Merge pull request #5 from spring-media/ocp-maps/pen-50

feat: Add secondary IPAM CIDR feature from PR terraform-aws-modules#1074 of the VPC module
spring-media · Sep 4, 2024 · 0c9321f · 0c9321f
2 parents d192215 + 518cead
commit 0c9321f
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 3 deletions.
diff --git a/.spacelift/config.yml b/.spacelift/config.yml
@@ -1,2 +1,3 @@
 version: 1
-module_version: 0.2.0
+
+module_version: 0.3.0
diff --git a/main.tf b/main.tf
@@ -17,8 +17,7 @@ locals {
   )
 
   # Use `local.vpc_id` to give a hint to Terraform that subnets should be deleted before secondary CIDR blocks can be free!
-  vpc_id = try(aws_vpc_ipv4_cidr_block_association.this[0].vpc_id, aws_vpc.this[0].id, "")
-
+  vpc_id = try(aws_vpc_ipv4_cidr_block_association.this[0].vpc_id, aws_vpc_ipv4_cidr_block_association.ipam[0].vpc_id, aws_vpc.this[0].id, "")
   create_vpc = var.create_vpc && var.putin_khuylo
 }
 
@@ -60,6 +59,16 @@ resource "aws_vpc_ipv4_cidr_block_association" "this" {
   cidr_block = element(var.secondary_cidr_blocks, count.index)
 }
 
+resource "aws_vpc_ipv4_cidr_block_association" "ipam" {
+  count = local.create_vpc && length(var.secondary_ipam_pool_ids) > 0 ? length(var.secondary_ipam_pool_ids) : 0
+
+  # Do not turn this into `local.vpc_id`
+  vpc_id = aws_vpc.this[0].id
+
+  ipv4_ipam_pool_id   = element(var.secondary_ipam_pool_ids, count.index)
+  ipv4_netmask_length = element(var.secondary_ipam_pool_netmask, count.index)
+}
+
 ################################################################################
 # DHCP Options Set
 ################################################################################

diff --git a/outputs.tf b/outputs.tf
@@ -74,6 +74,11 @@ output "vpc_secondary_cidr_blocks" {
   value       = compact(aws_vpc_ipv4_cidr_block_association.this[*].cidr_block)
 }
 
+output "vpc_secondary_cidr_blocks_ipam" {
+  description = "List of secondary CIDR blocks allocated from the IPAM for the VPC"
+  value       = compact(aws_vpc_ipv4_cidr_block_association.ipam[*].cidr_block)
+}
+
 output "vpc_owner_id" {
   description = "The ID of the AWS account that owns the VPC"
   value       = try(aws_vpc.this[0].owner_id, null)
@@ -735,3 +740,4 @@ output "tgw_att_name" {
   description = "Name of the TGW attachment"
   value       = try(aws_ec2_transit_gateway_vpc_attachment.tgw[0].tags["Name"], "")
 }
+
diff --git a/variables.tf b/variables.tf
@@ -1835,3 +1835,18 @@ variable "tgw_acl_tags" {
   type        = map(string)
   default     = {}
 }
+
+################################################################################
+# Secondary IPAM
+################################################################################
+
+variable "secondary_ipam_pool_ids" {
+  description = "List of secondary IPAM pool IDs to associate with the VPC to extend the IP Address pool"
+  type        = list(string)
+  default     = []
+}
+
+variable "secondary_ipam_pool_netmask" {
+  description = "List of secondary IPAM pool netmasks to associate with the VPC to extend the IP Address pool"
+  type        = list(number)
+}