From cba7ceaec1b2e625139924599b0e726c5c6ebd4f Mon Sep 17 00:00:00 2001
From: Pavlos-Petros Tournaris <p.tournaris@gmail.com>
Date: Tue, 19 Nov 2024 12:24:08 +0200
Subject: [PATCH] chore(nat-gateway): Add nat_gateway_tags_per_az variable for
 NAT gateways

---
 README.md               | 1 +
 examples/simple/main.tf | 6 ++++++
 main.tf                 | 1 +
 variables.tf            | 6 ++++++
 4 files changed, 14 insertions(+)

diff --git a/README.md b/README.md
index 97d959771..447e4fd45 100644
--- a/README.md
+++ b/README.md
@@ -502,6 +502,7 @@ No modules.
 | <a name="input_nat_eip_tags"></a> [nat\_eip\_tags](#input\_nat\_eip\_tags) | Additional tags for the NAT EIP | `map(string)` | `{}` | no |
 | <a name="input_nat_gateway_destination_cidr_block"></a> [nat\_gateway\_destination\_cidr\_block](#input\_nat\_gateway\_destination\_cidr\_block) | Used to pass a custom destination route for private NAT Gateway. If not specified, the default 0.0.0.0/0 is used as a destination route | `string` | `"0.0.0.0/0"` | no |
 | <a name="input_nat_gateway_tags"></a> [nat\_gateway\_tags](#input\_nat\_gateway\_tags) | Additional tags for the NAT gateways | `map(string)` | `{}` | no |
+| <a name="input_nat_gateway_tags_per_az"></a> [nat\_gateway\_tags\_per\_az](#input\_nat\_gateway\_tags\_per\_az) | Additional tags for the NAT gateways where the primary key is the AZ | `map(map(string))` | `{}` | no |
 | <a name="input_one_nat_gateway_per_az"></a> [one\_nat\_gateway\_per\_az](#input\_one\_nat\_gateway\_per\_az) | Should be true if you want only one NAT Gateway per availability zone. Requires `var.azs` to be set, and the number of `public_subnets` created to be greater than or equal to the number of availability zones specified in `var.azs` | `bool` | `false` | no |
 | <a name="input_outpost_acl_tags"></a> [outpost\_acl\_tags](#input\_outpost\_acl\_tags) | Additional tags for the outpost subnets network ACL | `map(string)` | `{}` | no |
 | <a name="input_outpost_arn"></a> [outpost\_arn](#input\_outpost\_arn) | ARN of Outpost you want to create a subnet in | `string` | `null` | no |
diff --git a/examples/simple/main.tf b/examples/simple/main.tf
index 324977173..a9bd3c0ba 100644
--- a/examples/simple/main.tf
+++ b/examples/simple/main.tf
@@ -32,4 +32,10 @@ module "vpc" {
   private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)]
 
   tags = local.tags
+
+  nat_gateway_tags_per_az = {
+    for az in local.azs : az => {
+      Name = "NAT Gateway - ${az}"
+    }
+  }
 }
diff --git a/main.tf b/main.tf
index 77cba6715..b5250e5e5 100644
--- a/main.tf
+++ b/main.tf
@@ -1096,6 +1096,7 @@ resource "aws_nat_gateway" "this" {
     },
     var.tags,
     var.nat_gateway_tags,
+    lookup(var.nat_gateway_tags_per_az, element(var.azs, count.index), {})
   )
 
   depends_on = [aws_internet_gateway.this]
diff --git a/variables.tf b/variables.tf
index 095cc8bdf..d583250fc 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1240,6 +1240,12 @@ variable "nat_gateway_tags" {
   default     = {}
 }
 
+variable "nat_gateway_tags_per_az" {
+  description = "Additional tags for the NAT gateways where the primary key is the AZ"
+  type        = map(map(string))
+  default     = {}
+}
+
 variable "nat_eip_tags" {
   description = "Additional tags for the NAT EIP"
   type        = map(string)