# SPDX-License-Identifier: CC-BY-SA-3.0
terraform {
+ required_version = "~> 1.3.0"
required_providers {
aws = {
source = "hashicorp/aws"
+ version = "~> 4.38.0"
}
}
}
}
}
+#
+# Additional subnet on a different AZ is required if RDS is enabled
+#
+resource "aws_subnet" "additional_rds_subnet" {
+ count = (var.additional_rds_subnet_id == "" && local.use_rds) ? 1 : 0
+ vpc_id = local.arvados_vpc_id
+ availability_zone = data.aws_availability_zones.available.names[1]
+ cidr_block = "10.1.3.0/24"
+
+ lifecycle {
+ precondition {
+ condition = (var.vpc_id == "")
+ error_message = "additional_rds_subnet_id should be set if vpc_id is also set"
+ }
+ }
+}
+
#
# VPC S3 access
#
resource "aws_vpc_endpoint" "s3" {
+ count = var.vpc_id == "" ? 1 : 0
vpc_id = local.arvados_vpc_id
service_name = "com.amazonaws.${var.region_name}.s3"
}
resource "aws_vpc_endpoint_route_table_association" "compute_s3_route" {
count = var.private_subnet_id == "" ? 1 : 0
- vpc_endpoint_id = aws_vpc_endpoint.s3.id
+ vpc_endpoint_id = aws_vpc_endpoint.s3[0].id
route_table_id = aws_route_table.private_subnet_rt[0].id
}