From d3fb4e74a4dec792128563716e02e8dbd8de195e Mon Sep 17 00:00:00 2001
From: Chris Dobbyn <chris.dobbyn@telmediq.com>
Date: Mon, 7 Jun 2021 16:03:51 -0700
Subject: [PATCH] Add cidr block output per AZ (#53)

* Add cidr block output per AZ

* Auto Format

* Update with output and add tests
- Add the output `az_subnet_cidr_blocks`
- Add tests to verify the output for the complete example

* Auto Format

Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
---
 README.md                          |  4 ++--
 docs/terraform.md                  |  1 +
 examples/complete/outputs.tf       |  7 +++++++
 main.tf                            |  9 +++++----
 outputs.tf                         |  7 ++++++-
 test/src/examples_complete_test.go | 21 +++++++++++++++++++++
 6 files changed, 42 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 5be5434..cdbb18d 100644
--- a/README.md
+++ b/README.md
@@ -342,6 +342,7 @@ Available targets:
 | <a name="output_az_ngw_ids"></a> [az\_ngw\_ids](#output\_az\_ngw\_ids) | Map of AZ names to NAT Gateway IDs (only for public subnets) |
 | <a name="output_az_route_table_ids"></a> [az\_route\_table\_ids](#output\_az\_route\_table\_ids) | Map of AZ names to Route Table IDs |
 | <a name="output_az_subnet_arns"></a> [az\_subnet\_arns](#output\_az\_subnet\_arns) | Map of AZ names to subnet ARNs |
+| <a name="output_az_subnet_cidr_blocks"></a> [az\_subnet\_cidr\_blocks](#output\_az\_subnet\_cidr\_blocks) | Map of AZ names to subnet CIDR blocks |
 | <a name="output_az_subnet_ids"></a> [az\_subnet\_ids](#output\_az\_subnet\_ids) | Map of AZ names to subnet IDs |
 | <a name="output_az_subnet_map"></a> [az\_subnet\_map](#output\_az\_subnet\_map) | Map of AZ names to map of information about subnets |
 <!-- markdownlint-restore -->
@@ -355,6 +356,7 @@ Like this project? Please give it a ★ on [our GitHub](https://github.com/cloud
 Are you using this project or any of our other projects? Consider [leaving a testimonial][testimonial]. =)
 
 
+
 ## Related Projects
 
 Check out these related projects.
@@ -364,8 +366,6 @@ Check out these related projects.
 - [terraform-aws-vpc](https://github.com/cloudposse/terraform-aws-vpc) - Terraform Module that defines a VPC with public/private subnets across multiple AZs with Internet Gateways
 - [terraform-aws-cloudwatch-flow-logs](https://github.com/cloudposse/terraform-aws-cloudwatch-flow-logs) - Terraform module for enabling flow logs for vpc and subnets.
 
-
-
 ## Help
 
 **Got a question?** We got answers.
diff --git a/docs/terraform.md b/docs/terraform.md
index 7e4af99..eeb6fcb 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -80,6 +80,7 @@
 | <a name="output_az_ngw_ids"></a> [az\_ngw\_ids](#output\_az\_ngw\_ids) | Map of AZ names to NAT Gateway IDs (only for public subnets) |
 | <a name="output_az_route_table_ids"></a> [az\_route\_table\_ids](#output\_az\_route\_table\_ids) | Map of AZ names to Route Table IDs |
 | <a name="output_az_subnet_arns"></a> [az\_subnet\_arns](#output\_az\_subnet\_arns) | Map of AZ names to subnet ARNs |
+| <a name="output_az_subnet_cidr_blocks"></a> [az\_subnet\_cidr\_blocks](#output\_az\_subnet\_cidr\_blocks) | Map of AZ names to subnet CIDR blocks |
 | <a name="output_az_subnet_ids"></a> [az\_subnet\_ids](#output\_az\_subnet\_ids) | Map of AZ names to subnet IDs |
 | <a name="output_az_subnet_map"></a> [az\_subnet\_map](#output\_az\_subnet\_map) | Map of AZ names to map of information about subnets |
 <!-- markdownlint-restore -->
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
index 1197d57..f76982f 100644
--- a/examples/complete/outputs.tf
+++ b/examples/complete/outputs.tf
@@ -34,3 +34,10 @@ output "public_az_route_table_ids" {
   value = module.public_subnets.az_route_table_ids
 }
 
+output "private_az_subnet_cidr_blocks" {
+  value = module.private_subnets.az_subnet_cidr_blocks
+}
+
+output "public_az_subnet_cidr_blocks" {
+  value = module.public_subnets.az_subnet_cidr_blocks
+}
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 60dd997..d9fd82d 100644
--- a/main.tf
+++ b/main.tf
@@ -6,10 +6,11 @@ locals {
   availability_zones = local.enabled ? var.availability_zones : []
 
   output_map = { for az in(local.enabled ? var.availability_zones : []) : az => {
-    subnet_id      = local.public_enabled ? aws_subnet.public[az].id : aws_subnet.private[az].id
-    subnet_arn     = local.public_enabled ? aws_subnet.public[az].arn : aws_subnet.private[az].arn
-    route_table_id = local.public_enabled ? aws_route_table.public[az].id : aws_route_table.private[az].id
-    ngw_id         = local.public_enabled && var.nat_gateway_enabled ? aws_nat_gateway.public[az].id : null
+    subnet_id         = local.public_enabled ? aws_subnet.public[az].id : aws_subnet.private[az].id
+    subnet_arn        = local.public_enabled ? aws_subnet.public[az].arn : aws_subnet.private[az].arn
+    subnet_cidr_block = local.public_enabled ? aws_subnet.public[az].cidr_block : aws_subnet.private[az].cidr_block
+    route_table_id    = local.public_enabled ? aws_route_table.public[az].id : aws_route_table.private[az].id
+    ngw_id            = local.public_enabled && var.nat_gateway_enabled ? aws_nat_gateway.public[az].id : null
     }
   }
 }
diff --git a/outputs.tf b/outputs.tf
index 8101ad6..95ac2c1 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -8,6 +8,11 @@ output "az_subnet_arns" {
   description = "Map of AZ names to subnet ARNs"
 }
 
+output "az_subnet_cidr_blocks" {
+  value       = { for az, m in local.output_map : az => m.subnet_cidr_block }
+  description = "Map of AZ names to subnet CIDR blocks"
+}
+
 output "az_route_table_ids" {
   value       = { for az, m in local.output_map : az => m.route_table_id }
   description = " Map of AZ names to Route Table IDs"
@@ -22,4 +27,4 @@ output "az_ngw_ids" {
 output "az_subnet_map" {
   value       = local.output_map
   description = "Map of AZ names to map of information about subnets"
-}
\ No newline at end of file
+}
diff --git a/test/src/examples_complete_test.go b/test/src/examples_complete_test.go
index 35a815e..585d1bc 100644
--- a/test/src/examples_complete_test.go
+++ b/test/src/examples_complete_test.go
@@ -65,6 +65,11 @@ func TestExamplesComplete(t *testing.T) {
 	     "us-east-2b" = "subnet-05861d30d45e7b675"
 	     "us-east-2c" = "subnet-036d747a2b46857ae"
 	   }
+	   private_az_subnet_cidr_blocks = {
+	     "us-east-2a" = "172.16.128.0/21"
+	     "us-east-2b" = "172.16.136.0/21"
+	     "us-east-2c" = "172.16.144.0/21"
+	   }
 	   public_az_ngw_ids = {
 	     "us-east-2a" = "nat-0f5057f09b8cd8ddc"
 	     "us-east-2b" = "nat-0971b2505ea6d03f1"
@@ -80,6 +85,11 @@ func TestExamplesComplete(t *testing.T) {
 	     "us-east-2b" = "subnet-0b432a6748ca40638"
 	     "us-east-2c" = "subnet-00a9a6636ca722474"
 	   }
+	   public_az_subnet_cidr_blocks = {
+	     "us-east-2a" = "172.16.0.0/21"
+	     "us-east-2b" = "172.16.8.0/21"
+	     "us-east-2c" = "172.16.16.0/21"
+	   }
 	*/
 
 	// Run `terraform output` to get the value of an output variable
@@ -110,6 +120,17 @@ func TestExamplesComplete(t *testing.T) {
 	assertValueStartsWith(t, publicRouteTableIds, "^rtb-.*")
 	assert.Equal(t, expectedAZs, getKeys(publicSubnetIds))
 	assertValueStartsWith(t, publicSubnetIds, "^subnet-.*")
+
+	expectedPublicCidrBlocks := []string{"172.16.0.0/21", "172.16.8.0/21", "172.16.16.0/21"}
+	expectedPrivateCidrBlocks := []string{"172.16.128.0/21", "172.16.136.0/21", "172.16.144.0/21"}
+	// Run `terraform output` to get the value of an output variable
+	publicSubnetCidrBlocks := terraform.OutputMap(t, terraformOptions, "public_az_subnet_cidr_blocks")
+	privateSubnetCidrBlocks := terraform.OutputMap(t, terraformOptions, "private_az_subnet_cidr_blocks")
+	// Verify output
+	assert.Equal(t, expectedAZs, getKeys(publicSubnetCidrBlocks))
+	assert.Equal(t, expectedPublicCidrBlocks, getValues(publicSubnetCidrBlocks))
+	assert.Equal(t, expectedAZs, getKeys(privateSubnetCidrBlocks))
+	assert.Equal(t, expectedPrivateCidrBlocks, getValues(privateSubnetCidrBlocks))
 }
 
 func TestExamplesCompleteDisabledModule(t *testing.T) {