fix

terraform-modules · Jan 30, 2023 · 6f822c4 · 6f822c4
1 parent f37c017
commit 6f822c4
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/vpc-transit-gateway-association/self/routing.tf b/vpc-transit-gateway-association/self/routing.tf
@@ -72,18 +72,19 @@ resource "aws_route" "gateway_vpn_ipv4" {
 # routing using prefix lists.  We want cross-region prefix lists.  For services, we create a cross-region prefix list to the
 # peer TGW for every environment.   For non-services, we create, we create that for services and the env.
 # this is done only once, at the TGW main configuration.
+# ENV RT -> services
 #---
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_common" {
   provider = aws.self
-  for_each = local.create_prefix_list_routing ? { "services" = var.data_input.map_route_tables_self["services"] } : {}
+  for_each = local.create_prefix_list_routing ? { (var.transit_gateway_environment) = var.data_input.map_route_tables_self["services"] } : {}
 
   prefix_list_id                 = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
   transit_gateway_attachment_id  = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
   transit_gateway_route_table_id = each.value
 }
 
 #---
-# add routes to peer for non-services
+# add routes to peer for non-services (dev RT -> prefix for dev)
 #---
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_own_env" {
   provider = aws.self
@@ -95,13 +96,14 @@ resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_own_env" {
 }
 
 #---
-# if services, add routes to all other route tables
+# if services, add prefix list for all other env to services route table (not services) (service RT -> prefix for dev, ...)
 #--
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_all" {
   provider = aws.self
   for_each = local.create_prefix_list_routing && contains(local.propagate_all_rt, var.transit_gateway_environment) ? { for k in local.selected_rt : k => var.data_input.map_route_tables_self[k] } : {}
 
-  prefix_list_id                 = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
-  transit_gateway_attachment_id  = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
-  transit_gateway_route_table_id = each.value
+  prefix_list_id                = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
+  transit_gateway_attachment_id = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
+  #  transit_gateway_route_table_id = each.value
+  transit_gateway_route_table_id = var.data_input.map_route_tables_self["services"]
 }