Add support for resource-specific tags

babbel · Sep 21, 2024 · b7ba36e · b7ba36e
1 parent d5b2576
commit b7ba36e
Show file tree

Hide file tree

Showing 7 changed files with 243 additions and 60 deletions.
diff --git a/README.md b/README.md
@@ -21,10 +21,5 @@ module "vpc" {
     gateway   = ["dynamodb", "s3"]
     interface = ["logs"]
   }
-
-  tags = {
-    app = "example"
-    env = "production"
-  }
 }
 ```
diff --git a/_test/main.tf b/_test/main.tf
@@ -17,5 +17,5 @@ module "vpc" {
   tags = {
     app = "example"
     env = "production"
-  }  
+  }
 }
diff --git a/availability-zone/main.tf b/availability-zone/main.tf
@@ -9,7 +9,7 @@ locals {
 resource "aws_route_table" "public" {
   vpc_id = var.vpc.id
 
-  tags = merge({ Name = "public - ${local.availability_zone}" }, var.tags)
+  tags = merge({ Name = "public - ${local.availability_zone}" }, var.default_tags, var.public_route_table_tags)
 }
 
 resource "aws_route" "internet_gateway" {
@@ -25,7 +25,7 @@ resource "aws_subnet" "public" {
   availability_zone       = local.availability_zone
   map_public_ip_on_launch = true
 
-  tags = merge({ Name = "public - ${local.availability_zone}" }, var.tags)
+  tags = merge({ Name = "public - ${local.availability_zone}" }, var.default_tags, var.public_subnet_tags)
 }
 
 resource "aws_route_table_association" "public" {
@@ -38,22 +38,22 @@ resource "aws_route_table_association" "public" {
 resource "aws_eip" "this" {
   domain = "vpc"
 
-  tags = merge({ Name = local.availability_zone }, var.tags)
+  tags = merge({ Name = local.availability_zone }, var.default_tags, var.nat_gateway_eip_tags)
 }
 
 resource "aws_nat_gateway" "this" {
   subnet_id     = aws_subnet.public.id
   allocation_id = aws_eip.this.id
 
-  tags = merge({ Name = local.availability_zone }, var.tags)
+  tags = merge({ Name = local.availability_zone }, var.default_tags, var.nat_gateway_tags)
 }
 
 # Private Subnet
 
 resource "aws_route_table" "private" {
   vpc_id = var.vpc.id
 
-  tags = merge({ Name = "private - ${local.availability_zone}" }, var.tags)
+  tags = merge({ Name = "private - ${local.availability_zone}" }, var.default_tags, var.private_route_table_tags)
 }
 
 resource "aws_route" "nat_gateway" {
@@ -69,7 +69,7 @@ resource "aws_subnet" "private" {
   availability_zone       = local.availability_zone
   map_public_ip_on_launch = false
 
-  tags = merge({ Name = "private - ${local.availability_zone}" }, var.tags)
+  tags = merge({ Name = "private - ${local.availability_zone}" }, var.default_tags, var.private_subnet_tags)
 }
 
 resource "aws_route_table_association" "private" {

diff --git a/availability-zone/variables.tf b/availability-zone/variables.tf
@@ -1,45 +1,106 @@
-variable "internet_gateway" {
-  description = "Internet Gateway which belongs to `var.vpc`"
+variable "default_tags" {
+  type    = map(string)
+  default = {}
 
+  description = <<EOS
+Map of tags assigned to all AWS resources created by this module.
+EOS
+}
+
+variable "internet_gateway" {
   type = object({
     id = string
   })
+
+  description = <<EOS
+Internet Gateway which belongs to `var.vpc`
+EOS
 }
 
-variable "subnet_bits" {
+variable "nat_gateway_eip_tags" {
+  type    = map(string)
+  default = {}
+
   description = <<EOS
-Number of bits to add to the VPC CIDR to get the size of the subnet CIDR
+Map of tags assigned to the NAT Gateway EIP.
+EOS
+}
 
-This will be the `newbits` argument of [`cidrsubnet`](https://www.terraform.io/docs/language/functions/cidrsubnet.html).
+variable "nat_gateway_tags" {
+  type    = map(string)
+  default = {}
+
+  description = <<EOS
+Map of tags assigned to the NAT Gateway
 EOS
+}
 
-  type = number
+variable "private_route_table_tags" {
+  type    = map(string)
+  default = {}
+
+  description = <<EOS
+Map of tags assigned to the private route table.
+EOS
 }
 
-variable "subnet_index" {
+variable "private_subnet_tags" {
+  type    = map(string)
+  default = {}
+
   description = <<EOS
-The number of the subnet which will be used to calculate the subnet CIDR
+Map of tags assigned to the private subnet.
+EOS
+}
 
-This will be used in the `netnum` argument of [`cidrsubnet`](https://www.terraform.io/docs/language/functions/cidrsubnet.html):
+variable "public_route_table_tags" {
+  type    = map(string)
+  default = {}
 
-* for the public subnet, it will be `2 * var.subnet_index`,
-* for the private subnet, it will be `2 * var.subnet_index + 1`.
+  description = <<EOS
+Map of tags assigned to the public route table.
+EOS
+}
+
+variable "public_subnet_tags" {
+  type    = map(string)
+  default = {}
+
+  description = <<EOS
+Map of tags assigned to the public subnet.
 EOS
+}
 
+variable "subnet_bits" {
   type = number
+
+  description = <<EOS
+Number of bits to add to the VPC CIDR to get the size of the subnet CIDR.
+
+This will be the `newbits` argument of [`cidrsubnet`](https://www.terraform.io/docs/language/functions/cidrsubnet.html).
+EOS
 }
 
-variable "tags" {
-  description = "Map of tags to assign to all resources supporting tags (in addition to the `Name` tag)"
+variable "subnet_index" {
+  type = number
+
+  description = <<EOS
+The number of the subnet which will be used to calculate the subnet CIDR.
 
-  type = map(string)
+This will be used in the `netnum` argument of [`cidrsubnet`](https://www.terraform.io/docs/language/functions/cidrsubnet.html):
+
+* for the public subnet, it will be `2 * var.subnet_index`,
+* for the private subnet, it will be `2 * var.subnet_index + 1`.
+EOS
 }
 
 variable "vpc" {
-  description = "VPC in which the subnets and routing tables will be created"
-
   type = object({
     id         = string
     cidr_block = string
   })
+
+  description = <<EOS
+VPC in which the subnets and routing tables will be created.
+EOS
 }
diff --git a/main.tf b/main.tf
@@ -9,15 +9,15 @@ resource "aws_vpc" "this" {
   enable_dns_support   = true
   enable_dns_hostnames = true
 
-  tags = merge({ Name = var.name }, var.tags)
+  tags = merge({ Name = var.name }, var.default_tags, var.vpc_tags)
 }
 
 # Internet Gateway
 
 resource "aws_internet_gateway" "this" {
   vpc_id = aws_vpc.this.id
 
-  tags = merge({ Name = var.name }, var.tags)
+  tags = merge({ Name = var.name }, var.default_tags, var.internet_gateway_tags)
 }
 
 # Pairs of Public-Private Subnets per Availability Zone
@@ -32,7 +32,14 @@ module "availability_zone" {
   subnet_bits  = var.subnet_bits
   subnet_index = count.index
 
-  tags = var.tags
+  nat_gateway_eip_tags     = var.nat_gateway_eip_tags
+  nat_gateway_tags         = var.nat_gateway_tags
+  private_route_table_tags = var.private_route_table_tags
+  private_subnet_tags      = var.private_subnet_tags
+  public_route_table_tags  = var.public_route_table_tags
+  public_subnet_tags       = var.public_subnet_tags
+
+  default_tags = var.default_tags
 }
 
 # Subnet Groups (RDS, ElastiCache)
@@ -45,7 +52,7 @@ resource "aws_db_subnet_group" "this" {
 
   subnet_ids = module.availability_zone[*].private_subnet.id
 
-  tags = var.tags
+  tags = merge(var.default_tags, var.db_subnet_group_tags)
 }
 
 resource "aws_elasticache_subnet_group" "this" {
@@ -69,7 +76,7 @@ resource "aws_vpc_endpoint" "gateway" {
 
   route_table_ids = module.availability_zone[*].private_route_table.id
 
-  tags = merge({ Name = each.key }, var.tags)
+  tags = merge({ Name = each.key }, var.default_tags, var.gateway_vpc_endpoint_tags)
 }
 
 # VPC Endpoints: type `Interface`
@@ -86,7 +93,7 @@ resource "aws_vpc_endpoint" "interface" {
   subnet_ids         = module.availability_zone[*].private_subnet.id
   security_group_ids = [aws_security_group.vpc-endpoints-interface[0].id]
 
-  tags = merge({ Name = each.key }, var.tags)
+  tags = merge({ Name = each.key }, var.default_tags, var.interface_vpc_endpoint_tags)
 
   depends_on = [
     aws_security_group_rule.vpc-endpoints-interface-ingress,
@@ -102,7 +109,7 @@ resource "aws_security_group" "vpc-endpoints-interface" {
   name        = "vpc-endpoints-interface"
   description = "VPC Endpoints Interface"
 
-  tags = merge({ Name = "VPC Endpoints Interface" }, var.tags)
+  tags = merge({ Name = "VPC Endpoints Interface" }, var.default_tags, var.interface_vpc_endpoint_security_group_tags)
 
   lifecycle {
     create_before_destroy = true

diff --git a/outputs.tf b/outputs.tf
@@ -1,11 +1,11 @@
 output "db_subnet_group" {
   description = "DB subnet group containing all private subnets"
-  value = var.create_db_subnet_group ? aws_db_subnet_group.this[0] : null
+  value       = var.create_db_subnet_group ? aws_db_subnet_group.this[0] : null
 }
 
 output "elasticache_subnet_group" {
   description = "ElastiCache subnet group containing all private subnets"
-  value = var.create_elasticache_subnet_group ? aws_elasticache_subnet_group.this[0] : null
+  value       = var.create_elasticache_subnet_group ? aws_elasticache_subnet_group.this[0] : null
 }
 
 output "private_subnets" {