VPC Modules 0.27.0Last updated in version 0.27.0

Transit Gateway Attachment Terraform Module

This module creates a transit gateway attachment resource. A transit gateway attachment, attaches the transit gateway to a VPC. This module can be used to attach a transit gateway to multiple VPCs. Attaching a transit gateway to one or more VPCs creates a HUB and spoke routing topology, allowing traffic from one VPC to reach other VPCs or from a VPC to reach on-premises networks.

The module accepts a map of VPCs for attachment to the transit gateway. See the examples below for the structure of the map.

See VPC Core Concepts for more information on the core networking components and topologies.

What is a Transit Gateway Attachment?

A transit gateway attachment is a way to connect a transit gateway (virtual router) to a VPC. You can think of a VPC attachment just like a cat5e or cat6 network cable. By attaching the transit gateway, you're connecting the cable between the virtual router and a VPC. By attaching the transit gateway and then either configuring a route or enabling route propagation, you can route traffic between VPCs.

Usage

For usage examples, check out the examples folder.

Requirements

Name	Version
terraform	>= 1.0.0
aws	>= 4.5.0

Providers

Name	Version
aws	>= 4.5.0

Modules

No modules.

Resources

Name	Type
aws_ec2_transit_gateway_vpc_attachment.this	resource

Inputs

Name	Description	Type	Default	Required
custom_tags	A map of tags to apply to all resources when applicable. The key is the tag name and the value is the tag value. Note that the tag 'Name' is automatically added by this module but may be optionally overwritten by this variable.	`map(string)`	`{}`	no
enable_appliance_mode_support	Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is false.	`bool`	`false`	no
enable_dns_support	Whether DNS resolution is enabled for this VPC attachment. The default is false.	`bool`	`false`	no
enable_ipv6_support	Whether IPv6 support is enabled. If enabled, a private IPv6 address from the Amazon pool of IPv6 addresses is assigned to the Elastic Network Interface (ENI) for a VPC attachment. The default is false.	`bool`	`false`	no
enable_transit_gateway_default_route_table_association	Whether the VPC attachment should be associated with the Transit Gateway association default route table. The default is true.	`bool`	`true`	no
enable_transit_gateway_default_route_table_propagation	Whether the VPC attachment should propagate routes with the Transit Gateway propagation default route table. The default is true.	`bool`	`true`	no
transit_gateway_id	EC2 Transit Gateway identifier	`string`	n/a	yes
vpcs	A map of vpcs with their name and the subnet ids that the transit gateway will attach to. The subnet IDs configured here are the attachment point for the transit gateway. I.E. The transit gateway will have an IP on these subnets.	`map(object({<br> vpc_id = string<br> vpc_name = string<br> subnet_ids = list(string)<br> }))`	n/a	yes

Outputs

Name	Description
id	EC2 Transit Gateway Attachment identifier.

Sample Usage

Terraform
Terragrunt

main.tf

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S TRANSIT-GATEWAY-ATTACHMENT MODULE
# ------------------------------------------------------------------------------------------------------

module "transit_gateway_attachment" {

  source = "git::git@github.com:gruntwork-io/terraform-aws-vpc.git//modules/transit-gateway-attachment?ref=v0.27.0"

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # EC2 Transit Gateway identifier
  transit_gateway_id = <string>

  # A map of vpcs with their name and the subnet ids that the transit gateway
  # will attach to with optional creation of routing tables. See variable
  # definition for details
  vpcs = <map(object(
    vpc_id     = string
    vpc_name   = string
    subnet_ids = list(string)
    appliance_mode_support = optional(string, "disable")
    route_table = optional(string)
  ))>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # A map of tags to apply to all resources when applicable. The key is the tag
  # name and the value is the tag value. Note that the tag 'Name' is
  # automatically added by this module but may be optionally overwritten by this
  # variable.
  custom_tags = {}

  # Whether Appliance Mode support is enabled. If enabled, a traffic flow
  # between a source and destination uses the same Availability Zone for the VPC
  # attachment for the lifetime of that flow. The default is false.
  enable_appliance_mode_support = false

  # Whether DNS resolution is enabled for this VPC attachment. The default is
  # false.
  enable_dns_support = false

  # Whether IPv6 support is enabled. If enabled, a private IPv6 address from the
  # Amazon pool of IPv6 addresses is assigned to the Elastic Network Interface
  # (ENI) for a VPC attachment. The default is false.
  enable_ipv6_support = false

  # Whether the VPC attachment should propagate routes with the Transit Gateway
  # propagation non-default route tables. The default is false.
  enable_tgw_route_propagation = false

  # Whether the VPC attachment should be associated with the Transit Gateway
  # association default route table. The default is true.
  enable_transit_gateway_default_route_table_association = true

  # Whether the VPC attachment should propagate routes with the Transit Gateway
  # propagation default route table. The default is true.
  enable_transit_gateway_default_route_table_propagation = true

}

terragrunt.hcl

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S TRANSIT-GATEWAY-ATTACHMENT MODULE
# ------------------------------------------------------------------------------------------------------

terraform {
  source = "git::git@github.com:gruntwork-io/terraform-aws-vpc.git//modules/transit-gateway-attachment?ref=v0.27.0"
}

inputs = {

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # EC2 Transit Gateway identifier
  transit_gateway_id = <string>

  # A map of vpcs with their name and the subnet ids that the transit gateway
  # will attach to with optional creation of routing tables. See variable
  # definition for details
  vpcs = <map(object(
    vpc_id     = string
    vpc_name   = string
    subnet_ids = list(string)
    appliance_mode_support = optional(string, "disable")
    route_table = optional(string)
  ))>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # A map of tags to apply to all resources when applicable. The key is the tag
  # name and the value is the tag value. Note that the tag 'Name' is
  # automatically added by this module but may be optionally overwritten by this
  # variable.
  custom_tags = {}

  # Whether Appliance Mode support is enabled. If enabled, a traffic flow
  # between a source and destination uses the same Availability Zone for the VPC
  # attachment for the lifetime of that flow. The default is false.
  enable_appliance_mode_support = false

  # Whether DNS resolution is enabled for this VPC attachment. The default is
  # false.
  enable_dns_support = false

  # Whether IPv6 support is enabled. If enabled, a private IPv6 address from the
  # Amazon pool of IPv6 addresses is assigned to the Elastic Network Interface
  # (ENI) for a VPC attachment. The default is false.
  enable_ipv6_support = false

  # Whether the VPC attachment should propagate routes with the Transit Gateway
  # propagation non-default route tables. The default is false.
  enable_tgw_route_propagation = false

  # Whether the VPC attachment should be associated with the Transit Gateway
  # association default route table. The default is true.
  enable_transit_gateway_default_route_table_association = true

  # Whether the VPC attachment should propagate routes with the Transit Gateway
  # propagation default route table. The default is true.
  enable_transit_gateway_default_route_table_propagation = true

}

Reference

Inputs
Outputs

Required

transit_gateway_idstringrequired

EC2 Transit Gateway identifier

vpcsmap(object(…))required

A map of vpcs with their name and the subnet ids that the transit gateway will attach to with optional creation of routing tables. See variable definition for details

Type Details

map(object({
    vpc_id     = string
    vpc_name   = string
    subnet_ids = list(string)

    # Whether Appliance Mode support is enabled.  If enabled, a traffic flow between a source and destination
    # uses the same Availability Zone for the VPC attachment for the lifetime of that flow.
    # Valid values: enable, disable. Default value: disable.
    appliance_mode_support = optional(string, "disable")

    # Creates and associates a route table with the transit gateway attachment. Default value: null
    route_table = optional(string)

  }))

More Details

Details

     Whether Appliance Mode support is enabled.  If enabled, a traffic flow between a source and destination
     uses the same Availability Zone for the VPC attachment for the lifetime of that flow.
     Valid values: enable, disable. Default value: disable.

Details


     Creates and associates a route table with the transit gateway attachment. Default value: null

Optional

custom_tagsmap(string)optional

A map of tags to apply to all resources when applicable. The key is the tag name and the value is the tag value. Note that the tag 'Name' is automatically added by this module but may be optionally overwritten by this variable.

Default:{}

enable_appliance_mode_supportbooloptional

Whether Appliance Mode support is enabled. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is false.

Default:false

enable_dns_supportbooloptional

Whether DNS resolution is enabled for this VPC attachment. The default is false.

Default:false

enable_ipv6_supportbooloptional

Whether IPv6 support is enabled. If enabled, a private IPv6 address from the Amazon pool of IPv6 addresses is assigned to the Elastic Network Interface (ENI) for a VPC attachment. The default is false.

Default:false

enable_tgw_route_propagationbooloptional

Whether the VPC attachment should propagate routes with the Transit Gateway propagation non-default route tables. The default is false.

Default:false

enable_transit_gateway_default_route_table_associationbooloptional

Whether the VPC attachment should be associated with the Transit Gateway association default route table. The default is true.

Default:true

enable_transit_gateway_default_route_table_propagationbooloptional

Whether the VPC attachment should propagate routes with the Transit Gateway propagation default route table. The default is true.

Default:true

id

EC2 Transit Gateway Attachment identifier.

tgw_route_tables

The IDs of the Transit Gateway Route Tables.

What is a Transit Gateway Attachment?​

Usage​

Requirements​

Providers​

Modules​

Resources​

Inputs​

Outputs​

Sample Usage​

Reference​

Required​

Optional​

What is a Transit Gateway Attachment?

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

Sample Usage

Reference

Required

Optional