-
Notifications
You must be signed in to change notification settings - Fork 16
/
main.tf
58 lines (48 loc) · 2.5 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
resource "aws_ec2_transit_gateway_vpc_attachment" "this" {
subnet_ids = var.subnet_ids
transit_gateway_id = var.transit_gateway_id
vpc_id = data.aws_subnet.one.vpc_id
appliance_mode_support = var.appliance_mode_support
dns_support = var.dns_support
ipv6_support = var.ipv6_support
security_group_referencing_support = var.security_group_referencing_support
tags = var.tags
# default assocation and propagation values must be:
# `true` if transit gateway is owned by another account (shared using RAM)
# `false` if the transit gateway has no default route table (== "disable")
transit_gateway_default_route_table_association = (
var.cross_account) ? true : (
data.aws_ec2_transit_gateway.this[0].default_route_table_association == "disable") ? false : (
var.transit_gateway_default_route_table_association
)
transit_gateway_default_route_table_propagation = (
var.cross_account) ? true : (
data.aws_ec2_transit_gateway.this[0].default_route_table_propagation == "disable") ? false : (
var.transit_gateway_default_route_table_propagation
)
}
resource "aws_ec2_transit_gateway_route_table_association" "this" {
count = var.transit_gateway_route_table_association != null ? 1 : 0
transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.this.id
transit_gateway_route_table_id = var.transit_gateway_route_table_association.transit_gateway_route_table_id
}
resource "aws_ec2_transit_gateway_route_table_propagation" "this" {
for_each = { for route_table in var.transit_gateway_route_table_propagations : route_table.name => route_table }
transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.this.id
transit_gateway_route_table_id = each.value.transit_gateway_route_table_id
}
resource "aws_route" "this" {
for_each = { for route in var.vpc_routes : route.name => route }
route_table_id = each.value.route_table_id
destination_cidr_block = each.value.destination_cidr_block
destination_ipv6_cidr_block = each.value.destination_ipv6_cidr_block
destination_prefix_list_id = each.value.destination_prefix_list_id
transit_gateway_id = aws_ec2_transit_gateway_vpc_attachment.this.transit_gateway_id
}
data "aws_subnet" "one" {
id = var.subnet_ids[0]
}
data "aws_ec2_transit_gateway" "this" {
count = var.cross_account ? 0 : 1
id = var.transit_gateway_id
}