Terraform module for public and private subnets provisioning in existing VPC
APACHE-2.0 License
Bot releases are visible (Hide)
Published by cloudpossebot almost 4 years ago
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
cloudposse/label/null (source) | terraform | patch |
0.22.0 -> 0.22.1
|
v0.22.1
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.
Published by cloudpossebot almost 4 years ago
Despite the language in #42, which was closed by PR #86 which introduced existing_nat_ips
, and the description of the existing_nat_ips
variable, the previous behavior was that if you provide existing IPs, they are assumed to be connected to existing NAT gateways or instances. No new gateways are created. "existing_nat_ips" is interpreted to mean the IPs of existing NATs.
That behavior makes no sense. Nothing was done with the existing IPs, all that happened if you provided them was that no NATs were created. The same effect could be achieved by setting both nat_gateway_enabled
and nat_instance_enabled
to false
.
This release renames existing_nat_ips
to nat_elastic_ips
, so that anyone using existing_nat_ips
will be notified about the change in behavior, which otherwise could go unnoticed and be expensive. To retain the old behavior, set nat_elastic_ips
to the same list you previously used to set existing_nat_ips
, and set both nat_gateway_enabled
and nat_instance_enabled
to false
.
The new behavior is that creation of NAT gateways and/or instances is controlled only by nat_gateway_enabled
and nat_instance_enabled
. If you supply nat_elastic_ips
, you must supply at least enough IPs for all the created gateways/instances, and the provided IPs will be assigned to them. Otherwise, this module will allocate new elastic IPs for them.
Published by cloudpossebot almost 4 years ago
tf14 upgrade
old version of context label provider
Published by RothAndrew almost 4 years ago
Published by github-actions[bot] about 4 years ago
This release will change the tags on many of your resources. Resources which are created for each availability zone rather than each region should have the availability zone appended to the end of the ID that is the value of the "Name" tag. Previously, the full AWS region code was used, with dashes replaced by the null-label delimiter (which is dash by default, so usually no changes were made). Now the AZ code used is selectable and by default is Cloud Posse's new "short" code, which uses only digits and lower case letters.
Tags you specify as inputs to modules override any generated tags. This includes the "Name" tag. Some people are using code like this:
module "label" {
source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.16.0"
...
tags = var.tags
}
locals {
# THIS IS MISGUIDED. Do not merge tags. Supply the new tags and the modules will merge them for you.
tags = merge(module.label.tags, map(format("kubernetes.io/cluster/%s-%s-%s-eks-cluster", var.namespace, var.environment, var.stage), "shared"))
}
module "subnets" {
source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.22.0"
...
tags = local.tags
}
Because of the merge
, local.tags
includes a Name
tag which takes precedence over terraform-aws-dynamic-subnets
generated tags, preventing the module from enhancing the the Name
tag with additional disambiguation information. The merge
is not required, and instead you should just use
locals {
tags = map(format("kubernetes.io/cluster/%s-%s-%s-eks-cluster", var.namespace, var.environment, var.stage), "shared")
}
context.tf
and null-label
to v0.19.2Cloud Posse's AWS AZ short codes
Published by github-actions[bot] about 4 years ago
var.delimiter
with local.delimiter
in nat-instance.tf
null
valuePublished by github-actions[bot] about 4 years ago
Update to current standards
context.tf
go
modules.github
filesStandardization and interoperability
Published by nitrocode about 4 years ago
closes https://github.com/cloudposse/terraform-aws-dynamic-subnets/issues/42
Allow use of existing AWS Elastic IPs by IP address (resolves to allocation id via data source).
Sometimes its important to keep IP addresses for example to allow business customers granting these IPs in firewalls, a third party tool is configured to only allow certain IPs or there is already an existing IP pool to use. See also referenced issue.
/cc @osterman maybe? :)
Published by 3h4x over 4 years ago
Published by aknysh over 4 years ago
private_subnets_additional_tags
and public_subnets_additional_tags
variablesus-east-2
EKS requires tagging all subnets with kubernetes.io/cluster/<cluster-name>=shared
tag, but at the same time it requires tagging subnets with additional tags that are different for public and private subnets:
Private Subnet Tagging Requirement for Internal Load Balancers:
kubernetes.io/role/internal-elb=1
Public Subnet Tagging Option for External Load Balancers:
kubernetes.io/role/elb
This is required because EKS can't detect the type of subnets automatically
us-east-2
since we use it in all our tests and the us-west-1
region is very limitedPublished by maximmi almost 5 years ago
gateway
and instance
typesPublished by goruha almost 5 years ago