Redshift public subnets (#222)

b4aa52c5 · bmihaescu · Anton Babenko · 9b859ff5 · b4aa52c5 · b4aa52c5
Commit b4aa52c5 authored Mar 05, 2019 by bmihaescu Committed by Anton Babenko Mar 05, 2019
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 0 deletions

README.md README.md +5 -0

main.tf main.tf +8 -0

No files found.
--- a/README.md
+++ b/README.md
@@ -170,7 +170,11 @@ Sometimes it is handy to have public access to RDS instances (it is not recommen
 Sometimes it is handy to have public access to Redshift clusters (for example if you need to access it by Kinesis - VPC endpoint for Kinesis is not yet supported by Redshift) by specifying these arguments:
 ```hcl
+<<<<<<< HEAD
  enable_public_redshift = true  # <= Default it will be placed into private subnet route table
+=======
+  enable_public_redshift = true  # <= By default Redshift subnets will be associated with the private route table
+>>>>>>> Redshift public subnets (#222)
 ```
 ## Terraform version
@@ -247,6 +251,7 @@ Terraform version 0.10.3 or newer is required for this module to work.
 | enable\_ecr\_api\_endpoint | Should be true if you want to provision an ecr api endpoint to the VPC | string | `"false"` | no |
 | enable\_ecr\_dkr\_endpoint | Should be true if you want to provision an ecr dkr endpoint to the VPC | string | `"false"` | no |
 | enable\_nat\_gateway | Should be true if you want to provision NAT Gateways for each of your private networks | string | `"false"` | no |
+| enable\_public\_redshift | Controls if redshift should have public routing table | string | `"false"` | no |
 | enable\_s3\_endpoint | Should be true if you want to provision an S3 endpoint to the VPC | string | `"false"` | no |
 | enable\_ssm\_endpoint | Should be true if you want to provision an SSM endpoint to the VPC | string | `"false"` | no |
 | enable\_ssmmessages\_endpoint | Should be true if you want to provision a SSMMESSAGES endpoint to the VPC | string | `"false"` | no |

--- a/main.tf
+++ b/main.tf
@@ -569,14 +569,22 @@ resource "aws_route_table_association" "database" {
 }
 resource "aws_route_table_association" "redshift" {
+<<<<<<< HEAD
  count = "${var.enable_public_redshift == false && var.create_vpc && length(var.redshift_subnets) > 0 ? length(var.redshift_subnets) : 0}"
+=======
+  count = "${var.create_vpc && length(var.redshift_subnets) > 0 && !var.enable_public_redshift ? length(var.redshift_subnets) : 0}"
+>>>>>>> Redshift public subnets (#222)
  subnet_id      = "${element(aws_subnet.redshift.*.id, count.index)}"
  route_table_id = "${element(coalescelist(aws_route_table.redshift.*.id, aws_route_table.private.*.id), (var.single_nat_gateway || var.create_redshift_subnet_route_table ? 0 : count.index))}"
 }
 resource "aws_route_table_association" "redshift_public" {
+<<<<<<< HEAD
  count = "${var.enable_public_redshift && var.create_vpc && length(var.redshift_subnets) > 0 ? length(var.redshift_subnets) : 0}"
+=======
+  count = "${var.create_vpc && length(var.redshift_subnets) > 0 && var.enable_public_redshift ? length(var.redshift_subnets) : 0}"
+>>>>>>> Redshift public subnets (#222)
  subnet_id      = "${element(aws_subnet.redshift.*.id, count.index)}"
  route_table_id = "${element(coalescelist(aws_route_table.redshift.*.id, aws_route_table.public.*.id), (var.single_nat_gateway || var.create_redshift_subnet_route_table ? 0 : count.index))}"