NEW: sharing transit gateway via RAM

2020-11-06 18:53:20 +08:00
parent 2588e761b3
commit 90e6acc97d
12 changed files with 227 additions and 0 deletions
@@ -0,0 +1,30 @@
+resource "aws_ec2_transit_gateway" "tgw01" {
+  description = "test transit gateway"
+  auto_accept_shared_attachments = "enable"
+  default_route_table_association = "enable"
+  default_route_table_propagation = "enable"
+  dns_support = "enable"
+  tags = local.default-tags
+}
+
+resource "aws_ec2_transit_gateway_vpc_attachment" "tgw-attach" {
+  subnet_ids         = module.vpc01.private_subnets
+  transit_gateway_id = aws_ec2_transit_gateway.tgw01.id
+  vpc_id             = module.vpc01.vpc_id
+}
+
+resource "aws_ram_resource_share" "ram-share" {
+  name                      = "rslab-dplab"
+  allow_external_principals = true
+  tags = local.default-tags
+}
+
+resource "aws_ram_resource_association" "tg-share" {
+  resource_arn       = aws_ec2_transit_gateway.tgw01.arn
+  resource_share_arn = aws_ram_resource_share.ram-share.arn
+}
+
+resource "aws_ram_principal_association" "ram-invite" {
+  principal          = var.tgw-target-account
+  resource_share_arn = aws_ram_resource_share.ram-share.arn
+}