add more data

terraform-modules · Oct 21, 2022 · 11742fc · 11742fc
1 parent 256ba8f
commit 11742fc
Show file tree

Hide file tree

Showing 8 changed files with 54 additions and 43 deletions.
diff --git a/common/variables.common.vpc_cidr_block.tf b/common/variables.common.vpc_cidr_block.tf
@@ -0,0 +1,12 @@
+variable "vpc_cidr_block" {
+  description = "VPC CIDR Block"
+  type        = string
+  default     = null
+}
+
+variable "vpc_cidr_blocks" {
+  description = "VPC CIDR Block List"
+  type        = list(string)
+  default     = []
+}
+
diff --git a/vpc-transit-gateway-association/common/variables.data_input.tf b/vpc-transit-gateway-association/common/variables.data_input.tf
@@ -0,0 +1,19 @@
+variable "data_input" {
+  description = "Map of data generated by vpc-transit-gateway-association-data"
+  type = object({
+    availablity_zone          = map(any)
+    gateway_self              = string
+    gateway_peer              = string
+    route_tables_self         = map(any)
+    route_tables_peer         = map(any)
+    map_route_tables_self     = map(any)
+    map_route_tables_peer     = map(any)
+    map_vpn_route_tables_self = map(any)
+    map_vpn_route_tables_peer = map(any)
+    prefix_list_id_ipv4       = string
+    vpn_prefix_list_id_ipv4   = string
+    vpc_id                    = string
+    vpc_cidr_block            = string
+    vpc_cidr_blocks           = list(string)
+  })
+}
diff --git a/vpc-transit-gateway-association/data/data.transit-gateway.tf b/vpc-transit-gateway-association/data/data.transit-gateway.tf
@@ -35,7 +35,8 @@ data "aws_ec2_transit_gateway_route_table" "route_tables_self" {
 }
 
 locals {
-  transit_gateway_route_table_ids_self = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_self : v.tags["boc:network_vrf"] => k if contains(keys(v.tags), "boc:network_vrf") }
+  transit_gateway_route_table_ids_self     = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_self : v.tags["boc:network_vrf"] => k if contains(keys(v.tags), "boc:network_vrf") }
+  transit_gateway_vpn_route_table_ids_self = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_self : v.tags["boc:vpn_network_vrf"] => k if contains(keys(v.tags), "boc:vpn_network_vrf") }
 }
 
 #---
@@ -56,7 +57,8 @@ data "aws_ec2_transit_gateway_route_table" "route_tables_peer" {
 }
 
 locals {
-  transit_gateway_route_table_ids_peer = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_peer : v.tags["boc:network_vrf"] => k if contains(keys(v.tags), "boc:network_vrf") }
+  transit_gateway_route_table_ids_peer     = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_peer : v.tags["boc:network_vrf"] => k if contains(keys(v.tags), "boc:network_vrf") }
+  transit_gateway_vpn_route_table_ids_peer = { for k, v in data.aws_ec2_transit_gateway_route_table.route_tables_peer : v.tags["boc:vpn_network_vrf"] => k if contains(keys(v.tags), "boc:vpn_network_vrf") }
 }
 
 # These two hold a map of VRF => route table
@@ -81,4 +83,3 @@ data "aws_ec2_transit_gateway_peering_attachment" "attachment_peer" {
     values = [data.aws_ec2_transit_gateway.gateway_peer.id]
   }
 }
-
diff --git a/vpc-transit-gateway-association/data/outputs.tf b/vpc-transit-gateway-association/data/outputs.tf
@@ -41,14 +41,19 @@ output "prefix_list_id_ipv4" {
 output "data_output" {
   description = "Map of data generated by this submodule need for the vpc-transit-gateway-association module"
   value = {
-    availablity_zone        = data.aws_availability_zone.zone
-    gateway_self            = data.aws_ec2_transit_gateway.gateway_self.id
-    gateway_peer            = data.aws_ec2_transit_gateway.gateway_peer.id
-    route_tables_self       = data.aws_ec2_transit_gateway_route_table.route_tables_self
-    route_tables_peer       = data.aws_ec2_transit_gateway_route_table.route_tables_peer
-    map_route_tables_self   = local.transit_gateway_route_table_ids_self
-    map_route_tables_peer   = local.transit_gateway_route_table_ids_peer
-    prefix_list_id_ipv4     = try(([for k, v in data.aws_ec2_managed_prefix_list.tgw_ipv4 : k if v.address_family == "IPv4"])[0])
-    vpn_prefix_list_id_ipv4 = var.vpn_route_prefix_list_name != null ? try(([for k, v in data.aws_ec2_managed_prefix_list.tgw_vpn_ipv4 : k if v.address_family == "IPv4"])[0]) : null
+    availablity_zone          = data.aws_availability_zone.zone
+    gateway_self              = data.aws_ec2_transit_gateway.gateway_self.id
+    gateway_peer              = data.aws_ec2_transit_gateway.gateway_peer.id
+    route_tables_self         = data.aws_ec2_transit_gateway_route_table.route_tables_self
+    route_tables_peer         = data.aws_ec2_transit_gateway_route_table.route_tables_peer
+    map_route_tables_self     = local.transit_gateway_route_table_ids_self
+    map_route_tables_peer     = local.transit_gateway_route_table_ids_peer
+    map_vpn_route_tables_self = local.transit_gateway_vpn_route_table_ids_self
+    map_vpn_route_tables_peer = local.transit_gateway_vpn_route_table_ids_peer
+    prefix_list_id_ipv4       = try(([for k, v in data.aws_ec2_managed_prefix_list.tgw_ipv4 : k if v.address_family == "IPv4"])[0])
+    vpn_prefix_list_id_ipv4   = var.vpn_route_prefix_list_name != null ? try(([for k, v in data.aws_ec2_managed_prefix_list.tgw_vpn_ipv4 : k if v.address_family == "IPv4"])[0]) : null
+    vpc_id                    = var.vpc_id
+    vpc_cidr_block            = var.vpc_cidr_block
+    vpc_cidr_blocks           = var.vpc_cidr_blocks
   }
 }
diff --git a/vpc-transit-gateway-association/peer/variables.data_input.tf b/vpc-transit-gateway-association/peer/variables.data_input.tf
diff --git a/vpc-transit-gateway-association/peer/variables.data_input.tf b/vpc-transit-gateway-association/peer/variables.data_input.tf
@@ -0,0 +1 @@
+../common/variables.data_input.tf
diff --git a/vpc-transit-gateway-association/self/README.md b/vpc-transit-gateway-association/self/README.md
@@ -100,7 +100,7 @@ module "vpc_tgw_self" {
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | AWS Account ID (default: will pull from current user) | `string` | `""` | no |
 | <a name="input_availability_zones"></a> [availability\_zones](#input\_availability\_zones) | AWS Availability Zones to use (by default will use all available) | `list(string)` | `[]` | no |
 | <a name="input_create"></a> [create](#input\_create) | Flag to indicate whether to create the resources or not (default: true) | `bool` | `true` | no |
-| <a name="input_data_input"></a> [data\_input](#input\_data\_input) | Map of data generated by vpc-transit-gateway-association-data | <pre>object({<br>    availablity_zone        = map(any)<br>    gateway_self            = string<br>    gateway_peer            = string<br>    route_tables_self       = map(any)<br>    route_tables_peer       = map(any)<br>    map_route_tables_self   = map(any)<br>    map_route_tables_peer   = map(any)<br>    prefix_list_id_ipv4     = string<br>    vpn_prefix_list_id_ipv4 = string<br>  })</pre> | n/a | yes |
+| <a name="input_data_input"></a> [data\_input](#input\_data\_input) | Map of data generated by vpc-transit-gateway-association-data | <pre>object({<br>    availablity_zone          = map(any)<br>    gateway_self              = string<br>    gateway_peer              = string<br>    route_tables_self         = map(any)<br>    route_tables_peer         = map(any)<br>    map_route_tables_self     = map(any)<br>    map_route_tables_peer     = map(any)<br>    map_vpn_route_tables_self = map(any)<br>    map_vpn_route_tables_peer = map(any)<br>    prefix_list_id_ipv4       = string<br>    vpn_prefix_list_id_ipv4   = string<br>    vpc_id                    = string<br>    vpc_cidr_block            = string<br>    vpc_cidr_blocks           = list(string)<br>  })</pre> | n/a | yes |
 | <a name="input_network_account_profile"></a> [network\_account\_profile](#input\_network\_account\_profile) | AWS profile of the source account sharing the VPC resources | `string` | n/a | yes |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_private_route_table_ids"></a> [private\_route\_table\_ids](#input\_private\_route\_table\_ids) | Map of private route table IDs (which exclude the attachment subnets) | `map(string)` | `{}` | no |

diff --git a/vpc-transit-gateway-association/self/associate.tf b/vpc-transit-gateway-association/self/associate.tf
@@ -9,8 +9,8 @@ resource "aws_ec2_transit_gateway_vpc_attachment" "vpc_attachment" {
   vpc_id                                          = var.vpc_id
   dns_support                                     = "enable"
   ipv6_support                                    = "disable"
-  transit_gateway_default_route_table_association = true
-  transit_gateway_default_route_table_propagation = true
+  transit_gateway_default_route_table_association = false
+  transit_gateway_default_route_table_propagation = false
 
   tags = merge(
     local.base_tags,

diff --git a/vpc-transit-gateway-association/self/variables.data_input.tf b/vpc-transit-gateway-association/self/variables.data_input.tf
diff --git a/vpc-transit-gateway-association/self/variables.data_input.tf b/vpc-transit-gateway-association/self/variables.data_input.tf
@@ -0,0 +1 @@
+../common/variables.data_input.tf