From 70db718250bc0ddef28055a65e35066932809a6a Mon Sep 17 00:00:00 2001
From: Harshit Luthra <love.coolsachin@gmail.com>
Date: Sun, 1 Dec 2024 22:30:01 +0530
Subject: [PATCH 1/2] feat(terraform): add tagging for private and public
 subnets

Introduce base tags for private and public subnets to ensure
consistency with VPC module tags. Convert tags to list format
for aws_ec2_tag resources to facilitate tagging. Simplify
conditional logic for module count.
---
 locals.tf | 39 ++++++++++++++++++++++++++++++++++++++-
 vpc.tf    | 20 ++++++++++++++++++--
 2 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/locals.tf b/locals.tf
index b6b59f0..2574a7c 100644
--- a/locals.tf
+++ b/locals.tf
@@ -3,6 +3,7 @@ locals {
 
   flow_logs_bucket_arn = var.flow_logs_enable ? module.vpc_flow_logs_bucket[0].s3_bucket_arn : null
 
+  # Base tags for all resources
   tags = merge(
     {
       "terraform-module" = "network"
@@ -11,4 +12,40 @@ locals {
     },
     var.tags
   )
-}
\ No newline at end of file
+
+  # Define base tags that match the VPC module's tags
+  private_subnet_base_tags = merge(
+    {
+      "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+      "kubernetes.io/role/internal-elb"           = "1"
+      "subnet"                                    = "private"
+    },
+    var.private_subnet_extra_tags,
+    local.tags
+  )
+
+  public_subnet_base_tags = merge(
+    {
+      "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+      "kubernetes.io/role/elb"                    = "1"
+      "subnet"                                    = "public"
+    },
+    var.public_subnet_extra_tags,
+    local.tags
+  )
+
+  # Convert all tags to list format for aws_ec2_tag resources
+  private_subnet_tags_list = [
+    for k, v in local.private_subnet_base_tags : {
+      key   = k
+      value = v
+    }
+  ]
+
+  public_subnet_tags_list = [
+    for k, v in local.public_subnet_base_tags : {
+      key   = k
+      value = v
+    }
+  ]
+}
diff --git a/vpc.tf b/vpc.tf
index 82d4843..3507e42 100644
--- a/vpc.tf
+++ b/vpc.tf
@@ -1,5 +1,5 @@
 module "aws-vpc-module" {
-  count   = var.shim == true ? 0 : 1
+  count   = var.shim ? 0 : 1
   source  = "terraform-aws-modules/vpc/aws"
   version = "5.0.0"
 
@@ -67,4 +67,20 @@ data "aws_subnet" "public_subnets" {
   count = var.shim ? length(var.public_subnets_ids) : 0
 
   id = element(var.public_subnets_ids, count.index)
-}
\ No newline at end of file
+}
+
+resource "aws_ec2_tag" "private_subnet_tags" {
+  count = var.shim ? length(var.private_subnets_ids) * length(local.private_subnet_tags_list) : 0
+
+  resource_id = var.private_subnets_ids[floor(count.index / length(local.private_subnet_tags_list))]
+  key         = local.private_subnet_tags_list[count.index % length(local.private_subnet_tags_list)].key
+  value       = local.private_subnet_tags_list[count.index % length(local.private_subnet_tags_list)].value
+}
+
+resource "aws_ec2_tag" "public_subnet_tags" {
+  count = var.shim ? length(var.public_subnets_ids) * length(local.public_subnet_tags_list) : 0
+
+  resource_id = var.public_subnets_ids[floor(count.index / length(local.public_subnet_tags_list))]
+  key         = local.public_subnet_tags_list[count.index % length(local.public_subnet_tags_list)].key
+  value       = local.public_subnet_tags_list[count.index % length(local.public_subnet_tags_list)].value
+}

From 9632ef585938cd0e0f72c83984c474bdae4ada66 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sun, 1 Dec 2024 18:23:38 +0000
Subject: [PATCH 2/2] terraform-docs: automated action

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 79d706a..9220676 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,8 @@ Truefoundry AWS Network Module
 
 | Name | Type |
 |------|------|
+| [aws_ec2_tag.private_subnet_tags](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |
+| [aws_ec2_tag.public_subnet_tags](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |
 | [aws_vpc_endpoint.s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |
 | [aws_iam_policy_document.flow_logs_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_subnet.private_subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |