Skip to main content

AWS Transit Gateway Peering

GitHub Logo Terraform Logo

Usage

This module creates both sides of a TGW Peering thus it needs two different AWS providers specified in the providers meta-argument. Without two providers it would be impossible to peer between two distinct AWS regions.

The local side requires the provider entry named aws, the remote remote side requires the provider entry named aws.remote. The attachment is owned by the local side, and the attachment acceptor is owned by the remote side.

module transit_gateway_peering {
  source = "../../modules/transit_gateway_peering"
  providers = {
    aws      = aws.east
    aws.remote = aws.west
  }

  local_tgw_route_table   = module.transit_gateway_east.route_tables["traffic_from_west"]
  remote_tgw_route_table  = module.transit_gateway_west.route_tables["traffic_from_east"]
}

provider "aws" {
  alias  = "east"
  region = "us-east-2"
}

provider "aws" {
  alias  = "west"
  region = "us-west-2"
}

The static routes are currently not handled by this module.

Reference

Requirements

NameVersion
terraform>= 1.0.0, < 2.0.0
aws~> 5.17

Providers

NameVersion
aws~> 5.17
aws.remote~> 5.17

Modules

No modules.

Resources

NameType
aws_ec2_transit_gateway_peering_attachment.thisresource
aws_ec2_transit_gateway_peering_attachment_accepter.remoteresource
aws_ec2_transit_gateway_route_table_association.localresource
aws_ec2_transit_gateway_route_table_association.remoteresource
aws_caller_identity.remotedata source
aws_region.remote_regiondata source

Inputs

NameDescriptionTypeDefaultRequired
local_attachment_tagsAWS tags to assign to the Attachment object. The tags are only visible in the UI when logged on the local account, but not when logged on the remote peer account. Example: { Name = "my-name" }map(string){}no
local_tgw_route_tableLocal TGW's pre-existing route table which should handle the traffic coming from the remote TGW. In other words a route table associated to the peering in the local region. An object with two attributes, the id of the local route table and the transit_gateway_id of the local TGW:
transit_gateway_route_table = {
  id                 = "tgw-rtb-1234"
  transit_gateway_id = "tgw-1234"
}
object({
    id                 = string
    transit_gateway_id = string
  })
n/ayes
remote_tgw_route_tableAnalog to the local_tgw_route_table but on the remote end of the peering.
object({
    id                 = string
    transit_gateway_id = string
  })
n/ayes
tagsAWS tags to assign to all the created objects. Example: { Team = "my-team" }map(string){}no

Outputs

NameDescription
local_route_tableThe route table associated to the TGW Peering Attachment, owned by the provider aws.
peering_attachmentThe TGW Peering Attachment object, created under the provider aws.
peering_attachment_accepterThe Accepter object, created under the provider aws.remote.
remote_route_tableThe route table associated to the TGW Peering Attachment, owned by the provider aws.remote.