_ec2_transit_gateway.example.id<br> route_to_nat = false<br> transit_gateway_default_route_table_association = true<br> transit_gateway_default_route_table_propagation = true<br> }<br>}</pre> | `any` | n/a | yes |
141141
| <a name="input_cidr_block"></a> [cidr\_block](#input\_cidr\_block) | CIDR range to assign to VPC if creating VPC or to associte as a secondary CIDR. Overridden by var.vpc\_id output from data.aws\_vpc. | `string` | `null` | no |
142142
| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to all resources. | `map(string)` | `{}` | no |
143143
| <a name="input_vpc_enable_dns_hostnames"></a> [vpc\_enable\_dns\_hostnames](#input\_vpc\_enable\_dns\_hostnames) | Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. | `bool` | `true` | no |

variables.tf

Lines changed: 51 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -68,26 +68,59 @@ variable "vpc_ipv4_netmask_length" {
6868
}
6969

7070
variable "subnets" {
71-
description = "Configuration of subnets to build in VPC. Valid key restriction information found in variables.tf."
71+
description = <<-EOF
72+
Configuration of subnets to build in VPC. 1 Subnet per AZ is created. Subnet types are defined as maps with the available keys: "private", "public", "transit_gateway". Each Subnet type offers its own set of available arguments detailed below.
73+
74+
Attributes shared across subnet types:
75+
- `cidrs` = (Optional|list(string)) **Cannot set if `netmask` is set.** List of CIDRs to set to subnets. Count of CIDRs defined must match quatity of azs in `az_count`.
76+
- `netmask` = (Optional|Int) Netmask of the `var.cidr_block` to calculate for each subnet. **Cannot set if `cidrs` is set.**
77+
- `name_prefix` = (Optional|String) A string prefix to use for the name of your subnet and associated resources. Subnet type key name is used if omitted (aka private, public, transit_gateway). Example `name_prefix = "private"` for `var.subnets.private` is redundant.
78+
- `tags` = (Optional|map(string)) Tags to set on the subnet and associated resources.
79+
80+
`private` subnet type options:
81+
- All shared keys above
82+
- `route_to_nat` = (Optional|bool) Determines if routes to NAT Gateways should be created. Default = false. Must also set `var.subnets.public.nat_gateway_configuration`.
83+
- `route_to_transit_gateway` = (Optional|list(string)) Optionally create routes from private subnets to transit gateway subnets.
84+
85+
`public` subnet type options:
86+
- All shared keys above
87+
- `nat_gateway_configuration` = (Optional|string) Determines if NAT Gateways should be created and in how many AZs. Valid values = `"none"`, `"single_az"`, `"all_azs"`. Default = "none". Must also set `var.subnets.private.route_to_nat = true`.
88+
- `route_to_transit_gateway` = (Optional|list(string)) Optionally create routes from private subnets to transit gateway subnets.
89+
90+
`transit_gateway` subnet type options:
91+
- All shared keys above
92+
- `route_to_nat` = (Optional|bool) Determines if routes to NAT Gateways should be created. Default = false. Must also set `var.subnets.public.nat_gateway_configuration`.
93+
- `transit_gateway_id` = (Required|string) Transit gateway to attach VPC to.
94+
- `transit_gateway_default_route_table_association` = (Optional|bool) Boolean whether the VPC Attachment should be associated with the EC2 Transit Gateway association default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways.
95+
- `transit_gateway_default_route_table_propagation` = (Optional|bool) Boolean whether the VPC Attachment should propagate routes with the EC2 Transit Gateway propagation default route table. This cannot be configured or perform drift detection with Resource Access Manager shared EC2 Transit Gateways.
96+
97+
Example:
98+
```
99+
subnets = {
100+
public = {
101+
netmask = 24
102+
nat_gateway_configuration = "single_az"
103+
route_to_transit_gateway = ["10.1.0.0/16"]
104+
}
105+
106+
private = {
107+
netmask = 24
108+
route_to_nat = true
109+
route_to_transit_gateway = ["10.1.0.0/16"]
110+
}
111+
112+
transit_gateway = {
113+
netmask = 24
114+
transit_gateway_id = aws_ec2_transit_gateway.example.id
115+
route_to_nat = false
116+
transit_gateway_default_route_table_association = true
117+
transit_gateway_default_route_table_propagation = true
118+
}
119+
}
120+
```
121+
EOF
72122
type = any
73123

74-
######### EXAMPLE #########
75-
# subnets = {
76-
# public = {
77-
# name_prefix = "my-public" # omit to prefix with "public"
78-
# netmask = 24
79-
# nat_gateway_configuration = "all_azs" # options: "single_az", "none"
80-
# tags = { env = "dev" }
81-
# }
82-
83-
# private = {
84-
# name_prefix = "private"
85-
# netmask = 24
86-
# route_to_nat = true
87-
# }
88-
# }
89-
###########################
90-
91124
# Only valid keys for var.subnets
92125
validation {
93126
error_message = "Only valid key values \"public\", \"private\", or \"transit_gateway\"."

0 commit comments

Comments
 (0)