Updated to allow Name tag creation of the BPA Resource

Gary Mclean · Gary Mclean · commit 060e1dde6475 · 2025-02-12T17:39:08.000Z
diff --git a/examples/block-public-access/README.md b/examples/block-public-access/README.md
@@ -45,12 +45,14 @@ or at the subnet level e.g.:
 vpc_block_public_access_exclusions = {
     exclude_subnet_private1 = {
         exclude_subnet                  = true
+        exclude_name                    = "private-subnet-1"
         subnet_type                     = "private"
         subnet_index                    = 1
         internet_gateway_exclusion_mode = "allow-egress"
     }
     exclude_subnet_private2 = {
         exclude_subnet                  = true
+        exclude_name                    = "private-subnet-2"
         subnet_type                     = "private"
         subnet_index                    = 2
         internet_gateway_exclusion_mode = "allow-egress"
@@ -62,6 +64,7 @@ One of `exclude_vpc` or `exclude_subnet` must be set to true.
 Value of `subnet_type` can be `public`, `private`, `database`, `redshift`, `elasticache`, `intra` or `custom`.
 Value of `subnet_index` is the index of the subnet in the corresponding subnet list.
 Value of `internet_gateway_exclusion_mode` can be `allow-egress` and `allow-bidirectional`.
+Value of `exclude_name` is string value of the Name tag for the resource. If omitted, the default name of VPC Name-bpa-exclusion is applied.
 
 After deployment, VPC block public access options can be verified with the following command:
 
diff --git a/examples/block-public-access/main.tf b/examples/block-public-access/main.tf
@@ -48,12 +48,14 @@ module "vpc" {
   # vpc_block_public_access_exclusions = {
   #   exclude_subnet_private1 = {
   #     exclude_subnet                  = true
+  #     exclude_name                    = "private-subnet-1"
   #     subnet_type                     = "private"
   #     subnet_index                    = 1
   #     internet_gateway_exclusion_mode = "allow-egress"
   #   }
   #   exclude_subnet_private2 = {
   #     exclude_subnet                  = true
+  #     exclude_name                    = "private-subnet-2"
   #     subnet_type                     = "private"
   #     subnet_index                    = 2
   #     internet_gateway_exclusion_mode = "allow-egress"
diff --git a/main.tf b/main.tf
@@ -86,7 +86,9 @@ resource "aws_vpc_block_public_access_exclusion" "this" {
 
   internet_gateway_exclusion_mode = each.value.internet_gateway_exclusion_mode
 
-  tags = var.tags
+  tags = merge(
+    { "Name" = try(coalesce(each.value.exclude_name), "${var.name}-bpa-exclusion") },
+  var.tags, )
 }
 
 ################################################################################

Original file line number	Diff line number	Diff line change
`@@ -86,7 +86,9 @@ resource "aws_vpc_block_public_access_exclusion" "this" {`
`86`	`86`
`87`	`87`	`internet_gateway_exclusion_mode = each.value.internet_gateway_exclusion_mode`
`88`	`88`
`89`		`- tags = var.tags`
	`89`	`+ tags = merge(`
	`90`	`+ { "Name" = try(coalesce(each.value.exclude_name), "${var.name}-bpa-exclusion") },`
	`91`	`+ var.tags, )`
`90`	`92`	`}`
`91`	`93`
`92`	`94`	`################################################################################`