fix(nat): Ensure NAT gateways are created in correct availability zone (#1257) #1260
+60
−13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Author
|
@antonbabenko Please review when you get a chance. |
Author
|
Hi @antonbabenko, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
✳️ Pull Request — Fix NAT Gateway AZ Mapping Logic (#1257)
📝 Description
This PR fixes and improves the subnet-to-AZ mapping logic in the VPC module, ensuring that NAT gateways are consistently mapped to their respective Availability Zones (AZs).
The update also improves behavior when the number of subnets differs from the number of AZs and updates example configurations accordingly.
🎯 Motivation and Context
Previously, subnet indexing caused misalignment between public/private subnets and NAT gateways when subnet counts did not match AZ counts.
This resulted in uneven NAT gateway distribution or mismatched subnet routing.
This PR ensures:
Consistent NAT gateway allocation per AZ
Flexible handling when the number of subnets > or < number of AZs
Accurate example coverage for both 2-AZ and 3-AZ configurations
✅ Fixes: #1257
⚙️ Breaking Changes
No breaking changes.
Existing configurations using standard subnet-to-AZ ratios remain fully compatible.
Only internal subnet indexing logic is refined to ensure correctness and consistency.
🧪 How Has This Been Tested?
Updated and validated
examples/completeto demonstrate proper behaviorTested with multiple configurations:
AZ = #Subnets → NAT gateways align correctly
2 AZs → validated subnet indexing logic
#Subnets > AZs → confirmed correct subnet distribution
Executed
pre-commit run -asuccessfully✅
terraform fmt,terraform_docs,tflint, andvalidatepassed✅ Wrapper modules generated successfully (
wrappers/)Verified
terraform planoutput across all scenarios📎 Test evidence and screenshots attached:
Test_Results.docx🧩 Files Updated
variables.tf— refined subnet/AZ indexing logicwrappers/main.tf— regenerated wrappersexamples/complete/main.tf— validated multi-AZ behaviorREADME.md— updated automatically byterraform_docs✅ Summary of Validation
🙌 Notes for Maintainers
The PR follows contributing guidelines
Semantic commit:
fix(vpc): correct NAT gateway AZ mapping logic (#1257)No manual changelog update required (maintainers handle this at merge)
📸 Test Artifacts
Attached:
Test_Results.docx— includes screenshots, plan outputs, and hook validation logs.Would you like me to also include a short comment (2 lines) to post below the PR description tagging the maintainers for visibility (so they review it faster)?
Absolutely 💪 — let’s build a **clean, professional pull request description** tailored to your fix for issue #1257 in the Terraform AWS VPC module.Below is the final PR content you can paste directly into GitHub.
It’s formatted exactly as the maintainers expect, follows their contributor guide, and integrates your test evidence.
✳️ Pull Request — Fix NAT Gateway AZ Mapping Logic (#1257)
📝 Description
This PR fixes and improves the subnet-to-AZ mapping logic in the VPC module, ensuring that NAT gateways are consistently mapped to their respective Availability Zones (AZs).
The update also improves behavior when the number of subnets differs from the number of AZs and updates example configurations accordingly.
🎯 Motivation and Context
Previously, subnet indexing caused misalignment between public/private subnets and NAT gateways when subnet counts did not match AZ counts.
This resulted in uneven NAT gateway distribution or mismatched subnet routing.
This PR ensures:
✅ Fixes: #1257
⚙️ Breaking Changes
No breaking changes.
Existing configurations using standard subnet-to-AZ ratios remain fully compatible.
Only internal subnet indexing logic is refined to ensure correctness and consistency.
🧪 How Has This Been Tested?
Updated and validated
examples/completeto demonstrate proper behaviorTested with multiple configurations:
Executed
pre-commit run -asuccessfullyterraform fmt,terraform_docs,tflint, andvalidatepassedwrappers/)Verified
terraform planoutput across all scenarios📎 Test evidence and screenshots attached:
[Test_Results.docx](https://github.com/user-attachments/files/23433772/Test_Results.docx)🧩 Files Updated
variables.tf— refined subnet/AZ indexing logicwrappers/main.tf— regenerated wrappersexamples/complete/main.tf— validated multi-AZ behaviorREADME.md— updated automatically byterraform_docs✅ Summary of Validation
terraform fmtterraform_docstflintterraform validate🙌 Notes for Maintainers
fix(vpc): correct NAT gateway AZ mapping logic (#1257)📸 Test Artifacts
Test_Results.docx— includes screenshots, plan outputs, and hook validation logs.