Update network.tf

akananth · web-flow · commit b1ec39344814 · 2025-02-11T22:34:51.000-06:00
diff --git a/infra/network.tf b/infra/network.tf
@@ -1,13 +1,21 @@
 ############################ VPC ############################
 
 # Create VPC, subnets, route tables, and IGW
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+locals {
+  valid_azs = [for az in data.aws_availability_zones.available.names : az if az != "us-west-1a"]
+}
+
 module "vpc" {
   source               = "terraform-aws-modules/vpc/aws"
   version              = ">= 4.0"
   name                 = "${var.project_prefix}-vpc-${random_id.build_suffix.hex}"
   cidr                 = var.cidr
-  azs                  = var.azs
-  enable_dns_support = true
+  azs                  = local.valid_azs
+  enable_dns_support   = true
   enable_dns_hostnames = true
   tags = {
     resource_owner = var.resource_owner
@@ -23,71 +31,43 @@ resource "aws_internet_gateway" "igw" {
 }
 
 module subnet_addrs {
-  for_each = toset(var.azs)
+  for_each = toset(local.valid_azs)
   source          = "hashicorp/subnets/cidr"
   version         = ">= 1.0.0"
-  base_cidr_block = cidrsubnet(module.vpc.vpc_cidr_block,4,index(var.azs,each.key))
-  /*
-VPC CIDR = 10.0.0.0/16
-AZ1 = 10.0.0.0/20
-AZ2 = 10.0.16.0/20
-*/
+  base_cidr_block = cidrsubnet(module.vpc.vpc_cidr_block,4,index(local.valid_azs,each.key))
   networks        = [
-    {
-      name     = "management"
-      new_bits = 8
-      #10.0.0.0/28
-      #10.0.16.0/28
-    },
-    {
-      name     = "internal"
-      new_bits = 6
-      #10.0.0.64/26
-      #10.0.16.64/26
-    },
-    {
-      name     = "external"
-      new_bits = 6
-      #10.0.0.128/26
-      #10.0.16.128/26
-    },
-    {
-      name     = "app-cidr"
-      new_bits = 4
-      #10.0.1.0/24 EC2
-      #10.0.17.0/24 EKS
-    }
+    { name = "management", new_bits = 8 },
+    { name = "internal", new_bits = 6 },
+    { name = "external", new_bits = 6 },
+    { name = "app-cidr", new_bits = 4 }
   ]
 }
 
 resource "aws_subnet" "internal" {
-  for_each = toset(var.azs)
-  vpc_id            = module.vpc.vpc_id
-  cidr_block        = module.subnet_addrs[each.key].network_cidr_blocks["internal"]
+  for_each         = toset(local.valid_azs)
+  vpc_id           = module.vpc.vpc_id
+  cidr_block       = module.subnet_addrs[each.key].network_cidr_blocks["internal"]
   availability_zone = each.key
-  tags              = {
-    Name = format("%s-int-subnet-%s",var.project_prefix,each.key)
-  }
+  tags = { Name = format("%s-int-subnet-%s", var.project_prefix, each.key) }
 }
+
 resource "aws_subnet" "management" {
-  for_each = toset(var.azs)
-  vpc_id            = module.vpc.vpc_id
-  cidr_block        = module.subnet_addrs[each.key].network_cidr_blocks["management"]
+  for_each         = toset(local.valid_azs)
+  vpc_id           = module.vpc.vpc_id
+  cidr_block       = module.subnet_addrs[each.key].network_cidr_blocks["management"]
   availability_zone = each.key
-  tags              = {
-    Name = format("%s-mgmt-subnet-%s",var.project_prefix,each.key)
-  }
+  tags = { Name = format("%s-mgmt-subnet-%s", var.project_prefix, each.key) }
 }
+
 resource "aws_subnet" "external" {
-  for_each = toset(var.azs)
-  vpc_id            = module.vpc.vpc_id
-  cidr_block        = module.subnet_addrs[each.key].network_cidr_blocks["external"]
+  for_each         = toset(local.valid_azs)
+  vpc_id           = module.vpc.vpc_id
+  cidr_block       = module.subnet_addrs[each.key].network_cidr_blocks["external"]
   map_public_ip_on_launch = true
   availability_zone = each.key
-  tags              = {
-    Name = format("%s-ext-subnet-%s",var.project_prefix,each.key)
-  }
+  tags = { Name = format("%s-ext-subnet-%s", var.project_prefix, each.key) }
 }
+
 resource "aws_route_table" "main" {
   vpc_id = module.vpc.vpc_id
   route {
@@ -98,18 +78,22 @@ resource "aws_route_table" "main" {
     Name = "${var.project_prefix}-rt-${random_id.build_suffix.hex}"
   }
 }
+
 resource "aws_route_table_association" "subnet-association-internal" {
-  for_each       = toset(var.azs)
+  for_each       = toset(local.valid_azs)
   subnet_id      = aws_subnet.internal[each.key].id
   route_table_id = aws_route_table.main.id
 }
+
 resource "aws_route_table_association" "subnet-association-management" {
-  for_each       = toset(var.azs)
+  for_each       = toset(local.valid_azs)
   subnet_id      = aws_subnet.management[each.key].id
   route_table_id = aws_route_table.main.id
 }
+
 resource "aws_route_table_association" "subnet-association-external" {
-  for_each       = toset(var.azs)
+  for_each       = toset(local.valid_azs)
   subnet_id      = aws_subnet.external[each.key].id
   route_table_id = aws_route_table.main.id
 }
+
