* 2.11.5 -- 2025-02-18

  - vpc-transit-gateway-association
    - allow additional propgate_rt_all options via variable propagate_all_route_table_names

CHANGELOG.md

@@ -451,3 +451,7 @@
 * 2.11.4 -- 2025-02-14
   - vpc-transit-gateway-association
     - add inspection as possible tgw_environment
+
+* 2.11.5 -- 2025-02-18
+  - vpc-transit-gateway-association
+    - allow additional propgate_rt_all options via variable propagate_all_route_table_names

common/version.tf

@@ -1,5 +1,5 @@
 locals {
-  _module_version = "2.11.4"
+  _module_version = "2.11.5"
   _module_names = {
     "_main_" = "aws-vpc-setup"
 

vpc-transit-gateway-association/peer/README.md

@@ -235,6 +235,7 @@ No modules.
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_private_route_table_ids"></a> [private\_route\_table\_ids](#input\_private\_route\_table\_ids) | Map of private route table IDs (which exclude the attachment subnets) | `map(string)` | `{}` | no |
 | <a name="input_private_subnets_ids"></a> [private\_subnets\_ids](#input\_private\_subnets\_ids) | List of private subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br/>    subnet            = string<br/>    label             = string<br/>    availability_zone = string<br/>    id                = string<br/>  }))</pre> | `[]` | no |
+| <a name="input_propagate_all_route_table_names"></a> [propagate\_all\_route\_table\_names](#input\_propagate\_all\_route\_table\_names) | List of route table names to propagate routes into for every attachment | `list` | <pre>[<br/>  "services",<br/>  "inter-region"<br/>]</pre> | no |
 | <a name="input_route_prefix_list_name"></a> [route\_prefix\_list\_name](#input\_route\_prefix\_list\_name) | Shared prefix list name used for routing to TGW.  It is comprised of all of the network CIDR blocks in AWS using TGW. | `string` | `"transit-gateway.prod"` | no |
 | <a name="input_route_table_label"></a> [route\_table\_label](#input\_route\_table\_label) | Route table lable for the attachment subnets | `string` | `"attachment"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |

vpc-transit-gateway-association/peer/associate.tf

@@ -2,7 +2,8 @@
 # get rt variables for use later
 #---
 locals {
-  propagate_all_rt = ["services", "inter-region"]
+  #  propagate_all_rt = ["services", "inter-region"]
+  propagate_all_rt = var.propagate_all_route_table_names
   #  selected_rt      = [for k in keys(local.transit_gateway_route_table_ids_peer) : k if ! contains(local.propagate_all_rt, k)]
   selected_rt = [for k in keys(var.data_input.map_route_tables_peer) : k if ! contains(local.propagate_all_rt, k)]
 }

vpc-transit-gateway-association/peer/variables.tf

@@ -57,3 +57,14 @@ variable "private_route_table_ids" {
   type        = map(string)
   default     = {}
 }
+
+variable "propagate_all_route_table_names" {
+  description = "List of route table names to propagate routes into for every attachment"
+  type        = list
+  default     = ["services", "inter-region"]
+
+  validation {
+    condition     = contains(["services", "inter-region", "inspection", "cross-boundary"], var.propagate_all_route_table_names)
+    error_message = "propagate_all_route_table_names must be one of: services, inter-region, inspection, cross-boundary."
+  }
+}

vpc-transit-gateway-association/self/README.md

@@ -265,6 +265,7 @@ module "vpc_tgw_self" {
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_private_route_table_ids"></a> [private\_route\_table\_ids](#input\_private\_route\_table\_ids) | Map of private route table IDs (which exclude the attachment subnets) | `map(string)` | `{}` | no |
 | <a name="input_private_subnets_ids"></a> [private\_subnets\_ids](#input\_private\_subnets\_ids) | List of private subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br/>    subnet            = string<br/>    label             = string<br/>    availability_zone = string<br/>    id                = string<br/>  }))</pre> | `[]` | no |
+| <a name="input_propagate_all_route_table_names"></a> [propagate\_all\_route\_table\_names](#input\_propagate\_all\_route\_table\_names) | List of route table names to propagate routes into for every attachment | `list` | <pre>[<br/>  "services",<br/>  "inter-region"<br/>]</pre> | no |
 | <a name="input_route_prefix_list_name"></a> [route\_prefix\_list\_name](#input\_route\_prefix\_list\_name) | Shared prefix list name used for routing to TGW.  It is comprised of all of the network CIDR blocks in AWS using TGW. | `string` | `"transit-gateway.prod"` | no |
 | <a name="input_route_table_label"></a> [route\_table\_label](#input\_route\_table\_label) | Route table lable for the attachment subnets | `string` | `"attachment"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |

vpc-transit-gateway-association/self/associate.tf

@@ -57,7 +57,8 @@ resource "aws_ec2_transit_gateway_route_table_association" "route_table_self" {
 # get rt variables for use later
 #---
 locals {
-  propagate_all_rt = ["services", "inter-region"]
+  #  propagate_all_rt = ["services", "inter-region"]
+  propagate_all_rt = var.propagate_all_route_table_names
   #  selected_rt      = [for k in keys(local.transit_gateway_route_table_ids_self) : k if ! contains(local.propagate_all_rt, k)]
   selected_rt     = [for k in keys(var.data_input.map_route_tables_self) : k if ! contains(local.propagate_all_rt, k)]
   vpn_selected_rt = [for k in keys(var.data_input.map_route_tables_self) : k if ! contains(local.propagate_all_rt, k)]

vpc-transit-gateway-association/self/variables.tf

@@ -64,3 +64,13 @@ variable "transit_gateway_environments" {
   default     = []
 }
 
+variable "propagate_all_route_table_names" {
+  description = "List of route table names to propagate routes into for every attachment"
+  type        = list
+  default     = ["services", "inter-region"]
+
+  validation {
+    condition     = contains(["services", "inter-region", "inspection", "cross-boundary"], var.propagate_all_route_table_names)
+    error_message = "propagate_all_route_table_names must be one of: services, inter-region, inspection, cross-boundary."
+  }
+}