Skip to content

Unable to define a Name tag on the aws_vpc_block_public_access_exclusion resource #1169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
1 task done
garym-krrv opened this issue Feb 12, 2025 · 4 comments · Fixed by #1170
Closed
1 task done

Unable to define a Name tag on the aws_vpc_block_public_access_exclusion resource #1169

garym-krrv opened this issue Feb 12, 2025 · 4 comments · Fixed by #1170

Comments

@garym-krrv
Copy link
Contributor

garym-krrv commented Feb 12, 2025
edited
Loading

Description

Module 5.19.0 introduced the new feature of configuring aws_vpc_block_public_access_exclusion. However, the module does not allow you to set a name for each exclusion. It only takes var.tags into the resource. We need to be able to set the Name tag independantly

If your request is for a new feature, please use the Feature request template.

  • ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

  1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
  2. Re-initialize the project root to pull down modules: terraform init
  3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

  • Module version [Required]: 5.19.0

  • Terraform version: 1.5.7

  • Provider version(s): 5.86.1

Reproduction Code [Required]

module "vpc_main" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.19.0"

  name = "test"
  cidr = "172.16.16.0/20"

  azs              = local.azs
  public_subnets   = [for no_of_azs, v in local.azs : cidrsubnet("172.16.16.0/20", 5, no_of_azs)]
  private_subnets  = [for no_of_azs, v in local.azs : cidrsubnet("172.16.16.0/20", 5, no_of_azs + 3)]
  database_subnets = [for no_of_azs, v in local.azs : cidrsubnet("172.16.16.0/20", 5, no_of_azs + 6)]

  enable_nat_gateway                 = true
  enable_vpn_gateway                 = false
  propagate_private_route_tables_vgw = true

  create_database_subnet_group = true

  vpc_block_public_access_options = {
    internet_gateway_block_mode = "block-bidirectional"
  }

  vpc_block_public_access_exclusions = {
    for i, subnet in module.vpc_main.public_subnets :
    "exclude_subnet_public_${i}" => {
      exclude_subnet                  = true
      subnet_index                    = i
      subnet_type                     = "public"
      internet_gateway_exclusion_mode = "allow-bidirectional"
    }
  }

  default_network_acl_ingress = [
    {
      action     = "allow"
      cidr_block = "0.0.0.0/0"
      from_port  = 0
      icmp_code  = 0
      icmp_type  = 0
      protocol   = "-1"
      rule_no    = 100
      to_port    = 0
    },
    {
      action     = "deny"
      cidr_block = "0.0.0.0/0"
      from_port  = 22
      icmp_code  = 0
      icmp_type  = 0
      protocol   = "6"
      rule_no    = 90
      to_port    = 22
    },
    {
      action     = "deny"
      cidr_block = "0.0.0.0/0"
      from_port  = 3389
      icmp_code  = 0
      icmp_type  = 0
      protocol   = "6"
      rule_no    = 95
      to_port    = 3389
    }
  ]
}

Expected behavior

To be able to pass in a Name Tag into the module to set on the AWS resource

Actual behavior

Unable to pass Name Tag

Additional context

Issue is on line 89 of main.tf tags = var.tags
It does not account for adding a Name Tag as does the rest of the module
@garym-krrv garym-krrv changed the title Unable to define a name on the aws_vpc_block_public_access_exclusion resource Unable to define a Name tag on the aws_vpc_block_public_access_exclusion resource Feb 12, 2025
@garym-krrv garym-krrv mentioned this issue Feb 12, 2025
Merged
3 tasks
@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

@github-actions github-actions bot added the stale label Mar 15, 2025
@garym-krrv
Copy link
Contributor Author

This is not stale. Pending PR approval

@github-actions github-actions bot removed the stale label Mar 18, 2025
@garym-krrv
Copy link
Contributor Author

Still not stale and requires approval

@antonbabenko
Copy link
Member

This issue has been resolved in version 5.20.0 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@antonbabenko @garym-krrv