j-nix · Omarimcblack · Dec 23, 2019 · Dec 7, 2019 · Dec 23, 2019
diff --git a/examples/transit-gateway-cross-account-peering-attachment/README.md b/examples/transit-gateway-cross-account-peering-attachment/README.md
@@ -0,0 +1,24 @@
+# EC2 Transit Gateway Cross-Account Peering Attachment
+
+This example demonstrates how to peer two Transit Gateways in different regions. The peer transit gateway can be in your account or a different AWS account. The following AWS Regions are supported: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), and Europe (Ireland).
+
+See [more in the Transit Gateway Peering Attachment documentation](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-peering.html).
+
+## Running this example
+
+Either `cp terraform.template.tfvars terraform.tfvars` and modify that new file accordingly or provide variables via CLI:
+
+```
+terraform apply \
+	-var="aws_first_access_key=AAAAAAAAAAAAAAAAAAA" \
+	-var="aws_first_secret_key=SuperSecretKeyForAccount1" \
+	-var="aws_second_access_key=BBBBBBBBBBBBBBBBBBB" \
+	-var="aws_second_secret_key=SuperSecretKeyForAccount2" \
+	-var="aws_first_region=us-east-2" \
+	-var="aws_second_region=us-west-2"
+```
+
+## Prerequisites
+
+- This example requires two AWS accounts within the same AWS Organizations Organization
+- Ensure Resource Access Manager is enabled in your organization. For more information, see the [Resource Access Manager User Guide](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html).
diff --git a/examples/transit-gateway-cross-account-peering-attachment/main.tf b/examples/transit-gateway-cross-account-peering-attachment/main.tf
@@ -0,0 +1,86 @@
+// First accepts the Peering attachment.
+provider "aws" {
+  alias = "first"
+
+  region     = "${var.aws_first_region}"
+  access_key = "${var.aws_first_access_key}"
+  secret_key = "${var.aws_first_secret_key}"
+}
+
+// Second creates the Peering attachment.
+provider "aws" {
+  alias = "second"
+
+  region     = "${var.aws_second_region}"
+  access_key = "${var.aws_second_access_key}"
+  secret_key = "${var.aws_second_secret_key}"
+}
+
+data "aws_caller_identity" "first" {
+  provider = "aws.first"
+}
+
+data "aws_caller_identity" "second" {
+  provider = "aws.second"
+}
+
+resource "aws_ec2_transit_gateway" "first" {
+  provider = "aws.first"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+resource "aws_ram_resource_share" "example" {
+  provider = "aws.first"
+
+  name = "terraform-example"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+// Share the transit gateway...
+resource "aws_ram_resource_association" "example" {
+  provider = "aws.first"
+
+  resource_arn       = "${aws_ec2_transit_gateway.first.arn}"
+  resource_share_arn = "${aws_ram_resource_share.example.id}"
+}
+
+// ...with the second account.
+resource "aws_ram_principal_association" "example" {
+  provider = "aws.first"
+
+  principal          = "${data.aws_caller_identity.second.account_id}"
+  resource_share_arn = "${aws_ram_resource_share.example.id}"
+}
+
+resource "aws_ec2_transit_gateway" "second" {
+  provider = "aws.second"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+// Create the Peering attachment in the second account...
+resource "aws_ec2_transit_gateway_peering_attachment" "example" {
+  provider = "aws.second"
+  peer_account_id         = "${data.aws_caller_identity.first.account_id}"
+  peer_region             = "${var.aws_first_region}"
+  peer_transit_gateway_id = "${aws_ec2_transit_gateway.first.id}"
+  transit_gateway_id      = "${aws_ec2_transit_gateway.second.id}"
+  tags = {
+    Name = "terraform-example"
+    Side = "Creator"
+  }
+  depends_on = ["aws_ram_principal_association.example", "aws_ram_resource_association.example"]
+
+}
+
+// ...it then needs to accepted by the first account.
+
+// ...terraform currently doesnt have resource for Transit Gateway Peering Attachment Acceptance
diff --git a/examples/transit-gateway-cross-account-peering-attachment/terraform.template.tfvars b/examples/transit-gateway-cross-account-peering-attachment/terraform.template.tfvars
@@ -0,0 +1,9 @@
+# First account
+aws_first_access_key = "AAAAAAAAAAAAAAAAAAA"
+aws_first_secret_key = "SuperSecretKeyForAccount1"
+
+# Second account
+aws_second_access_key = "BBBBBBBBBBBBBBBBBBB"
+aws_second_secret_key = "SuperSecretKeyForAccount2"
+
+aws_region = "us-east-1"
diff --git a/examples/transit-gateway-cross-account-peering-attachment/variables.tf b/examples/transit-gateway-cross-account-peering-attachment/variables.tf
@@ -0,0 +1,11 @@
+variable "aws_first_access_key" {}
+
+variable "aws_first_secret_key" {}
+
+variable "aws_second_access_key" {}
+
+variable "aws_second_secret_key" {}
+
+variable "aws_first_region" {}
+
+variable "aws_second_region" {}
diff --git a/website/aws.erb b/website/aws.erb
@@ -1076,6 +1076,9 @@
                                 <li>
                                     <a href="/docs/providers/aws/r/ec2_transit_gateway_route_table_propagation.html">aws_ec2_transit_gateway_route_table_propagation</a>
                                 </li>
+                                <li>
+                                    <a href="/docs/providers/aws/r/ec2_transit_gateway_peering_attachment.html">aws_ec2_transit_gateway_peering_attachment</a>
+                                </li>
                                 <li>
                                     <a href="/docs/providers/aws/r/ec2_transit_gateway_vpc_attachment.html">aws_ec2_transit_gateway_vpc_attachment</a>
                                 </li>

diff --git a/website/docs/r/ec2_transit_gateway_peering_attachment.html.markdown b/website/docs/r/ec2_transit_gateway_peering_attachment.html.markdown
@@ -0,0 +1,51 @@
+---
+subcategory: "EC2"
+layout: "aws"
+page_title: "AWS: aws_ec2_transit_gateway_peering_attachment"
+description: |-
+  Manages an EC2 Transit Gateway Peering Attachment
+---
+
+# Resource: aws_ec2_transit_gateway_peering_attachment
+
+Manages an EC2 Transit Gateway Peering Attachment, supporting the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), and Europe (Ireland). For examples of custom route table association and propagation, see the EC2 Transit Gateway Networking Examples Guide.
+
+## Example Usage
+
+```hcl
+resource "aws_ec2_transit_gateway_peering_attachment" "example" {
+  peer_account_id             = "123456789012"
+  peer_region                 = "us-east-2"
+  peer_transit_gateway_id     = "tgw-12345678901234567"
+  transit_gateway_id          = "tgw-76543210987654321"
+
+  tags = {
+    Name = "Example cross-account attachment"
+  }}
+```
+
+A full example of how to create a Transit Gateway in one AWS account, share it with a second AWS account, and attach a to a Transit Gateway in the second account via the `aws_ec2_transit_gateway_peering_attachment` resource can be found in [the `./examples/transit-gateway-cross-account-peering-attachment` directory within the Github Repository](https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples/transit-gateway-cross-account-peering-attachment).
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `peer_account_id` - (Required) Account ID of EC2 Transit Gateway to peer with.
+* `peer_region` - (Required) Region of EC2 Transit Gateway to peer with.
+* `peer_transit_gateway_id` - (Required) Identifier of EC2 Transit Gateway to peer with.
+* `tags` - (Optional) Key-value tags for the EC2 Transit Gateway Peering Attachment.
+* `transit_gateway_id` - (Required) Identifier of EC2 Transit Gateway.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - EC2 Transit Gateway Attachment identifier
+
+## Import
+
+`aws_ec2_transit_gateway_peering_attachment` can be imported by using the EC2 Transit Gateway Attachment identifier, e.g.
+
+```bash
+$ terraform import aws_ec2_transit_gateway_peering_attachment.example tgw-attach-12345678
+```