feat: Added a new property to the subnet input variable map, disable_auto_addr_prefix, that if set to "true" will not automatically create a new matching address prefix for the subnet, no matter the condition. (#741)

Author: toddgiguere

README.md

@@ -180,7 +180,7 @@ To attach access management tags to resources in this module, you need the follo
 | <a name="input_routing_table_name"></a> [routing\_table\_name](#input\_routing\_table\_name) | The name to give the provisioned routing tables. If not set, the module generates a name based on the `prefix` and `name` variables. | `string` | `null` | no |
 | <a name="input_security_group_rules"></a> [security\_group\_rules](#input\_security\_group\_rules) | A list of security group rules to be added to the default vpc security group (default empty) | <pre>list(<br>    object({<br>      name      = string<br>      direction = string<br>      remote    = string<br>      tcp = optional(<br>        object({<br>          port_max = optional(number)<br>          port_min = optional(number)<br>        })<br>      )<br>      udp = optional(<br>        object({<br>          port_max = optional(number)<br>          port_min = optional(number)<br>        })<br>      )<br>      icmp = optional(<br>        object({<br>          type = optional(number)<br>          code = optional(number)<br>        })<br>      )<br>    })<br>  )</pre> | `[]` | no |
 | <a name="input_skip_custom_resolver_hub_creation"></a> [skip\_custom\_resolver\_hub\_creation](#input\_skip\_custom\_resolver\_hub\_creation) | Indicates whether to skip the configuration of a custom resolver in the hub VPC. Only relevant if enable\_hub is set to true. | `bool` | `false` | no |
-| <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addressess. Public gateways will be enabled only in zones where a gateway has been created | <pre>object({<br>    zone-1 = list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    }))<br>    zone-2 = optional(list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    })))<br>    zone-3 = optional(list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>    })))<br>  })</pre> | <pre>{<br>  "zone-1": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.10.10.0/24",<br>      "name": "subnet-a",<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-2": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.20.10.0/24",<br>      "name": "subnet-b",<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-3": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.30.10.0/24",<br>      "name": "subnet-c",<br>      "public_gateway": false<br>    }<br>  ]<br>}</pre> | no |
+| <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addressess. Public gateways will be enabled only in zones where a gateway has been created | <pre>object({<br>    zone-1 = list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br>    }))<br>    zone-2 = optional(list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br>    })))<br>    zone-3 = optional(list(object({<br>      name           = string<br>      cidr           = string<br>      public_gateway = optional(bool)<br>      acl_name       = string<br>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br>    })))<br>  })</pre> | <pre>{<br>  "zone-1": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.10.10.0/24",<br>      "name": "subnet-a",<br>      "no_addr_prefix": false,<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-2": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.20.10.0/24",<br>      "name": "subnet-b",<br>      "no_addr_prefix": false,<br>      "public_gateway": true<br>    }<br>  ],<br>  "zone-3": [<br>    {<br>      "acl_name": "vpc-acl",<br>      "cidr": "10.30.10.0/24",<br>      "name": "subnet-c",<br>      "no_addr_prefix": false,<br>      "public_gateway": false<br>    }<br>  ]<br>}</pre> | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | List of Tags for the resource created | `list(string)` | `null` | no |
 | <a name="input_update_delegated_resolver"></a> [update\_delegated\_resolver](#input\_update\_delegated\_resolver) | If set to true, and if the vpc is configured to be a spoke for DNS resolution (enable\_hub\_vpc\_crn or enable\_hub\_vpc\_id set), then the spoke VPC resolver will be updated to a delegated resolver. | `bool` | `false` | no |
 | <a name="input_use_existing_dns_instance"></a> [use\_existing\_dns\_instance](#input\_use\_existing\_dns\_instance) | Whether to use an existing dns instance. If true, existing\_dns\_instance\_id must be set. | `bool` | `false` | no |

dynamic_values/subnet.tf

@@ -16,6 +16,7 @@ locals {
         zone        = index(keys(var.subnets), zone) + 1                    # Zone 1, 2, or 3
         zone_name   = "${var.region}-${index(keys(var.subnets), zone) + 1}" # Contains region and zone
         cidr        = value.cidr                                            # CIDR Block
+        no_prefix   = value.no_addr_prefix                                  # If true will not create addr prefix for subnet under any circumstance
         count       = index(var.subnets[zone], value) + 1                   # Count of the subnet within the zone
         acl         = value.acl_name
         # Public gateway ID

dynamic_values/variables.tf

@@ -187,18 +187,21 @@ variable "subnets" {
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false)
     }))
     zone-2 = list(object({
       name           = string
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false)
     }))
     zone-3 = list(object({
       name           = string
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false)
     }))
   })
 }

subnet.tf

@@ -17,7 +17,8 @@ locals {
 
 resource "ibm_is_vpc_address_prefix" "subnet_prefix" {
   # Address prefixes replace subnet prefixes
-  for_each = length(local.address_prefixes) > 0 || !var.create_subnets ? {} : local.subnet_object
+  # Only create prefix if creating subnets, flag not set to disable prefix creation, and no specific prefixes were supplied
+  for_each = { for k, v in local.subnet_object : k => v if(v.no_prefix == false && var.create_subnets == true && length(local.address_prefixes) == 0) }
   name     = each.value.prefix_name
   zone     = each.value.zone_name
   vpc      = local.vpc_id
@@ -37,7 +38,7 @@ resource "ibm_is_subnet" "subnet" {
   name            = each.key
   zone            = each.value.zone_name
   resource_group  = var.resource_group_id
-  ipv4_cidr_block = length(keys(local.address_prefixes)) == 0 ? ibm_is_vpc_address_prefix.subnet_prefix[each.value.prefix_name].cidr : each.value.cidr
+  ipv4_cidr_block = length(keys(local.address_prefixes)) == 0 && !each.value.no_prefix ? ibm_is_vpc_address_prefix.subnet_prefix[each.value.prefix_name].cidr : each.value.cidr
   network_acl     = ibm_is_network_acl.network_acl[each.value.acl].id
   public_gateway  = each.value.public_gateway
   tags            = var.tags

variables.tf

@@ -324,18 +324,21 @@ variable "subnets" {
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true
     }))
     zone-2 = optional(list(object({
       name           = string
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true
     })))
     zone-3 = optional(list(object({
       name           = string
       cidr           = string
       public_gateway = optional(bool)
       acl_name       = string
+      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true
     })))
   })
 
@@ -346,6 +349,7 @@ variable "subnets" {
         cidr           = "10.10.10.0/24"
         public_gateway = true
         acl_name       = "vpc-acl"
+        no_addr_prefix = false
       }
     ],
     zone-2 = [
@@ -354,6 +358,7 @@ variable "subnets" {
         cidr           = "10.20.10.0/24"
         public_gateway = true
         acl_name       = "vpc-acl"
+        no_addr_prefix = false
       }
     ],
     zone-3 = [
@@ -362,6 +367,7 @@ variable "subnets" {
         cidr           = "10.30.10.0/24"
         public_gateway = false
         acl_name       = "vpc-acl"
+        no_addr_prefix = false
       }
     ]
   }