You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This module will manage a Transit Gateway, as well as its Route Tables, Routes, VPC attachments, Route
Table associations and propagations, and VPC routes associated with the VPC attachments.
Submodules
This module includes several submodules for different workflows and use cases.
cross-account-vpc-attachment: Creates a cross-account Transit
Gateway VPC Attachment by managing the invite/accept interaction between two accounts. Requires two
providers, one for each account. The providers must be different accounts, and must be using the same
region. The Transit Gateway must be shared using the AWS Resource Access Manager.
cross-region-peering-attachment:: Creates a cross-region
Peering Attachment, managing the invite/accept workflow between the two regions. Requires two providers,
one for each region. The providers may be the same or different account, but must be different
regions.
peering-accepter: Accepts a peering attachment request. Used by the
cross-region-peering-attachment module.
peering-attachment: Sends a peering attachment invite. Used by the
cross-region-peering-attachment module.
route-table: Creates a Transit Gateway Route Table.
vpc-accepter: Accepts a VPC attachment request. Used by the cross-account-vpc-attachment
module. Will also the create Transit Gateway Route Table association and propagations for the attachment,
and will manage VPC routes associated with the attachment.
vpc-attachment: Sends a VPC attachment invite. Used by the cross-account-vpc-attachment
module. Will also the create Transit Gateway Route Table association and propagations for the attachment,
and will manage VPC routes associated with the attachment.
Private Autonomous System Number (ASN) for the Amazon side of a BGP session (range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASN)
List of TGW prefix list references to add to TGW route tables
list(object({ # name used as for_each key name = string prefix_list_id = string # name from route_tables or id of a pre-existing route table transit_gateway_route_table = string
blackhole = optional(bool, false) default_route_table = optional(bool, false) # name from vpc_attachments or id of a pre-existing tgw attachment transit_gateway_attachment = optional(string) }))
list(object({ # name used as for_each key name = string blackhole = bool default_route_table = bool destination_cidr_block = string # name from vpc_attachments or id of a pre-existing tgw attachment transit_gateway_attachment = string # name from route_tables or id of a pre-existing route table transit_gateway_route_table = string }))
List of VPC attachments to create with the transit gateway
list(object({ # name used as for_each key name = string subnet_ids = list(string) appliance_mode_support = string dns_support = string ipv6_support = string tags = map(string) vpc_routes = optional(list(object({ # name is used as for_each key name = string route_table_id = string destination_cidr_block = optional(string) destination_ipv6_cidr_block = optional(string) destination_prefix_list_id = optional(string) })), []) transit_gateway_default_route_table_association = bool transit_gateway_default_route_table_propagation = bool # name from route_tables or id of a pre-existing route table transit_gateway_route_table_association = string # list of route table names from route_tables or ids of pre-existing route tables transit_gateway_route_table_propagations = list(string) }))
This module has tests that require multiple providers. In order to simplify the provider config, it
assumes you have AWS Profiles named aws and awsalternate. These profiles should
resolve a credential for two different accounts.