Merge pull request #78 from mdr-engineering/feature/ftd_MSOCI-1442_AttachVPCsToTransitGateway

Transit Gateway Attachments Redone via 'standard_vpc' Module

prod/aws-us-gov/mdr-prod-c2/010-vpc-access/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-access"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/010-vpc-portal/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-portal"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/010-vpc-private-services/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-private-services"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/010-vpc-public/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-public"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/010-vpc-splunk/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/010-vpc-system-services/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws-us-gov/mdr-prod-c2/018-interconnect-instances/terragrunt.hcl

@@ -17,7 +17,7 @@ terraform {
 }
 
 dependency "security_vpc" {
-  config_path = "../015-security-vpc"
+  config_path = "../015-security-vpc-interconnects"
 }
 
 # Include all settings from the root terragrunt.hcl file

prod/aws-us-gov/mdr-prod-c2/account.hcl

@@ -16,42 +16,50 @@ locals {
     "vpc-splunk" = {
       "name" = "vpc-splunk"
       "purpose" = "Splunk Systems (MOOSE)"
-      "cidr" = "10.20.16.0/22"
+      "cidr" = "10.20.16.0/22",
+      "tgw_attached" = true,
     },
     "vpc-system-services" = {
       "name" = "vpc-system-services",
       "purpose" = "Internal Services for Systems",
       "cidr" = "10.40.0.0/22",
+      "tgw_attached" = false, # Attached via tgw creation
     },
     "vpc-qualys" = {
       "name" = "vpc-qualys",
       "purpose" = "Security Scanning",
-      "cidr" = "10.40.12.0/22"
+      "cidr" = "10.40.12.0/22",
+      "tgw_attached" = true,
     },
     "vpc-interconnects" = {
       "name" = "vpc-interconnects",
       "purpose" = "Interconnections between AWS partitions",
-      "cidr" = "10.179.0.0/22"
+      "cidr" = "10.179.0.0/22",
+      "tgw_attached" = true,
     },
     "vpc-access" = {
       "name" = "vpc-access"
       "purpose" = "Systems providing restricted access, such as bastions and vpn concentrators"
-      "cidr" = "10.40.20.0/22"
+      "cidr" = "10.40.20.0/22",
+      "tgw_attached" = true,
     },
     "vpc-portal" = {
       "name" = "vpc-portal"
       "purpose" = "The Customer Portal"
-      "cidr" = "10.40.32.0/24"
+      "cidr" = "10.40.32.0/24",
+      "tgw_attached" = true,
     },
     "vpc-public" = {
       "name" = "vpc-public"
       "purpose" = "Publicly Accessible Infrastructure Services, such as GHE and Jira"
-      "cidr" = "10.40.24.0/22"
+      "cidr" = "10.40.24.0/22",
+      "tgw_attached" = true,
     },
     "vpc-private-services" = {
       "name" = "vpc-private-services"
       "purpose" = "Private XDR Services for XDR users"
-      "cidr" = "10.40.28.0/22"
+      "cidr" = "10.40.28.0/22",
+      "tgw_attached" = true,
     },
   }
 

prod/aws/mdr-prod-c2/010-vpc-system-services/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

prod/aws/mdr-prod-c2/account.hcl

@@ -15,16 +15,19 @@ locals {
       "name" = "vpc-system-services",
       "purpose" = "Internal Services for Systems",
       "cidr" = "10.32.0.0/22",
+      "tgw_attached" = false, # Attached via tgw creation
     },
     "vpc-qualys" = {
       "name" = "vpc-qualys",
       "purpose" = "Security Scanning",
       "cidr" = "10.32.12.0/22",
+      "tgw_attached" = true,
     },
     "vpc-security" = {
       "name" = "vpc-interconnects",
       "purpose" = "Interconnections between AWS partitions",
       "cidr" = "10.179.4.0/22",
+      "tgw_attached" = true,
     }
   }
 

test/aws-us-gov/mdr-test-c2/010-vpc-access/terragrunt.hcl

@@ -13,7 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,6 +30,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-access"]
   tags = {
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"

test/aws-us-gov/mdr-test-c2/010-vpc-portal/terragrunt.hcl

@@ -13,7 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,6 +30,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-portal"]
   tags = {
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"

test/aws-us-gov/mdr-test-c2/010-vpc-private-services/terragrunt.hcl

@@ -13,7 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,6 +30,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-private-services"]
   tags = {
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"

test/aws-us-gov/mdr-test-c2/010-vpc-public/terragrunt.hcl

@@ -13,7 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,6 +30,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-public"]
   tags = {
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"

test/aws-us-gov/mdr-test-c2/010-vpc-splunk/terragrunt.hcl

@@ -13,7 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -26,6 +30,10 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"

test/aws-us-gov/mdr-test-c2/010-vpc-system-services/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-c2/018-interconnect-instances/terragrunt.hcl

@@ -13,11 +13,11 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/interconnects?ref=v0.6.6"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/interconnects?ref=v0.8.1"
 }
 
 dependency "security_vpc" {
-  config_path = "../015-security-vpc"
+  config_path = "../015-security-vpc-interconnects"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -37,4 +37,5 @@ inputs = {
   security_vpc = dependency.security_vpc.outputs.vpc_id
   azs = dependency.security_vpc.outputs.azs
   subnet_id_map = dependency.security_vpc.outputs.subnet_id_map
+  security_vpc_cidr = local.account_vars.locals.vpc_info["vpc-interconnects"]["cidr"]
 }

test/aws-us-gov/mdr-test-c2/account.hcl

@@ -14,42 +14,50 @@ locals {
     "vpc-splunk" = {
       "name" = "vpc-splunk"
       "purpose" = "Splunk Systems (MOOSE)"
-      "cidr" = "10.20.16.0/22"
+      "cidr" = "10.20.16.0/22",
+      "tgw_attached" = true,
     },
     "vpc-system-services" = {
       "name" = "vpc-system-services",
       "purpose" = "Internal Services for Systems (not people)",
       "cidr" = "10.20.0.0/22",
+      "tgw_attached" = false, # NOTE: This is attached via the transit gateway creation
     },
     "vpc-qualys" = {
       "name" = "vpc-qualys",
       "purpose" = "Security Scanning",
       "cidr" = "10.20.12.0/22",
+      "tgw_attached" = true,
     },
     "vpc-interconnects" = {
       "name" = "vpc-interconnects",
       "purpose" = "Interconnections between AWS partitions",
       "cidr" = "10.179.128.0/22",
+      "tgw_attached" = false,
     },
     "vpc-access" = {
       "name" = "vpc-access"
       "purpose" = "Systems providing restricted access, such as bastions and vpn concentrators"
       "cidr" = "10.20.20.0/22"
+      "tgw_attached" = true,
     },
     "vpc-portal" = {
       "name" = "vpc-portal"
       "purpose" = "The Customer Portal"
       "cidr" = "10.20.32.0/24"
+      "tgw_attached" = true,
     },
     "vpc-public" = {
       "name" = "vpc-public"
       "purpose" = "Publicly Accessible Infrastructure Services, such as GHE and Jira"
       "cidr" = "10.20.24.0/22"
+      "tgw_attached" = true,
     },
     "vpc-private-services" = {
       "name" = "vpc-private-services"
       "purpose" = "Private XDR Services for XDR users"
       "cidr" = "10.20.28.0/22"
+      "tgw_attached" = true,
     },
   }
 

test/aws-us-gov/mdr-test-malware/010-vpc-vmray/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,11 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = true # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-vmray"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-malware/020-attach-transit-gateway-to-vpc-vmray/README.md

@@ -1,5 +0,0 @@
-# Attaches this account's standard VPCs to the transit gateway
-
-You can reuse this module to attach additional VPCs by updating
-either the dependencies or the inputs, as appropriate.
-

test/aws-us-gov/mdr-test-malware/020-attach-transit-gateway-to-vpc-vmray/terragrunt.hcl

@@ -1,50 +0,0 @@
-locals {
-  # If you want to use any of the variables in _this_ file, you have to load them here.
-  # However, they will all be available as inputs to the module loaded in terraform.source
-  # below.
-
-  # e.g. inherited variables:
-  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
-  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-}
-
-dependency "transit_gateway" {
-  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
-}
-
-dependency "vpc-vmray" {
-  config_path = "../010-vpc-vmray"
-}
-
-
-# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
-# working directory, into a temporary folder, and execute your Terraform commands in that folder.
-terraform {
-  # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/transit_gateway_client?ref=v0.5.1"
-}
-
-# Include all settings from the root terragrunt.hcl file
-include {
-  path = find_in_parent_folders()
-}
-
-# These are the variables we have to pass in to use the module specified in the terragrunt source above
-inputs = {
-  # All of the inputs from the inherited hcl files are available automatically
-  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
-  # will be more flexible if you specify particular input values.
-  tags = {
-    Name = "${local.partition_vars.locals.aws_partition_alias}-${local.environment_vars.locals.environment}"
-    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
-  }
-  accept_invitation = true # Should only be true for the first one
-  share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
-  tgw_id = dependency.transit_gateway.outputs.tgw_id
-  vpc_id = dependency.vpc-vmray.outputs.vpc_id
-  subnets = dependency.vpc-vmray.outputs.private_subnets
-  route_tables = concat(dependency.vpc-vmray.outputs.private_route_tables, dependency.vpc-vmray.outputs.public_route_tables)
-}

test/aws-us-gov/mdr-test-malware/account.hcl

@@ -15,6 +15,7 @@ locals {
       "name" = "vpc-vmray",
       "purpose" = "Malware detonation",
       "cidr" = "10.20.4.0/22",
+      "tgw_attached" = true,
     }
   }
 

test/aws-us-gov/mdr-test-modelclient/010-vpc-splunk/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,11 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = true # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws-us-gov/mdr-test-modelclient/020-attach-transit-gateway-to-vpc-splunk/README.md

@@ -1,5 +0,0 @@
-# Attaches this account's standard VPCs to the transit gateway
-
-You can reuse this module to attach additional VPCs by updating
-either the dependencies or the inputs, as appropriate.
-

test/aws-us-gov/mdr-test-modelclient/020-attach-transit-gateway-to-vpc-splunk/terragrunt.hcl

@@ -1,50 +0,0 @@
-locals {
-  # If you want to use any of the variables in _this_ file, you have to load them here.
-  # However, they will all be available as inputs to the module loaded in terraform.source
-  # below.
-
-  # e.g. inherited variables:
-  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
-  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-}
-
-dependency "transit_gateway" {
-  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
-}
-
-dependency "standard_vpc" {
-  config_path = "../010-vpc-splunk"
-}
-
-
-# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
-# working directory, into a temporary folder, and execute your Terraform commands in that folder.
-terraform {
-  # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/transit_gateway_client?ref=v0.5.1"
-}
-
-# Include all settings from the root terragrunt.hcl file
-include {
-  path = find_in_parent_folders()
-}
-
-# These are the variables we have to pass in to use the module specified in the terragrunt source above
-inputs = {
-  # All of the inputs from the inherited hcl files are available automatically
-  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
-  # will be more flexible if you specify particular input values.
-  tags = {
-    Name = "${local.partition_vars.locals.aws_partition_alias}-${local.environment_vars.locals.environment}"
-    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
-  }
-  accept_invitation = true # Should only be true for the first one
-  share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
-  tgw_id = dependency.transit_gateway.outputs.tgw_id
-  vpc_id = dependency.standard_vpc.outputs.vpc_id
-  subnets = dependency.standard_vpc.outputs.private_subnets
-  route_tables = concat(dependency.standard_vpc.outputs.private_route_tables, dependency.standard_vpc.outputs.public_route_tables)
-}

test/aws-us-gov/mdr-test-modelclient/account.hcl

@@ -15,6 +15,7 @@ locals {
       "name" = "vpc-splunk",
       "purpose" = "Splunk Systems",
       "cidr" = "10.20.8.0/22",
+      "tgw_attached" = true,
     }
   }
 

test/aws/mdr-test-c2/010-vpc-system-services/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,12 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = false # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  # no arns for the account hosting the transit gateway
+  #tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-system-services"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws/mdr-test-c2/account.hcl

@@ -15,6 +15,7 @@ locals {
       "name" = "vpc-system-services",
       "purpose" = "Internal Services for Systems",
       "cidr" = "10.16.0.0/22",
+      "tgw_attached" = false, # Attached via transit gateway creation
     }
   }
 

test/aws/mdr-test-modelclient/010-vpc-splunk/terragrunt.hcl

@@ -2,23 +2,22 @@ locals {
   # If you want to use any of the variables in _this_ file, you have to load them here.
   # However, they will all be available as inputs to the module loaded in terraform.source
   # below.
-
-  # e.g. inherited variables:
-  #environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  #partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  #region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
   account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  #global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-
-  # Extract out common variables for reuse
-  #env = local.environment_vars.locals.environment
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 }
 
 # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.0"
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/standard_vpc?ref=v0.8.1"
+}
+
+dependency "transit_gateway" {
+  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
 }
 
 # Include all settings from the root terragrunt.hcl file
@@ -31,9 +30,11 @@ inputs = {
   # All of the inputs from the inherited hcl files are available automatically
   # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
   # will be more flexible if you specify particular input values.
+  accept_tgw_invitation = true # Should we accept the Transit GT invitation? Should only be true for the first vpc
+  tgw_share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
+  tgw_id = dependency.transit_gateway.outputs.tgw_id
   vpc_info = local.account_vars.locals.vpc_info["vpc-splunk"]
   tags = {
-    #Purpose # grabbed from vpc_info
     Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
   }
 }

test/aws/mdr-test-modelclient/020-attach-transit-gateway-to-vpc-splunk/README.md

@@ -1,5 +0,0 @@
-# Attaches this account's standard VPCs to the transit gateway
-
-You can reuse this module to attach additional VPCs by updating
-either the dependencies or the inputs, as appropriate.
-

test/aws/mdr-test-modelclient/020-attach-transit-gateway-to-vpc-splunk/terragrunt.hcl

@@ -1,50 +0,0 @@
-locals {
-  # If you want to use any of the variables in _this_ file, you have to load them here.
-  # However, they will all be available as inputs to the module loaded in terraform.source
-  # below.
-
-  # e.g. inherited variables:
-  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
-  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
-  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
-  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
-  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
-}
-
-dependency "transit_gateway" {
-  config_path = "../../${local.environment_vars.locals.transit_gateway_account_name}/008-transit-gateway-hub"
-}
-
-dependency "vpc_splunk" {
-  config_path = "../010-vpc-splunk"
-}
-
-
-# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
-# working directory, into a temporary folder, and execute your Terraform commands in that folder.
-terraform {
-  # Double slash is intentional and required to show root of modules
-  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/transit_gateway_client?ref=v0.5.1"
-}
-
-# Include all settings from the root terragrunt.hcl file
-include {
-  path = find_in_parent_folders()
-}
-
-# These are the variables we have to pass in to use the module specified in the terragrunt source above
-inputs = {
-  # All of the inputs from the inherited hcl files are available automatically
-  # (via the `inputs` section of the root `terragrunt.hcl`). However, modules
-  # will be more flexible if you specify particular input values.
-  tags = {
-    Name = "${local.partition_vars.locals.aws_partition_alias}-${local.environment_vars.locals.environment}"
-    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
-  }
-  accept_invitation = true # Should only be true for the first one
-  share_arn = dependency.transit_gateway.outputs.resource_share_arns[local.account_vars.locals.aws_account_id]
-  tgw_id = dependency.transit_gateway.outputs.tgw_id
-  vpc_id = dependency.vpc_splunk.outputs.vpc_id
-  subnets = dependency.vpc_splunk.outputs.private_subnets
-  route_tables = concat(dependency.vpc_splunk.outputs.private_route_tables, dependency.vpc_splunk.outputs.public_route_tables)
-}

test/aws/mdr-test-modelclient/account.hcl

@@ -14,6 +14,7 @@ locals {
       name = "vpc-splunk",
       purpose = "Splunk Systems",
       cidr = "10.16.8.0/22",
+      tgw_attached = true,
     }
   }