fix: enable nat gateway when only private subnets are enabled

wadhah101 commented 6 months ago

what

Enabled Nat gateway creation when the module does not create public IPs
Linked the nat gateway with the private subnet instead

why

The default resource of Nat gateway will fail if public_subnets_enabled=false due to it using the first public subnet by default

references

joe-niland commented 6 months ago

Hi @wadhah101 just confirming - what use case are you solving here?

wadhah101 commented 6 months ago

Hi @joe-niland this for the case when

module "subnetprv" {
  source  = "cloudposse/dynamic-subnets/aws"
  version = "2.4.2"

  vpc_id          = module.vpc.vpc_id
  igw_id          = [module.vpc.igw_id]
  ipv4_cidr_block = ["10.10.1.0/24"]

  public_route_table_enabled             = false
  public_open_network_acl_enabled        = false
  ipv4_public_instance_hostnames_enabled = false

  nat_gateway_enabled = true
  public_subnets_enabled  = false
  private_subnets_enabled = true  # the issue is when only private subnets are enabled

  metadata_http_endpoint_enabled = true
  availability_zones             = data.aws_availability_zones.available.names

  context = module.label.context
}

The module will crash when trying to create the nat_gateway, because it's hardcoded to use the public subnets only. But the gateway default config says it should be enabled even for when we only have private subnets.

cloudposse / terraform-aws-dynamic-subnets

fix: enable nat gateway when only private subnets are enabled #206

what

why

references