VED-26: Name subnets. Don't map public IPs to avoid hitting account limits.

mfjarvis · mfjarvis · commit c76d6c8470db · 2025-07-11T13:30:12.000+01:00
diff --git a/infra/networking.tf b/infra/networking.tf
@@ -1,28 +1,34 @@
 locals {
   public_subnet_config = [
     {
+      name              = "imms-${var.environment}-fhir-api-public-subnet-a"
       cidr_block        = "172.31.16.0/20"
       availability_zone = "eu-west-2a"
     },
     {
+      name              = "imms-${var.environment}-fhir-api-public-subnet-b"
       cidr_block        = "172.31.32.0/20"
       availability_zone = "eu-west-2b"
     },
     {
+      name              = "imms-${var.environment}-fhir-api-public-subnet-c"
       cidr_block        = "172.31.0.0/20"
       availability_zone = "eu-west-2c"
     }
   ]
   private_subnet_config = [
     {
+      name              = "imms-${var.environment}-fhir-api-private-subnet-a"
       cidr_block        = "172.31.48.0/20"
       availability_zone = "eu-west-2a"
     },
     {
+      name              = "imms-${var.environment}-fhir-api-private-subnet-b"
       cidr_block        = "172.31.64.0/20"
       availability_zone = "eu-west-2b"
     },
     {
+      name              = "imms-${var.environment}-fhir-api-private-subnet-c"
       cidr_block        = "172.31.80.0/20"
       availability_zone = "eu-west-2c"
     }
@@ -42,10 +48,13 @@ resource "aws_vpc" "default" {
 resource "aws_subnet" "public" {
   for_each = { for idx, subnet in local.public_subnet_config : idx => subnet }
 
-  vpc_id                  = aws_vpc.default.id
-  cidr_block              = each.value.cidr_block
-  availability_zone       = each.value.availability_zone
-  map_public_ip_on_launch = true
+  vpc_id            = aws_vpc.default.id
+  cidr_block        = each.value.cidr_block
+  availability_zone = each.value.availability_zone
+
+  tags = {
+    Name = each.value.name
+  }
 }
 
 resource "aws_internet_gateway" "default" {
@@ -83,6 +92,10 @@ resource "aws_subnet" "private" {
   vpc_id            = aws_vpc.default.id
   cidr_block        = each.value.cidr_block
   availability_zone = each.value.availability_zone
+
+  tags = {
+    Name = each.value.name
+  }
 }
 
 resource "aws_eip" "nat" {

Original file line number	Diff line number	Diff line change
`@@ -1,28 +1,34 @@`
`1`	`1`	`locals {`
`2`	`2`	`public_subnet_config = [`
`3`	`3`	`{`
	`4`	`+ name = "imms-${var.environment}-fhir-api-public-subnet-a"`
`4`	`5`	`cidr_block = "172.31.16.0/20"`
`5`	`6`	`availability_zone = "eu-west-2a"`
`6`	`7`	`},`
`7`	`8`	`{`
	`9`	`+ name = "imms-${var.environment}-fhir-api-public-subnet-b"`
`8`	`10`	`cidr_block = "172.31.32.0/20"`
`9`	`11`	`availability_zone = "eu-west-2b"`
`10`	`12`	`},`
`11`	`13`	`{`
	`14`	`+ name = "imms-${var.environment}-fhir-api-public-subnet-c"`
`12`	`15`	`cidr_block = "172.31.0.0/20"`
`13`	`16`	`availability_zone = "eu-west-2c"`
`14`	`17`	`}`
`15`	`18`	`]`
`16`	`19`	`private_subnet_config = [`
`17`	`20`	`{`
	`21`	`+ name = "imms-${var.environment}-fhir-api-private-subnet-a"`
`18`	`22`	`cidr_block = "172.31.48.0/20"`
`19`	`23`	`availability_zone = "eu-west-2a"`
`20`	`24`	`},`
`21`	`25`	`{`
	`26`	`+ name = "imms-${var.environment}-fhir-api-private-subnet-b"`
`22`	`27`	`cidr_block = "172.31.64.0/20"`
`23`	`28`	`availability_zone = "eu-west-2b"`
`24`	`29`	`},`
`25`	`30`	`{`
	`31`	`+ name = "imms-${var.environment}-fhir-api-private-subnet-c"`
`26`	`32`	`cidr_block = "172.31.80.0/20"`
`27`	`33`	`availability_zone = "eu-west-2c"`
`28`	`34`	`}`
`@@ -42,10 +48,13 @@ resource "aws_vpc" "default" {`
`42`	`48`	`resource "aws_subnet" "public" {`
`43`	`49`	`for_each = { for idx, subnet in local.public_subnet_config : idx => subnet }`
`44`	`50`
`45`		`- vpc_id = aws_vpc.default.id`
`46`		`- cidr_block = each.value.cidr_block`
`47`		`- availability_zone = each.value.availability_zone`
`48`		`- map_public_ip_on_launch = true`
	`51`	`+ vpc_id = aws_vpc.default.id`
	`52`	`+ cidr_block = each.value.cidr_block`
	`53`	`+ availability_zone = each.value.availability_zone`
	`54`	`+`
	`55`	`+ tags = {`
	`56`	`+ Name = each.value.name`
	`57`	`+ }`
`49`	`58`	`}`
`50`	`59`
`51`	`60`	`resource "aws_internet_gateway" "default" {`
`@@ -83,6 +92,10 @@ resource "aws_subnet" "private" {`
`83`	`92`	`vpc_id = aws_vpc.default.id`
`84`	`93`	`cidr_block = each.value.cidr_block`
`85`	`94`	`availability_zone = each.value.availability_zone`
	`95`	`+`
	`96`	`+ tags = {`
	`97`	`+ Name = each.value.name`
	`98`	`+ }`
`86`	`99`	`}`
`87`	`100`
`88`	`101`	`resource "aws_eip" "nat" {`