diff --git a/vpc-transit-gateway-association/self/README.md b/vpc-transit-gateway-association/self/README.md
index cca287b..890ebb2 100644
--- a/vpc-transit-gateway-association/self/README.md
+++ b/vpc-transit-gateway-association/self/README.md
@@ -77,6 +77,7 @@ module "vpc_tgw_self" {
 | [aws_ec2_transit_gateway_route_table_association.route_table_self](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route_table_association) | resource |
 | [aws_ec2_transit_gateway_route_table_propagation.vpc_self_common](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route_table_propagation) | resource |
 | [aws_ec2_transit_gateway_route_table_propagation.vpc_self_own_rt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route_table_propagation) | resource |
+| [aws_ec2_transit_gateway_route_table_propagation.vpn_vpc_self_own_rt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_route_table_propagation) | resource |
 | [aws_ec2_transit_gateway_vpc_attachment.vpc_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_transit_gateway_vpc_attachment) | resource |
 | [aws_route.gateway_ipv4](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
 | [aws_route.gateway_vpn_ipv4](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
diff --git a/vpc-transit-gateway-association/self/associate.tf b/vpc-transit-gateway-association/self/associate.tf
index 80386eb..6c85abc 100644
--- a/vpc-transit-gateway-association/self/associate.tf
+++ b/vpc-transit-gateway-association/self/associate.tf
@@ -82,3 +82,14 @@ resource "aws_ec2_transit_gateway_route_table_propagation" "vpc_self_common" {
   transit_gateway_attachment_id  = aws_ec2_transit_gateway_vpc_attachment.vpc_attachment.id
   transit_gateway_route_table_id = each.value
 }
+
+#---
+# propagate this attachment to necessary VPN RT (my region, network account)
+#---
+resource "aws_ec2_transit_gateway_route_table_propagation" "vpn_vpc_self_own_rt" {
+  provider = aws.self
+  for_each = { (var.transit_gateway_environment) = var.data_input.map_vpn_route_tables_self[var.transit_gateway_environment] }
+
+  transit_gateway_attachment_id  = aws_ec2_transit_gateway_vpc_attachment.vpc_attachment.id
+  transit_gateway_route_table_id = each.value
+}