Merge pull request #5 from data-platform-hq/fix/subnet-creation-optionality

fix: subnet creation optionality

Author: owlleg6

README.md

@@ -9,13 +9,13 @@ Terraform module for creation Azure Network Subnet
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
-| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.23.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.40.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | >= 3.23.0 |
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | >= 3.40.0 |
 
 ## Modules
 
@@ -36,10 +36,11 @@ No modules.
 | <a name="input_delegations"></a> [delegations](#input\_delegations) | (optional) subnet delegation | <pre>list(object({<br>    name    = string<br>    actions = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | The name of the subnet | `string` | n/a | yes |
 | <a name="input_network"></a> [network](#input\_network) | The name of the virtual network in which the subnet is created in | `string` | n/a | yes |
-| <a name="input_nsg_id"></a> [nsg\_id](#input\_nsg\_id) | The ID of the Network Security Group which should be associated with the Subnet | `string` | `""` | no |
+| <a name="input_nsg_id"></a> [nsg\_id](#input\_nsg\_id) | The ID of the Network Security Group which should be associated with the Subnet | `string` | null | no |
 | <a name="input_private_endpoint_network_policies_enabled"></a> [private\_endpoint\_network\_policies\_enabled](#input\_private\_endpoint\_network\_policies\_enabled) | Enable or Disable network policies for the private link endpoint on the subnet. Setting this to true will Disable the policy and setting this to false will Enable the policy: [true\|false] | `bool` | `true` | no |
 | <a name="input_resource_group"></a> [resource\_group](#input\_resource\_group) | The name of the resource group in which to create the storage account | `string` | n/a | yes |
 | <a name="input_service_endpoints"></a> [service\_endpoints](#input\_service\_endpoints) | The list of Service endpoints to associate with the subnet: Microsoft.AzureActiveDirectory, Microsoft.AzureCosmosDB, Microsoft.ContainerRegistry, Microsoft.EventHub, Microsoft.KeyVault, Microsoft.ServiceBus, Microsoft.Sql, Microsoft.Storage, Microsoft.Web | `list(string)` | <pre>[<br>  "Microsoft.Storage",<br>  "Microsoft.KeyVault",<br>  "Microsoft.Sql"<br>]</pre> | no |
+| <a name="input_export_subnet_id"></a> [export\_subnet\_id](#input\_export\_subnet\_id) | ID of already existing subnet. Provide this value to associate existing subnet with given Network Security Group | `string` | null | no |
 
 ## Outputs
 

main.tf

@@ -1,4 +1,6 @@
 resource "azurerm_subnet" "this" {
+  count = var.export_subnet_id == null ? 1 : 0
+
   name                                      = var.name
   resource_group_name                       = var.resource_group
   virtual_network_name                      = var.network
@@ -19,8 +21,8 @@ resource "azurerm_subnet" "this" {
 }
 
 resource "azurerm_subnet_network_security_group_association" "this" {
-  count = var.nsg_id == "" ? 0 : 1
+  count = var.nsg_id == null ? 0 : 1
 
-  subnet_id                 = azurerm_subnet.this.id
+  subnet_id                 = var.export_subnet_id == null ? azurerm_subnet.this[0].id : var.export_subnet_id
   network_security_group_id = var.nsg_id
 }

outputs.tf

@@ -1,24 +1,24 @@
 output "id" {
-  value       = azurerm_subnet.this.id
+  value       = var.export_subnet_id == null ? azurerm_subnet.this[0].id : null
   description = "The ID of the subnet"
 }
 
 output "name" {
-  value       = azurerm_subnet.this.name
+  value       = var.export_subnet_id == null ? azurerm_subnet.this[0].name : null
   description = "The name of the subnet"
 }
 
 output "address_prefixes" {
-  value       = azurerm_subnet.this.address_prefixes
+  value       = var.export_subnet_id == null ? azurerm_subnet.this[0].address_prefixes : null
   description = "The address prefixes to use for the subnet"
 }
 
 output "nsg_association_id" {
-  value       = var.nsg_id == "" ? "" : azurerm_subnet_network_security_group_association.this[0].id
+  value       = azurerm_subnet_network_security_group_association.this[0].id
   description = "The ID of the Network Security Group Association"
 }
 
 output "name_to_id_map" {
-  value       = { (azurerm_subnet.this.name) = azurerm_subnet.this.id }
+  value       = var.export_subnet_id == null ? { (azurerm_subnet.this[0].name) = azurerm_subnet.this[0].id } : null
   description = "Map of Subnet Name to Id"
 }

variables.tf

@@ -47,5 +47,11 @@ variable "delegations" {
 variable "nsg_id" {
   type        = string
   description = "The ID of the Network Security Group which should be associated with the Subnet"
-  default     = ""
+  default     = null
+}
+
+variable "export_subnet_id" {
+  type        = string
+  description = "ID of already existing subnet. Provide this value to associate existing subnet with given Network Security Group"
+  default     = null
 }

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.23.0"
+      version = ">= 3.40.0"
     }
   }
 }