Merge pull request #2 from HasseJohansen/feat/disable-public-default-route

Make default opposite to match existing vars

Author: HasseJohansen

README.md

@@ -557,7 +557,7 @@ No modules.
 | <a name="input_propagate_public_route_tables_vgw"></a> [propagate\_public\_route\_tables\_vgw](#input\_propagate\_public\_route\_tables\_vgw) | Should be true if you want route table propagation | `bool` | `false` | no |
 | <a name="input_public_acl_tags"></a> [public\_acl\_tags](#input\_public\_acl\_tags) | Additional tags for the public subnets network ACL | `map(string)` | `{}` | no |
 | <a name="input_public_dedicated_network_acl"></a> [public\_dedicated\_network\_acl](#input\_public\_dedicated\_network\_acl) | Whether to use dedicated network ACL (not default) and custom rules for public subnets | `bool` | `false` | no |
-| <a name="input_public_disable_default_route"></a> [public\_disable\_default\_route](#input\_public\_disable\_default\_route) | Disable default route to internet gateway for public subnets | `bool` | `false` | no |
+| <a name="input_public_enable_default_route"></a> [public\_enable\_default\_route](#input\_public\_enable\_default\_route) | Disable default route to internet gateway for public subnets | `bool` | `true` | no |
 | <a name="input_public_inbound_acl_rules"></a> [public\_inbound\_acl\_rules](#input\_public\_inbound\_acl\_rules) | Public subnets inbound network ACLs | `list(map(string))` | <pre>[<br/>  {<br/>    "cidr_block": "0.0.0.0/0",<br/>    "from_port": 0,<br/>    "protocol": "-1",<br/>    "rule_action": "allow",<br/>    "rule_number": 100,<br/>    "to_port": 0<br/>  }<br/>]</pre> | no |
 | <a name="input_public_outbound_acl_rules"></a> [public\_outbound\_acl\_rules](#input\_public\_outbound\_acl\_rules) | Public subnets outbound network ACLs | `list(map(string))` | <pre>[<br/>  {<br/>    "cidr_block": "0.0.0.0/0",<br/>    "from_port": 0,<br/>    "protocol": "-1",<br/>    "rule_action": "allow",<br/>    "rule_number": 100,<br/>    "to_port": 0<br/>  }<br/>]</pre> | no |
 | <a name="input_public_route_table_tags"></a> [public\_route\_table\_tags](#input\_public\_route\_table\_tags) | Additional tags for the public route tables | `map(string)` | `{}` | no |

main.tf

@@ -186,7 +186,7 @@ resource "aws_route_table_association" "public" {
 }
 
 resource "aws_route" "public_internet_gateway" {
-  count = alltrue([local.create_public_subnets, var.create_igw, var.public_disable_default_route]) ? local.num_public_route_tables : 0
+  count = alltrue([local.create_public_subnets, var.create_igw, var.public_enable_default_route]) ? local.num_public_route_tables : 0
 
   route_table_id         = aws_route_table.public[count.index].id
   destination_cidr_block = "0.0.0.0/0"
@@ -198,7 +198,7 @@ resource "aws_route" "public_internet_gateway" {
 }
 
 resource "aws_route" "public_internet_gateway_ipv6" {
-  count = alltrue([local.create_public_subnets, var.create_igw, var.enable_ipv6, var.public_disable_default_route]) ? local.num_public_route_tables : 0
+  count = alltrue([local.create_public_subnets, var.create_igw, var.enable_ipv6, var.public_enable_default_route]) ? local.num_public_route_tables : 0
 
   route_table_id              = aws_route_table.public[count.index].id
   destination_ipv6_cidr_block = "::/0"

variables.tf

@@ -274,10 +274,10 @@ variable "public_route_table_tags" {
   default     = {}
 }
 
-variable "public_disable_default_route" {
+variable "public_enable_default_route" {
   description = "Disable default route to internet gateway for public subnets"
   type        = bool
-  default     = false
+  default     = true
 }
 
 ################################################################################