From 84835431065a0ca47a4aae3f4421ba6b225cea73 Mon Sep 17 00:00:00 2001
From: Deshmukh <viddeshmukh@deloitte.com>
Date: Wed, 4 Dec 2024 17:41:49 +0530
Subject: [PATCH] reverted the postgres public accessible attribute logic

---
 main.tf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 13d8d656..feac989b 100755
--- a/main.tf
+++ b/main.tf
@@ -99,6 +99,7 @@ module "vpc" {
   vpc_nist_endpoints     = var.vpc_nist_endpoints
   local_s3_bucket_arn = var.enable_nist_features == false ? null : local.bucket_exists == "false" ? module.spoke_logging_bucket[0].local_s3_bucket_arn : "arn:aws:s3:::aws-waf-logs-infra-${var.spoke_account_id}-${var.location}-bkt"
   depends_on          = [module.spoke_logging_bucket]
+
 }
 
 # EKS Setup - https://github.com/terraform-aws-modules/terraform-aws-eks
@@ -312,7 +313,7 @@ module "postgresql" {
   tags = merge(local.tags, { "Backup" = var.enable_nist_features == true ? "Enabled" : null })
 
   # DB subnet group - use public subnet if public access is requested
-  publicly_accessible =  var.enable_nist_features == true ? false : true
+  publicly_accessible =  length(local.postgres_public_access_cidrs) > 0 && var.enable_nist_features == false ? true : false
   subnet_ids          = length(local.postgres_public_access_cidrs) > 0 ? length(module.vpc.public_subnets) > 0 ? module.vpc.database_subnets : module.vpc.database_subnets : module.vpc.database_subnets
 
   # DB parameter group