Enable private IP by default (#37)

* Enable private IP by default

Co-authored-by: sahir-khan <[email protected]>

* Add var to README docs and add EOF line

Co-authored-by: sahir-khan <[email protected]>

modules/metadata-service/README.md

@@ -36,6 +36,7 @@ If the `access_list_cidr_blocks` variable is set, only traffic originating from
 | <a name="input_subnet1_id"></a> [subnet1\_id](#input\_subnet1\_id) | First private subnet used for availability zone redundancy | `string` | n/a | yes |
 | <a name="input_subnet2_id"></a> [subnet2\_id](#input\_subnet2\_id) | Second private subnet used for availability zone redundancy | `string` | n/a | yes |
 | <a name="input_vpc_cidr_blocks"></a> [vpc\_cidr\_blocks](#input\_vpc\_cidr\_blocks) | The VPC CIDR blocks that we'll access list on our Metadata Service API to allow all internal communications | `list(string)` | n/a | yes |
+| <a name="input_with_public_ip"></a> [with\_public\_ip](#input\_with\_public\_ip) | Enable private IP by default | `bool` | `false` | no |
 
 ## Outputs
 

modules/metadata-service/ecs.tf

@@ -74,7 +74,7 @@ resource "aws_ecs_service" "this" {
 
   network_configuration {
     security_groups  = [aws_security_group.metadata_service_security_group.id]
-    assign_public_ip = true
+    assign_public_ip = var.with_public_ip
     subnets          = [var.subnet1_id, var.subnet2_id]
   }
 

modules/metadata-service/variables.tf

@@ -109,3 +109,9 @@ variable "vpc_cidr_blocks" {
   type        = list(string)
   description = "The VPC CIDR blocks that we'll access list on our Metadata Service API to allow all internal communications"
 }
+
+variable "with_public_ip" {
+  type        = bool
+  default     = false
+  description = "Enable private IP by default"
+}