From 6f822c4c11a0b0096920cb87474d6671fde443f6 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Mon, 30 Jan 2023 14:25:07 -0500
Subject: [PATCH] fix

---
 vpc-transit-gateway-association/self/routing.tf | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/vpc-transit-gateway-association/self/routing.tf b/vpc-transit-gateway-association/self/routing.tf
index ceceeaf..0ddb088 100644
--- a/vpc-transit-gateway-association/self/routing.tf
+++ b/vpc-transit-gateway-association/self/routing.tf
@@ -72,10 +72,11 @@ resource "aws_route" "gateway_vpn_ipv4" {
 # routing using prefix lists.  We want cross-region prefix lists.  For services, we create a cross-region prefix list to the
 # peer TGW for every environment.   For non-services, we create, we create that for services and the env.
 # this is done only once, at the TGW main configuration.
+# ENV RT -> services
 #---
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_common" {
   provider = aws.self
-  for_each = local.create_prefix_list_routing ? { "services" = var.data_input.map_route_tables_self["services"] } : {}
+  for_each = local.create_prefix_list_routing ? { (var.transit_gateway_environment) = var.data_input.map_route_tables_self["services"] } : {}
 
   prefix_list_id                 = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
   transit_gateway_attachment_id  = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
@@ -83,7 +84,7 @@ resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_common" {
 }
 
 #---
-# add routes to peer for non-services
+# add routes to peer for non-services (dev RT -> prefix for dev)
 #---
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_own_env" {
   provider = aws.self
@@ -95,13 +96,14 @@ resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_own_env" {
 }
 
 #---
-# if services, add routes to all other route tables
+# if services, add prefix list for all other env to services route table (not services) (service RT -> prefix for dev, ...)
 #--
 resource "aws_ec2_transit_gateway_prefix_list_reference" "vpc_self_all" {
   provider = aws.self
   for_each = local.create_prefix_list_routing && contains(local.propagate_all_rt, var.transit_gateway_environment) ? { for k in local.selected_rt : k => var.data_input.map_route_tables_self[k] } : {}
 
-  prefix_list_id                 = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
-  transit_gateway_attachment_id  = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
-  transit_gateway_route_table_id = each.value
+  prefix_list_id                = data.aws_ec2_managed_prefix_list.tgw_crossregion_env[each.key].id
+  transit_gateway_attachment_id = data.aws_ec2_transit_gateway_peering_attachment.attachment_peer.id
+  #  transit_gateway_route_table_id = each.value
+  transit_gateway_route_table_id = var.data_input.map_route_tables_self["services"]
 }