feat: Add toggle to disable default route creation for public route tables

[HasseJohansen]

Description

This changes introduces a variable public_enable_default_route so a default route for public subnets is not created when set to false . This enables the user to create its own default route to other gateways than Internet Gateway (IGW)

Motivation and Context

It fixes the problem of not being able to use ex. Network Firewall and enables the use case where users will need to change default route to something else than the IGW

How Has This Been Tested?

I have tested my changes from a module using the VPC. Setting the public_enable_default_route flag to false -> default route is not created for public subnet route tables

removing the public_enable_default_route flag from the settings passed to the module -> The default route to IGW is created for each public subnet route table

• I have executed pre-commit run -a on my pull request

closes: #1187

[github-actions]

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

[HasseJohansen]

Please do not close. Can we have some action on this? or a decission if this is going to be merged or you would merge #1190 ?

[github-actions]

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

[HasseJohansen]

Please do not close

[larivierec-psl]

this would solve #1187

[bryantbiggs]

I'll take a look at the Network Firewall integration options today

[HasseJohansen]

@bryantbiggs I synchronised with master and somehow this pre-commit check now fails. I can't really figure out what the problem is? (also because when I run pre-commit locally I just get a lot of error that region is an unsupported variable like:

Validation failed: examples/simple
╷
│ Error: Unsupported argument
│
│   on ../../main.tf line 31, in resource "aws_vpc" "this":
│   31:   region = var.region
│
│ An argument named "region" is not expected here.

[HasseJohansen]

Got it working. It seems between when I made the PR originally we now also need to add new options to the wrappers/main.tf

Is there any chance I can get this merged?

[bengaywins]

@bryantbiggs Is there any idea of if/when this would get merged? We are deploying an NGFW and without this, we're basically forcing the allowance of drift. Which isn't ideal for obvious reasons, but this is the big thing we need to allow for changing the 0/0 route.

(yes I know I posted this same thing in both but it's not clear which may or may not be merged)

[HasseJohansen]

I would also like that this gets some traction. I must say I am surprised that there is not more activity in what I believe is the goto module for vpc creation in the terraform community

I have been using my fork since I opened this pull request - also in production

and anyway it is a very small change which defaults to the “old behaviour” so I don’t see much risk in merging it (but maybe maintainers see something I haven’t though about)

[bryantbiggs]

I would also like that this gets some traction. I must say I am surprised that there is not more activity in what I believe is the goto module for vpc creation in the terraform community

I have been using my fork since I opened this pull request - also in production

and anyway it is a very small change which defaults to the “old behaviour” so I don’t see much risk in merging it (but maybe maintainers see something I haven’t though about)

folks tend to look at changes in isolation, which we do not (nor could we, otherwise the modules wouldn't be as widely used)

we also have to work at jobs that generate income since these modules provide zero income. so if you wish to gain more traction on changes, consider sponsoring us. I think people would s*&t their pants if they knew how much revenue is attributed to these modules, but we don't see a dime of it (revenue on the AWS side as well as the consumer/user side)