SpaghettiKat45
commented
2 months ago Looks like it should be updated to the following in main.tf line 231 - 253
resource "aws_subnet" "private" {
for_each = toset(try(local.private_per_az, []))
availability_zone = split("/", each.key)[1]
vpc_id = local.vpc.id
cidr_block = can(local.calculated_subnets[split("/", each.key)[0]][split("/", each.key)[1]]) ? local.calculated_subnets[split("/", each.key)[0]][split("/", each.key)[1]] : null
ipv6_cidr_block = can(local.calculated_subnets_ipv6[split("/", each.key)[0]][split("/", each.key)[1]]) ? local.calculated_subnets_ipv6[split("/", each.key)[0]][split("/", each.key)[1]] : null
ipv6_native = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : false
map_public_ip_on_launch = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? null : false
assign_ipv6_address_on_creation = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : try(var.subnets[split("/", each.key)[0]].assign_ipv6_address_on_creation, false)
enable_resource_name_dns_aaaa_record_on_launch = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : try(var.subnets[split("/", each.key)[0]].enable_resource_name_dns_aaaa_record_on_launch, false)
enable_dns64 = try(var.subnets[split("/", each.key)[0]].enable_dns64, false)
tags = merge(
{ Name = "${local.subnet_names[split("/", each.key)[0]]}-${split("/", each.key)[1]}" },
module.tags.tags_aws,
try(module.subnet_tags[split("/", each.key)[0]].tags_aws, {})
)
depends_on = [
aws_vpc_ipv4_cidr_block_association.secondary
]
}
Changing the 'assign_ipv6_address_on_creation' between true and false has no effect. This means that when trying to build a Fargate backed cluster for EKS I cannot use the dual stack subnet as it is not auto assigning ipv6 addresses to the ENIs.
Additionally, I don't see any setting in the module to enable dns64 for the dual stack subnets which would also be helpful. Let me know if there is something I am missing.