12345678910111213141516171819202122232425262728293031 |
- resource "aws_ram_resource_share_accepter" "accept_tgw_share" {
- count = var.accept_tgw_invitation ? 1 : 0
- share_arn = var.tgw_share_arn
- }
- resource "aws_ec2_transit_gateway_vpc_attachment" "attach_tgw" {
- count = var.vpc_info["tgw_attached"] ? 1 : 0
- depends_on = [aws_ram_resource_share_accepter.accept_tgw_share]
- #subnet_ids = concat(module.vpc.public_subnets, module.vpc.private_subnets)
- subnet_ids = module.vpc.private_subnets # Note: Connects to all subnets in vpc, not just private ones
- transit_gateway_id = var.tgw_id
- vpc_id = module.vpc.vpc_id
- tags = merge(
- local.standard_tags,
- var.tags
- )
- }
- # The VPC automatically tells the TGW about its network, but the
- # VPCs themselves need to know what all to send to the TGW. For
- # our purposes, it's only RFC1918 addresses. In fact, just
- # 10.0.0.0/8 for now.
- resource "aws_route" "route_to_10" {
- for_each = toset(concat(module.vpc.private_route_table_ids, module.vpc.public_route_table_ids))
- route_table_id = each.value
- destination_cidr_block = "10.0.0.0/8"
- transit_gateway_id = var.tgw_id
- }
|