Adding support for updating Availability Zones (v2) #146
Conversation
johncowie
changed the title
johncowie
changed the title
| _validate_az_input = ( | ||
| (var.availability_zones == null && var.availability_zone_configurations == null) || | ||
| (var.availability_zones != null && var.availability_zone_configurations != null) | ||
| ) ? tobool("ERROR: Exactly one of availability_zones or availability_zone_configurations must be specified.") : true |
There was a problem hiding this comment.
I know this works but it feels weird. I did a search and there's custom validation you can do on input variables. Would that work here? Something like:
variable "availability_zones" {
type = list(string)
default = null
validation {
condition = (
(var.availability_zones == null) !=
(var.availability_zone_configurations == null)
)
error_message = "Exactly one of availability_zones or availability_zone_configurations must be specified."
}
}
There was a problem hiding this comment.
I think I tried this first, but I don't think you can reference another variable in a variable definition. I'll double-check this though.
There was a problem hiding this comment.
Aye, disnae work.
There was a problem hiding this comment.
The other option is combining the types into the var.availability_zones var. Unfortunately terraform doesn't support type unions, so I think to do this you'd make the type of var.availability_zones an any and then add validation to check that it's either a list of strings or a list of objects. But then you lose the typing and resulting type hints, which seemed a shame to me.
There was a problem hiding this comment.
Or given it's already somewhat of a breaking change, could lean harder into that by just supporting the new list-of-objects type, with the subnet CIDRs being optional.
| ``` | ||
|
|
||
|
|
||
| * The default value for the `private_subnets_offset` variable has been changed |
There was a problem hiding this comment.
Does this mean that if users upgrade, their subnets will change? Or is this accounted for in the move blocks?
There was a problem hiding this comment.
Yeah it does if they relied on the default value of private_subnets_offset before. They can avoid this by setting private_subnets_offset to 0 explicitly, albeit they'll still need to do the move blocks to avoid stuff being destroyed. I'll add some additional documentation to this effect.
2 participants
Extends #141 with the following:
private_subnets_offsetis set to 128, so there's a decent gap between the public and private subnet cidrs. This means that if a new availability zone is added to the list, the existing private subnets won't need to get destroyed to make way for the new public subset.