Merge pull request #50 from DNXLabs/feature/igw_attachment

Feature/igw attachment
DNXLabs · May 12, 2024 · f0e0736 · f0e0736
2 parents 49b281f + a8bf9da
commit f0e0736
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -42,17 +42,10 @@ module "network" {
 
 ## Requirements
 
-For releases <= `1.8.5`
-
-| Name | Version |
-|------|---------|
-| terraform | >= 0.14.0 |
-
-For releases > `1.8.5`
-
 | Name | Version |
 |------|---------|
 | terraform | >= 1.3.0 |
+| terraform | >= 0.14.0 |
 
 ## Providers
 
@@ -64,6 +57,7 @@ For releases > `1.8.5`
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| attachInternetGateway | To attach or not the internet gateway within the public subnet. | `boolean` | `true` | no |
 | byoip | Enable module to use your own Elastic IPs (Bring Your Own IP) | `bool` | `false` | no |
 | cf\_export\_name | Name prefix for the export resources of the cloud formation output | `string` | `""` | no |
 | eip\_allocation\_ids | User-specified primary or secondary private IP address to associate with the Elastic IP address | `list(string)` | `[]` | no |

diff --git a/_variables.tf b/_variables.tf
@@ -323,4 +323,10 @@ variable "kms_key_arn" {
   type        = string
   default     = ""
   description = "The ARN of the KMS Key to use when encrypting log data."
-}
+}
+
+variable "attachInternetGateway" {
+  type        = boolean
+  default     = true
+  description = "To attach or not the internet gateway within the public subnet."
+}
diff --git a/subnet-public.tf b/subnet-public.tf
@@ -39,7 +39,7 @@ resource "aws_route_table" "public" {
 resource "aws_route" "public_internet_route" {
   route_table_id         = aws_route_table.public.id
   destination_cidr_block = "0.0.0.0/0"
-  gateway_id             = var.network_firewall ? null : aws_internet_gateway.default.id
+  gateway_id             = var.network_firewall ? null : (var.attachInternetGateway ? aws_internet_gateway.default.id : null)
   vpc_endpoint_id        = var.network_firewall ? (aws_networkfirewall_firewall.default[0].firewall_status[0].sync_states[*].attachment[0].endpoint_id)[0] : null
 
   lifecycle {
@@ -68,4 +68,4 @@ resource "aws_vpc_endpoint_route_table_association" "dynamodb_public" {
   count           = var.vpc_endpoint_dynamodb_gateway ? 1 : 0
   route_table_id  = aws_route_table.public.id
   vpc_endpoint_id = aws_vpc_endpoint.dynamodb[0].id
-}
+}