v0.13 syntax fixes - EDIT: 9/14/20

az/outputs.tf

@@ -2,36 +2,36 @@
 
 ## Returns Subnet IDs
 output "dmz_ids" {
-  value = ["${aws_subnet.dmz.*.id}"]
+  value = aws_subnet.dmz.*.id
 }
 
 output "lan_ids" {
-  value = ["${aws_subnet.lan.*.id}"]
+  value = aws_subnet.lan.*.id
 }
 
 ## Returns Subnet CIDR blocks
 output "dmz_cidrs" {
-  value = ["${aws_subnet.dmz.*.cidr_block}"]
+  value = aws_subnet.dmz.*.cidr_block
 }
 
 output "lan_cidrs" {
-  value = ["${aws_subnet.lan.*.cidr_block}"]
+  value = aws_subnet.lan.*.cidr_block
 }
 
 ## Returns information about the NATs
 output "eip_nat_ids" {
-  value = ["${aws_eip.eip_nat.*.id}"]
+  value = aws_eip.eip_nat.*.id
 }
 
 output "eip_nat_ips" {
-  value = ["${aws_eip.eip_nat.*.public_ip}"]
+  value = aws_eip.eip_nat.*.public_ip
 }
 
 output "nat_ids" {
-  value = ["${compact(concat(aws_instance.nat.*.id,aws_nat_gateway.nat.*.id))}"]
+  value = compact(concat(aws_instance.nat.*.id,aws_nat_gateway.nat.*.id))
 }
 
 ## Returns the routing table ID
 output "rt_lan_ids" {
-  value = ["${aws_route_table.rt_lan.*.id}"]
+  value = aws_route_table.rt_lan.*.id
 }

az/variables.tf

@@ -2,26 +2,26 @@
 
 ## Resource tags
 variable "stack_item_fullname" {
-  type        = "string"
+  type        = string
   description = "Long form descriptive name for this stack item. This value is used to create the 'application' resource tag for resources created by this stack item."
   default     = "VPC Quick Start"
 }
 
 variable "stack_item_label" {
-  type        = "string"
+  type        = string
   description = "Short form identifier for this stack. This value is used to create the 'Name' resource tag for resources created by this stack item, and also serves as a unique key for re-use."
   default     = "qckstrt"
 }
 
 variable "additional_subnet_tags" {
-  type        = "map"
+  type        = map(string)
   description = "Additional tags to apply at the subnet level, if any"
   default     = {}
 }
 
 ## VPC parameters
 variable "az_cidrsubnet_newbits" {
-  type        = "map"
+  type        = map(string)
   description = "The number of bits by which to extend the CIDR range for the given number of AZs."
 
   default = {
@@ -35,7 +35,7 @@ variable "az_cidrsubnet_newbits" {
 }
 
 variable "az_cidrsubnet_offset" {
-  type        = "map"
+  type        = map(string)
   description = "The number of AZs to provision for."
 
   default = {
@@ -47,83 +47,94 @@ variable "az_cidrsubnet_offset" {
 }
 
 variable "azs_provisioned" {
-  type        = "string"
+  type        = number
   description = "The number of availability zones to be provisioned."
-  default     = "2"
+  default     = 2
 }
 
 variable "azs_provisioned_override" {
-  type        = "list"
+  type        = list(string)
   description = "List of availability zones to be provisioned."
   default     = ["non_empty_list"]
 }
 
 variable "dmz_cidrs_override" {
-  type        = "list"
+  type        = list(string)
   description = "The CIDR block(s) you want the DMZ subnet(s) to cover."
   default     = ["non_empty_list"]
 }
 
 variable "enable_dmz_public_ips" {
-  type        = "string"
+  type        = bool
   description = "Specify true to indicate that instances launched into the DMZ subnet should be assigned a public IP address. Default is false."
-  default     = ""
+  default     = false
 }
 
 variable "lan_cidrs_override" {
-  type        = "list"
+  type        = list(string)
   description = "The CIDR block(s) you want the LAN subnet(s) to cover."
   default     = ["non_empty_list"]
 }
 
 variable "lans_per_az" {
-  type        = "string"
+  type        = number
   description = "The number of private LAN subnets to be provisioned per AZ"
-  default     = "1"
+  default     = 1
 }
 
+variable "static_cidrs_override" {
+  type        = list(string)
+  description = "The CIDR block(s) you want the static subnet(s) to cover."
+  default     = ["non_empty_list"]
+}
+
+variable "statics_per_az" {
+  type        = number
+  description = "The number of private static subnets to be provisioned per AZ"
+  default     = 0
+
 variable "nat_ami_override" {
-  type        = "string"
+  type        = string
   description = "Custom NAT Amazon machine image"
   default     = ""
 }
 
 variable "nat_eips_enabled" {
-  type        = "string"
+  type        = bool
   description = "Flag for specifying allocation of Elastic IPs to NATs for the purposes of whitelisting. This value is overriden to 'true' when utilizing NAT gateways."
-  default     = "false"
+  default     = false
 }
 
 variable "nat_gateways_enabled" {
-  type        = "string"
+  type        = bool
   description = "Flag for specifying utilization of managed NAT gateways over EC2 based NAT instances."
-  default     = "false"
+  default     = false
 }
 
 variable "nat_instance_type" {
-  type        = "string"
+  type        = string
   description = "NAT EC2 instance type"
   default     = "t2.nano"
 }
 
 variable "nat_key_name" {
-  type        = "string"
+  type        = string
   description = "NAT EC2 key pair name"
   default     = ""
 }
 
 variable "rt_dmz_id" {
-  type        = "string"
+  type        = string
   description = "The ID of the DMZ routing table"
 }
 
 variable "vgw_ids" {
-  type        = "list"
+  type        = list(string)
   description = "A list of virtual gateways to associate with the routing tables for route propagation."
   default     = []
 }
 
 variable "vpc_id" {
-  type        = "string"
+  type        = string
   description = "The ID of the VPC"
 }

base/main.tf

@@ -2,51 +2,55 @@
 
 ## Set Terraform version constraint
 terraform {
-  required_version = "> 0.11.0"
+  required_version = "> 0.12.0"
 }
 
 ## Set default instance tennancy if not provided
 locals {
-  default_instance_tenancy = "${length(var.instance_tenancy) >= 1 ? "${var.instance_tenancy}" : "default"}"
+  default_instance_tenancy = length(var.instance_tenancy) >= 1 ? var.instance_tenancy : "default"
+  enable_dns                     = var.enable_dns
+  enable_hostnames               = var.enable_hostnames
+  enable_classiclink             = var.enable_classiclink
+  enable_classiclink_dns_support = var.enable_classiclink_dns_support
 
   default_vpc_tags = {
-    application = "${var.stack_item_fullname}"
+    application = var.stack_item_fullname
     managed_by  = "terraform"
     Name        = "${var.stack_item_label}-vpc"
   }
 }
 
 ## Provisions Virtual Private Cloud (VPC)
 resource "aws_vpc" "vpc" {
-  cidr_block                       = "${var.vpc_cidr}"
-  instance_tenancy                 = "${local.default_instance_tenancy}"
-  enable_dns_support               = "${var.enable_dns}"
-  enable_dns_hostnames             = "${var.enable_hostnames}"
-  enable_classiclink               = "${var.enable_classiclink}"
-  enable_classiclink_dns_support   = "${var.enable_classiclink_dns_support}"
-  assign_generated_ipv6_cidr_block = "${var.assign_generated_ipv6_cidr_block}"
-
-  tags = "${merge(local.default_vpc_tags, var.additional_vpc_tags)}"
+  cidr_block                       = var.vpc_cidr
+  instance_tenancy                 = local.default_instance_tenancy
+  enable_dns_support               = var.enable_dns
+  enable_dns_hostnames             = var.enable_hostnames
+  enable_classiclink               = var.enable_classiclink
+  enable_classiclink_dns_support   = var.enable_classiclink_dns_support
+  assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block
+
+  tags = merge(local.default_vpc_tags, var.additional_vpc_tags)
 }
 
 ## Provisions Internet gateways
 resource "aws_internet_gateway" "igw" {
-  vpc_id = "${aws_vpc.vpc.id}"
+  vpc_id = aws_vpc.vpc.id
 
-  tags {
-    application = "${var.stack_item_fullname}"
+  tags = {
+    application = var.stack_item_fullname
     managed_by  = "terraform"
     Name        = "${var.stack_item_label}-igw"
   }
 }
 
 ## Provisions DMZ routing table
 resource "aws_route_table" "rt_dmz" {
-  propagating_vgws = ["${compact(var.vgw_ids)}"]
-  vpc_id           = "${aws_vpc.vpc.id}"
+  propagating_vgws = compact(var.vgw_ids)
+  vpc_id           = aws_vpc.vpc.id
 
-  tags {
-    application = "${var.stack_item_fullname}"
+  tags = {
+    application = var.stack_item_fullname
     managed_by  = "terraform"
     Name        = "${var.stack_item_label}-dmz"
   }
@@ -69,7 +73,7 @@ data "aws_iam_policy_document" "flow_log_role" {
 }
 
 resource "aws_iam_role" "flow_log_role" {
-  assume_role_policy = "${data.aws_iam_policy_document.flow_log_role.json}"
+  assume_role_policy = data.aws_iam_policy_document.flow_log_role.json
   name_prefix        = "${var.stack_item_label}-vpc-logs-"
 }
 
@@ -83,19 +87,19 @@ data "aws_iam_policy_document" "flow_log_policy" {
       "logs:DescribeLogStreams",
     ]
 
-    resources = ["${aws_cloudwatch_log_group.flow_log_group.arn}"]
+    resources = [aws_cloudwatch_log_group.flow_log_group.arn]
   }
 }
 
 resource "aws_iam_role_policy" "flow_log_role_policies" {
   name   = "logs"
-  policy = "${data.aws_iam_policy_document.flow_log_policy.json}"
-  role   = "${aws_iam_role.flow_log_role.id}"
+  policy = data.aws_iam_policy_document.flow_log_policy.json
+  role   = aws_iam_role.flow_log_role.id
 }
 
 resource "aws_flow_log" "flow_log" {
-  log_destination = "${aws_cloudwatch_log_group.flow_log_group.arn}"
-  iam_role_arn    = "${aws_iam_role.flow_log_role.arn}"
-  vpc_id          = "${aws_vpc.vpc.id}"
-  traffic_type    = "${var.flow_log_traffic_type}"
+  log_destination = aws_cloudwatch_log_group.flow_log_group.arn
+  iam_role_arn    = aws_iam_role.flow_log_role.arn
+  vpc_id          = aws_vpc.vpc.id
+  traffic_type    = var.flow_log_traffic_type
 }

base/outputs.tf

@@ -1,21 +1,21 @@
 # Output Variables
 
 output "flow_log_id" {
-  value = "${aws_flow_log.flow_log.id}"
+  value = aws_flow_log.flow_log.id
 }
 
 output "igw_id" {
-  value = "${aws_internet_gateway.igw.id}"
+  value = aws_internet_gateway.igw.id
 }
 
 output "rt_dmz_id" {
-  value = "${aws_route_table.rt_dmz.id}"
+  value = aws_route_table.rt_dmz.id
 }
 
 output "vpc_id" {
-  value = "${aws_vpc.vpc.id}"
+  value = aws_vpc.vpc.id
 }
 
 output "vpc_default_security_group_id" {
-  value = "${aws_vpc.vpc.default_security_group_id}"
+  value = aws_vpc.vpc.default_security_group_id
 }