Merge pull request #24000 from bigmikes/intra-region-peering-example

examples: configuration for intra-region Transit Gateway Peering
hashicorp · Jul 6, 2022 · 87b2ab2 · 87b2ab2
2 parents 0081f50 + 9e769e7
commit 87b2ab2
Show file tree

Hide file tree

Showing 4 changed files with 138 additions and 0 deletions.
diff --git a/examples/transit-gateway-intra-region-peering/README.md b/examples/transit-gateway-intra-region-peering/README.md
@@ -0,0 +1,20 @@
+# EC2 Transit Gateway intra-region Peering
+
+This example demonstrates how to create two Transit Gateways in one AWS account and the same region, attach a VPC each, and then create a Peering Attachment between the two Transit Gateways.
+
+See [more in the Transit Gateway intra-region Peering documentation](https://aws.amazon.com/it/blogs/networking-and-content-delivery/aws-transit-gateway-now-supports-intra-region-peering/).
+
+## Running this example
+
+Either `cp terraform.template.tfvars terraform.tfvars` and modify that new file accordingly or provide variables via CLI:
+
+```terrform
+terraform apply \
+	-var="aws_profile=aws-account" \
+	-var="aws_region=us-east-1" 
+```
+
+## Prerequisites
+
+- This example requires one AWS accounts within the same AWS Organizations Organization
+- Ensure Resource Access Manager is enabled in your organization. For more information, see the [Resource Access Manager User Guide](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html).
diff --git a/examples/transit-gateway-intra-region-peering/main.tf b/examples/transit-gateway-intra-region-peering/main.tf
@@ -0,0 +1,110 @@
+terraform {
+  required_version = ">= 0.12"
+}
+
+provider "aws" {
+  region  = var.aws_region
+  profile = var.aws_profile
+}
+
+resource "aws_vpc" "example_vpc_1" {
+  cidr_block = "10.1.0.0/16"
+
+  tags = {
+    Name = "terraform-example-vpc-1"
+  }
+}
+
+resource "aws_subnet" "example_subnet_1" {
+  cidr_block = "10.1.0.0/24"
+  vpc_id     = aws_vpc.example_vpc_1.id
+
+  tags = {
+    Name = "terraform-example-subnet-1"
+  }
+}
+
+resource "aws_vpc" "example_vpc_2" {
+  cidr_block = "10.2.0.0/16"
+
+  tags = {
+    Name = "terraform-example-vpc-2"
+  }
+}
+
+resource "aws_subnet" "example_subnet_2" {
+  cidr_block = "10.2.0.0/24"
+  vpc_id     = aws_vpc.example_vpc_2.id
+
+  tags = {
+    Name = "terraform-example-subnet-2"
+  }
+}
+
+# Create the first Transit Gateway.
+resource "aws_ec2_transit_gateway" "example_tgw_1" {
+  tags = {
+    Name = "terraform-example-tgw-1"
+  }
+}
+
+# Attach the first VPC to the first Transit Gateway.
+resource "aws_ec2_transit_gateway_vpc_attachment" "example_vpc_1_attachment" {
+  subnet_ids         = [aws_subnet.example_subnet_1.id]
+  transit_gateway_id = aws_ec2_transit_gateway.example_tgw_1.id
+  vpc_id             = aws_vpc.example_vpc_1.id
+
+  tags = {
+    Name = "terraform-example-vpc-attach-1"
+  }
+}
+
+# Create the second Transit Gateway in the same region.
+resource "aws_ec2_transit_gateway" "example_tgw_2" {
+  tags = {
+    Name = "terraform-example-tgw-2"
+  }
+}
+
+# Attach the second VPC to the second Transit Gateway.
+resource "aws_ec2_transit_gateway_vpc_attachment" "example_vpc_2_attachment" {
+  subnet_ids         = [aws_subnet.example_subnet_2.id]
+  transit_gateway_id = aws_ec2_transit_gateway.example_tgw_2.id
+  vpc_id             = aws_vpc.example_vpc_2.id
+
+  tags = {
+    Name = "terraform-example-vpc-attach-2"
+  }
+}
+
+# Create the intra-region Peering Attachment from Gateway 1 to Gateway 2.
+# Actually, this will create two peerings: one for Gateway 1 (Creator)
+# and one for Gateway 2 (Acceptor).
+resource "aws_ec2_transit_gateway_peering_attachment" "example_source_peering" {
+  peer_region             = var.aws_region
+  transit_gateway_id      = aws_ec2_transit_gateway.example_tgw_1.id
+  peer_transit_gateway_id = aws_ec2_transit_gateway.example_tgw_2.id
+  tags = {
+    Name = "terraform-example-tgw-peering"
+    Side = "Creator"
+  }
+}
+
+# Transit Gateway 2's peering request needs to be accepted.
+# So, we fetch the Peering Attachment that is created for the Gateway 2.
+data "aws_ec2_transit_gateway_peering_attachment" "example_accepter_peering_data" {
+  depends_on = [aws_ec2_transit_gateway_peering_attachment.example_source_peering]
+  filter {
+    name   = "transit-gateway-id"
+    values = [aws_ec2_transit_gateway.example_tgw_2.id]
+  }
+}
+
+# Accept the Attachment Peering request.
+resource "aws_ec2_transit_gateway_peering_attachment_accepter" "example_accepter" {
+  transit_gateway_attachment_id = data.aws_ec2_transit_gateway_peering_attachment.example_accepter_peering_data.id
+  tags = {
+    Name = "terraform-example-tgw-peering-accepter"
+    Side = "Acceptor"
+  }
+}
diff --git a/examples/transit-gateway-intra-region-peering/terraform.template.tfvars b/examples/transit-gateway-intra-region-peering/terraform.template.tfvars
@@ -0,0 +1,5 @@
+# AWS Profile (type `aws configure`)
+aws_profile = "default"
+
+# AWS Region 
+aws_region = "us-east-1"
diff --git a/examples/transit-gateway-intra-region-peering/variables.tf b/examples/transit-gateway-intra-region-peering/variables.tf
@@ -0,0 +1,3 @@
+variable "aws_profile" {}
+
+variable "aws_region" {}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		variable "aws_profile" {}

		variable "aws_region" {}