add peering

terraform-modules · May 31, 2021 · 226d563 · 226d563
1 parent 1318cb8
commit 226d563
Show file tree

Hide file tree

Showing 2 changed files with 89 additions and 1 deletion.
diff --git a/peer/README.md b/peer/README.md
@@ -64,6 +64,8 @@ No modules.
 
 | Name | Type |
 |------|------|
+| [aws_vpc_peering_connection.self](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_peering_connection) | resource |
+| [aws_vpc_peering_connection_accepter.peer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_peering_connection_accepter) | resource |
 | [aws_arn.peer_current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_arn.self_current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.peer_current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |

diff --git a/peer/main.tf b/peer/main.tf
@@ -51,7 +51,10 @@ locals {
   self_account_id          = var.account_id != "" ? var.account_id : data.aws_caller_identity.self_current.account_id
   self_account_environment = data.aws_arn.self_current.partition == "aws-us-gov" ? "gov" : "ew"
 
-  peer_account_id          = var.account_id != "" ? var.account_id : data.aws_caller_identity.peer_current.account_id
+  self_region = data.aws_region.self_current.name
+  peer_region = data.aws_region.peer_current.name
+
+  peer_account_id          = var.peer_account_id != "" ? var.peer_account_id : data.aws_caller_identity.peer_current.account_id
   peer_account_environment = data.aws_arn.peer_current.partition == "aws-us-gov" ? "gov" : "ew"
 
   base_tags = {
@@ -80,3 +83,86 @@ locals {
 ##     "dynanodb_endpoint_id" = module.routing.vpc_endpoint_id_dynamodb
 ##   }
 ## }
+
+
+locals {
+  self_cidr_block = var.vpc_cidr_block != "" ? var.vpc_cidr_block : data.aws_vpc.self_vpc.cidr_block
+  peer_cidr_block = var.peer_vpc_cidr_block != "" ? var.peer_vpc_cidr_block : data.aws_vpc.peer_vpc.cidr_block
+
+  self_route_tables = length(var.route_table_ids) > 0 ? var.route_table_ids : tolist(data.aws_route_tables.default_self_route_tables.ids)
+  peer_route_tables = length(var.peer_route_table_ids) > 0 ? var.peer_route_table_ids : tolist(data.aws_route_tables.default_peer_route_tables.ids)
+
+  self_label = format("%v-%s:%s", local._defaults["vpc-peer"], var.vpc_short_name, var.peer_vpc_short_name)
+  peer_label = format("%v-%s:%s", local._defaults["vpc-peer"], var.peer_vpc_short_name, var.vpc_short_name)
+
+  self_tags = merge(
+    var.tags,
+    local.base_tags,
+    {
+      "Name"              = local.self_label
+      "boc:vpc_peer:from" = format("%v-%v-%v", local.self_account_id, local.self_region, var.vpc_short_name),
+      "boc:vpc_peer:to"   = format("%v-%v-%v", local.peer_account_id, local.peer_region, var.peer_vpc_short_name),
+    }
+  )
+  peer_tags = merge(
+    length(var.peer_tags) > 0 ? var.peer_tags : var.tags,
+    local.base_tags,
+    {
+      "Name"              = local.peer_label
+      "boc:vpc_peer:from" = format("%v-%v-%v", local.peer_account_id, local.peer_region, var.peer_vpc_short_name),
+      "boc:vpc_peer:to"   = format("%v-%v-%v", local.self_account_id, local.self_region, var.vpc_short_name),
+    }
+  )
+
+}
+
+resource "aws_vpc_peering_connection" "self" {
+  provider      = aws.self
+  vpc_id        = local.self_vpc_id
+  peer_vpc_id   = local.peer_vpc_id
+  peer_owner_id = var.peer_account_id
+  peer_region   = var.peer_region
+  auto_accept   = false
+
+  tags = local.self_tags
+}
+
+resource "aws_vpc_peering_connection_accepter" "peer" {
+  provider                  = aws.peer
+  vpc_peering_connection_id = aws_vpc_peering_connection.self.id
+  auto_accept               = true
+
+  tags = local.peer_tags
+}
+
+## # local routes
+## resource "aws_route" "me_peer2" {
+##   provider = aws
+##   count    = length(data.aws_route_tables.me.ids)
+##   #  route_table_id = data.aws_route_tables.me.ids[count.index]
+##   route_table_id            = local.route_tables_me[count.index]
+##   destination_cidr_block    = local.cidr_block_peer2
+##   vpc_peering_connection_id = aws_vpc_peering_connection.me_peer2.id
+## }
+## 
+## # peer routes
+## resource "aws_route" "peer2_me" {
+##   provider = aws.peer2
+##   count    = length(data.aws_route_tables.peer2.ids)
+##   #  route_table_id = data.aws_route_tables.peer2.ids[count.index]
+##   route_table_id            = local.route_tables_peer2[count.index]
+##   destination_cidr_block    = local.cidr_block_me
+##   vpc_peering_connection_id = aws_vpc_peering_connection.me_peer2.id
+## }
+## 
+## # output "rt_me" {
+## #   value = data.aws_route_tables.me.ids
+## # }
+## # output "rt_peer1" {
+## #   value = data.aws_route_tables.peer1.ids
+## # }
+## #
+## # output "rt_peer2" {
+## #   value = data.aws_route_tables.peer2.ids
+## # }
+##