search

aws-ia / terraform-aws-ipam

Terraform Module for create AWS IPAM Resources
https://registry.terraform.io/modules/aws-ia/ipam/aws/latest
Apache License 2.0
50 stars 31 forks source link

making the subnet slicing for netmask_length dynamic based on the top_cidr #56

Closed ukohae closed 1 year ago

ukohae commented 1 year ago

Hello @drewmullen I have another random question.

How I make the subnet slicing value for netmask_length dynamic based on the top_cidr

For example

module "basic" {
  # source  = "aws-ia/ipam/aws"
  source = "../.."

  top_cidr = ["10.0.0.0/8"]
  top_name = "basic ipam"

  pool_configurations = {
    corporate-us-west-2 = {
      description = "2nd level, locale us-west-2 pool"
      cidr        = ["10.0.0.0/16", "10.1.0.0/16"]

      sub_pools = {

        sandbox = {
          name                 = "mysandbox"
          netmask_length = ### need a dynamic slicing value here ###
          ram_share_principals = var.sandbox_ou_arn
          allocation_resource_tags = {
            env = "sandbox"
          }
        }
        dev = {
          netmask_length = 20

          sub_pools = {
            team_a = {
             netmask_length = ### need a dynamic slicing value here ###
              ram_share_principals = var.prod_account # prod account
              locale               = "us-west-2"
            }

            team_b = {
              netmask_length = ### need a dynamic slicing value here ###
              ram_share_principals = var.prod_account # prod account
            }
          }
        }
        prod = {
          netmask_length = ### need a dynamic slicing value here ###
          locale = "us-west-2"

          sub_pools = {
            team_a = {
              netmask_length = ### need a dynamic slicing value here ###
              ram_share_principals = var.prod_account # prod account
            }

            team_b = {
              netmask_length = ### need a dynamic slicing value here ###
              ram_share_principals = var.prod_account # prod account
            }
          }
        }
      }
    }
    us-east-1 = {
      netmask_length = ### need a dynamic slicing value here ###
      locale = "us-east-1"

      sub_pools = {

        team_a = {
          netmask_length = ### need a dynamic slicing value here ###
          ram_share_principals = var.prod_ou_arn
        }

        team_b = {
          netmask_length = ### need a dynamic slicing value here ###
          ram_share_principals = var.prod_ou_arn
        }
      }
    }
  }
}

I don't want to hardcode each values of the netmask_length

Thanks in advance

drewmullen commented 1 year ago

Hi @ukohae, thank you for opening this issue.

You must pass either a Cidr or netmask value to each pool. If you want to further abstract the nested pools you'd have to use the awsipam* resources natively

ukohae commented 1 year ago

Thanks for the information. One more final question @drewmullen

I noticed in the cidr we have two values.

I have a scenario in my environment where we have a list of cidrs i.e cidr =[ cidr1, cidr2]

what are the netmask_length?

drewmullen commented 1 year ago

You can only pass a single netmask length to that parameter. Most people specify the full cidrs so they have more control