Add multi-az mapping of proxy route table to NLB ENIs

Signed-off-by: Jim Enright <[email protected]>
cloudera-labs · Dec 18, 2024 · 4c00b99 · 4c00b99
1 parent 78a167d
commit 4c00b99
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 19 deletions.
diff --git a/modules/terraform-aws-proxy/defaults.tf b/modules/terraform-aws-proxy/defaults.tf
@@ -34,9 +34,10 @@ locals {
   route_tables_to_update = flatten([
     for route in var.route_tables_to_update :
     [
-      for rt in route.route_tables :
+      for rti, rt in route.route_tables :
       {
         route_table            = rt
+        availability_zone      = try(route.availability_zones[rti], null)
         destination_cidr_block = route.destination_cidr_block
       }
     ]
@@ -51,21 +52,4 @@ locals {
     }
   ]
 
-  # TODO: Explore better rt to eni mapping with the below
-  # route_table_details = [
-  #   for rt in data.aws_route_table.proxy_rt :
-  #   {
-  #     rt_id      = rt.id
-  #     subnet_ids = rt.associations[*].subnet_id
-  #   }
-  # ]
-
-  route_table_to_lb_eni_assoc = {
-    for k, v in data.aws_route_table.proxy_rt : v.id => {
-      # TODO: eni of same subnet assoc if possible otherwise the first eni_id in lb_eni_details
-      eni = local.lb_eni_details[0].eni_id
-    }
-  }
-
-
 }
diff --git a/modules/terraform-aws-proxy/main.tf b/modules/terraform-aws-proxy/main.tf
@@ -183,5 +183,8 @@ resource "aws_route" "vpc_tgw_route" {
 
   route_table_id         = each.value.route_table
   destination_cidr_block = each.value.destination_cidr_block
-  network_interface_id   = local.route_table_to_lb_eni_assoc[each.value.route_table].eni
+  # Where route table AZ info is available, use Network LB ENI from same AZ as subnet where route table is associated. Otherwise set to first LB ENI
+  # Ref: https://github.com/hashicorp/terraform-provider-aws/issues/16759#issuecomment-1768591117
+  network_interface_id   = try(element([for lbeni in tolist(local.lb_eni_details) : lbeni.eni_id if lbeni.az == each.value.availability_zone], 0), local.lb_eni_details[0].eni_id)
+
 }
diff --git a/modules/terraform-aws-proxy/variables.tf b/modules/terraform-aws-proxy/variables.tf
@@ -243,6 +243,7 @@ variable "route_tables_to_update" {
   description = "List of any route tables to update to point to the Network interface of the Proxy VM"
   type = list(object({
     route_tables           = list(string)
+    availability_zones     = optional(list(string))
     destination_cidr_block = string
   }))