From 3e87f8248125c6e3340f918e684da88c3a172be1 Mon Sep 17 00:00:00 2001 From: Arshad Zackeriya Date: Mon, 27 Feb 2023 09:08:05 +1300 Subject: [PATCH] - add name tags to tgw attachments - update default rule group --- aws-network-firewall.tf | 2 +- tgw.tf | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/aws-network-firewall.tf b/aws-network-firewall.tf index 70b0b28..4bf6ea9 100644 --- a/aws-network-firewall.tf +++ b/aws-network-firewall.tf @@ -19,7 +19,7 @@ resource "aws_networkfirewall_rule_group" "default_rule_group" { stateless_rule { priority = 10 rule_definition { - actions = ["aws:pass"] + actions = ["aws:forward_to_sfe"] match_attributes { source { address_definition = var.egress_vpc_cidr diff --git a/tgw.tf b/tgw.tf index e49cd61..62c7beb 100644 --- a/tgw.tf +++ b/tgw.tf @@ -19,6 +19,9 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "inspection_vpc" { transit_gateway_default_route_table_propagation = false transit_gateway_id = aws_ec2_transit_gateway.tgw.id vpc_id = module.inspection_vpc.vpc_id + tags = { + Name = "inspection_vpc" + } } #TGW App VPC attachment @@ -31,6 +34,9 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "app_vpc" { transit_gateway_default_route_table_propagation = false transit_gateway_id = aws_ec2_transit_gateway.tgw.id vpc_id = module.app_vpc.vpc_id + tags = { + Name = "app_vpc" + } } #TGW Egress VPC attachment @@ -43,6 +49,9 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "egress_vpc" { transit_gateway_default_route_table_propagation = false transit_gateway_id = aws_ec2_transit_gateway.tgw.id vpc_id = module.egress_vpc.vpc_id + tags = { + Name = "egress_vpc" + } } #TGW Route Tables