Merge pull request #8 from data-platform-hq/fix_switch_nsg_association_to_count_condition

owlleg6 · web-flow · commit f0e2ae87a61c · 2023-09-21T17:28:02.000+03:00
fix: switched nsg association to count condition
diff --git a/main.tf b/main.tf
@@ -21,8 +21,8 @@ resource "azurerm_subnet" "this" {
 }
 
 resource "azurerm_subnet_network_security_group_association" "this" {
-  for_each = var.nsg_id
+  count = var.nsg_association_enabled ? 1 : 0
 
   subnet_id                 = var.export_subnet_id == null ? azurerm_subnet.this[0].id : var.export_subnet_id
-  network_security_group_id = each.value
+  network_security_group_id = var.nsg_id
 }
diff --git a/variables.tf b/variables.tf
@@ -44,10 +44,16 @@ variable "delegations" {
   default     = []
 }
 
+variable "nsg_association_enabled" {
+  type        = bool
+  description = "Boolean flag that determines if NSG association would be created"
+  default     = false
+}
+
 variable "nsg_id" {
-  type        = map(string)
+  type        = string
   description = "The ID of the Network Security Group which should be associated with the Subnet"
-  default     = {}
+  default     = null
 }
 
 variable "export_subnet_id" {

Original file line number	Diff line number	Diff line change
`@@ -21,8 +21,8 @@ resource "azurerm_subnet" "this" {`
`21`	`21`	`}`
`22`	`22`
`23`	`23`	`resource "azurerm_subnet_network_security_group_association" "this" {`
`24`		`- for_each = var.nsg_id`
	`24`	`+ count = var.nsg_association_enabled ? 1 : 0`
`25`	`25`
`26`	`26`	`subnet_id = var.export_subnet_id == null ? azurerm_subnet.this[0].id : var.export_subnet_id`
`27`		`- network_security_group_id = each.value`
	`27`	`+ network_security_group_id = var.nsg_id`
`28`	`28`	`}`