search

aws-ia / terraform-aws-vpc

AWS VPC Module
https://registry.terraform.io/modules/aws-ia/vpc/aws/latest
Apache License 2.0
92 stars 98 forks source link

Subnets should be a generic map of subnets #57

Closed drewmullen closed 2 years ago

drewmullen commented 2 years ago

Proposed idea: do not enforce naming conventions on subnet types (private, public, transit_gateway, etc). This will allow users to create arbitrary subnet amounts. For example, currently, users can only create 1 grouping of private subnets.

Idea 1: create abstract module concepts for each and allow users to specify in the map itself:

Pros/Cons:

subnets = {
  myprivate = {
    type         = "private"
    netmask      = 24
    route_to_nat = "publicsubnets"
  }

  publicsubnets = {
    type                      = "public"
    netmask                   = 24
    nat_gateway_configuration = "all_azs" # options: "single_az", "none"
  }
}

Idea 2: create generic subnet module and allow any variable to be passed:

Pros/Cons:

subnets = {
  myprivate = {
    netmask      = 24
    route_to_nat = "publicsubnets"
    routes = [{
       subnet  = "tgw"
       cidr    = "10.0.0.0/8"
    },
    {
       subnet = "nat"
       cidr   = "0.0.0.0/0"
  }]]
  }

  publicsubnets = {
    type     = "public"
    netmask  = 24
    nat_gateway_configuration = "all_azs" # options: "single_az", "none"
    routes = [{
       subnet = "tgw"
       cidr   = "10.0.0.0/8"
    },
    {
       subnet = "igw"
       cidr   = "0.0.0.0/0"
    }]
}

idea 2 open questions:

drewmullen commented 2 years ago

routing ideas:

specific per appliance:

route_to_nat = {
  subnet = "publicsubnets"
  cidr   = "10.0.0.0/8"
}

generic:

routes = [{
  subnet      = "tgw"
  cidr        = "10.0.0.0/8"
  appliance   = "tgw" # static list of available options?
}]
drewmullen commented 2 years ago

Reality is that we can have 2 hardcoded types: public, transit_gateway. You will only ever have 1 of each of those

private subnets are the oddity here because you can have n private subnets