From e100a7f8e8cbb879fd2bbe80ce1d4c00a452cbbf Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Sat, 6 Oct 2018 14:52:05 +0300 Subject: [PATCH 01/14] Create cross-region peering --- main.tf | 29 ++++++++++++++++++++++++++--- outputs.tf | 15 +++++++++++++++ variables.tf | 38 +++++++++++++++++++++++++++----------- 3 files changed, 68 insertions(+), 14 deletions(-) diff --git a/main.tf b/main.tf index 8748431..bcf7976 100644 --- a/main.tf +++ b/main.tf @@ -2,18 +2,19 @@ # VPC peering connection # ########################## resource "aws_vpc_peering_connection" "this" { - count = "${var.create_peering ? 1 : 0}" + count = "${(var.create_peering * (1 + var.cross_region_peering)) == "1" ? 1 : 0}" peer_owner_id = "${var.owner_account_id}" peer_vpc_id = "${var.vpc_peer_id}" vpc_id = "${var.this_vpc_id}" auto_accept = "${var.auto_accept_peering}" + tags = "${var.tags}" } ################## # Private routes # ################## resource "aws_route" "private_route_table" { - count = "${length(var.private_route_table_ids)}" + count = "${length(var.private_route_table_ids)}" route_table_id = "${element(var.private_route_table_ids, count.index)}" destination_cidr_block = "${var.peer_cidr_block}" vpc_peering_connection_id = "${var.peering_id == "" ? element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) : var.peering_id}" @@ -23,8 +24,30 @@ resource "aws_route" "private_route_table" { # Public routes # ################# resource "aws_route" "public_route_table" { - count = "${length(var.public_route_table_ids)}" + count = "${length(var.public_route_table_ids)}" route_table_id = "${element(var.public_route_table_ids, count.index)}" destination_cidr_block = "${var.peer_cidr_block}" vpc_peering_connection_id = "${var.peering_id == "" ? element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) : var.peering_id}" } + +############################ +# VPC cross-region peering # +############################ +resource "aws_vpc_peering_connection" "this_cross_region" { + count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" + peer_owner_id = "${var.owner_account_id}" + peer_vpc_id = "${var.vpc_peer_id}" + vpc_id = "${var.this_vpc_id}" + peer_region = "${var.peer_region}" +} + +##################################### +# Accepter's side of the connection # +##################################### +resource "aws_vpc_peering_connection_accepter" "peer_aacepter" { + provider = "aws.peer" + count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" + vpc_peering_connection_id = "${aws_vpc_peering_connection.this_cross_region.id}" + auto_accept = true + tags = "${merge(var.tags, map("Side", "Accepter"))}" +} diff --git a/outputs.tf b/outputs.tf index d6baf9d..1b6b2bc 100644 --- a/outputs.tf +++ b/outputs.tf @@ -3,6 +3,21 @@ output "vpc_peering_id" { value = "${var.peering_id == "" ? element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) : var.peering_id}" } +output "local_vpc_peering_accept_status" { + description = "Accept status for the connection" + value = "${aws_vpc_peering_connection.this.id == "" ? "No local peering" : aws_vpc_peering_connection.this.accept_status}" +} + +output "cross_region_peering_connection_id" { + description = "Cross Region Peering ID" + value = "${var.cross_region_peering == 0 ? "No cross-region peering" ? aws_vpc_peering_connection.this_cross_region.id}" +} + +output "cross_region_peering_accept_status" { + description = "Cross Region Peering Status" + value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" ? aws_vpc_peering_connection.this_cross_region.accept_status}" +} + output "private_route_tables" { description = "Private route tables" value = ["${var.private_route_table_ids}"] diff --git a/variables.tf b/variables.tf index 7579f79..4a61e10 100644 --- a/variables.tf +++ b/variables.tf @@ -1,46 +1,62 @@ variable "owner_account_id" { - description = "AWS owner account ID" + description = "AWS owner account ID: string" default = "" } variable "vpc_peer_id" { - description = "Peer VPC ID" + description = "Peer VPC ID: string" default = "" } variable "this_vpc_id" { - description = "This VPC ID" + description = "This VPC ID: string" + default = "" +} + +variable "cross_region_peering" { + description = "Is it a cross region peering: bool" + default = false +} + +variable "peer_region" { + description = "Peer Region Name e.g. us-east-1: string" default = "" } variable "private_route_table_ids" { type = "list" - description = "A list of private route tables" + description = "A list of private route tables: list" default = [] } variable "public_route_table_ids" { type = "list" - description = "A list of public route tables" + description = "A list of public route tables: list" default = [] } variable "peer_cidr_block" { - description = "Peer VPC CIDR block" + description = "Peer VPC CIDR block: string" default = "" } variable "auto_accept_peering" { - description = "Auto accept peering connection" + description = "Auto accept peering connection: bool" default = false } variable "create_peering" { - description = "Create peering connection, 0 to not create" - default = 1 + description = "Create peering connection, 0 to not create: bool" + default = true } variable "peering_id" { - description = "Provide already existing peering connection id" - default = "" + description = "Provide already existing peering connection id" + default = "" +} + +variable "tags" { + description = "Tags: map" + type = "map" + default = {} } From 6f726266fbb54a1183d8305f9d97e5b530adee82 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 11:41:25 +0300 Subject: [PATCH 02/14] Check AWS account ID automatically --- data.tf | 1 + main.tf | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 data.tf diff --git a/data.tf b/data.tf new file mode 100644 index 0000000..8fc4b38 --- /dev/null +++ b/data.tf @@ -0,0 +1 @@ +data "aws_caller_identity" "current" {} diff --git a/main.tf b/main.tf index bcf7976..6db1104 100644 --- a/main.tf +++ b/main.tf @@ -3,7 +3,7 @@ ########################## resource "aws_vpc_peering_connection" "this" { count = "${(var.create_peering * (1 + var.cross_region_peering)) == "1" ? 1 : 0}" - peer_owner_id = "${var.owner_account_id}" + peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" peer_vpc_id = "${var.vpc_peer_id}" vpc_id = "${var.this_vpc_id}" auto_accept = "${var.auto_accept_peering}" @@ -35,7 +35,7 @@ resource "aws_route" "public_route_table" { ############################ resource "aws_vpc_peering_connection" "this_cross_region" { count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" - peer_owner_id = "${var.owner_account_id}" + peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" peer_vpc_id = "${var.vpc_peer_id}" vpc_id = "${var.this_vpc_id}" peer_region = "${var.peer_region}" From 6b7c1e828f1a32aa4760dee0227f86b89c7a24f0 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:07:30 +0300 Subject: [PATCH 03/14] Fix interpolation in output --- outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/outputs.tf b/outputs.tf index 1b6b2bc..d2b16a0 100644 --- a/outputs.tf +++ b/outputs.tf @@ -10,12 +10,12 @@ output "local_vpc_peering_accept_status" { output "cross_region_peering_connection_id" { description = "Cross Region Peering ID" - value = "${var.cross_region_peering == 0 ? "No cross-region peering" ? aws_vpc_peering_connection.this_cross_region.id}" + value = "${var.cross_region_peering == 0 ? "No cross-region peering" : aws_vpc_peering_connection.this_cross_region.id}" } output "cross_region_peering_accept_status" { description = "Cross Region Peering Status" - value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" ? aws_vpc_peering_connection.this_cross_region.accept_status}" + value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" : aws_vpc_peering_connection.this_cross_region.accept_status}" } output "private_route_tables" { From bae1719bba69839b5cd1d12f9efb3232bbb907fc Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:20:32 +0300 Subject: [PATCH 04/14] Fix provider declaration for the peer --- main.tf | 2 +- variables.tf | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index 6db1104..41662f2 100644 --- a/main.tf +++ b/main.tf @@ -45,7 +45,7 @@ resource "aws_vpc_peering_connection" "this_cross_region" { # Accepter's side of the connection # ##################################### resource "aws_vpc_peering_connection_accepter" "peer_aacepter" { - provider = "aws.peer" + provider = "${var.peer_provider}" count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" vpc_peering_connection_id = "${aws_vpc_peering_connection.this_cross_region.id}" auto_accept = true diff --git a/variables.tf b/variables.tf index 4a61e10..8b66528 100644 --- a/variables.tf +++ b/variables.tf @@ -18,6 +18,11 @@ variable "cross_region_peering" { default = false } +variable "peer_provider" { + description = "Provider alias for the peer: string" + default = "" +} + variable "peer_region" { description = "Peer Region Name e.g. us-east-1: string" default = "" @@ -56,7 +61,7 @@ variable "peering_id" { } variable "tags" { - description = "Tags: map" - type = "map" - default = {} + description = "Tags: map" + type = "map" + default = {} } From 11dcb309b474304cc777fce3eaf8fe0688f9c7f7 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:30:52 +0300 Subject: [PATCH 05/14] Declare providers for cross-region --- main.tf | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 41662f2..469e4de 100644 --- a/main.tf +++ b/main.tf @@ -1,7 +1,19 @@ +# Providers are required because of cross-region +provider "aws" { + region = "${var.this_region}" + alias = "this" +} + +provider "aws" { + region = "${var.peer_region}" + alias = "peer" +} + ########################## # VPC peering connection # ########################## resource "aws_vpc_peering_connection" "this" { + provider = "aws.this" count = "${(var.create_peering * (1 + var.cross_region_peering)) == "1" ? 1 : 0}" peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" peer_vpc_id = "${var.vpc_peer_id}" @@ -34,6 +46,7 @@ resource "aws_route" "public_route_table" { # VPC cross-region peering # ############################ resource "aws_vpc_peering_connection" "this_cross_region" { + provider = "aws.this" count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" peer_vpc_id = "${var.vpc_peer_id}" @@ -45,7 +58,7 @@ resource "aws_vpc_peering_connection" "this_cross_region" { # Accepter's side of the connection # ##################################### resource "aws_vpc_peering_connection_accepter" "peer_aacepter" { - provider = "${var.peer_provider}" + provider = "aws.peer" count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" vpc_peering_connection_id = "${aws_vpc_peering_connection.this_cross_region.id}" auto_accept = true From e6930a7f3275951eec3974da5b7b2a382e5bf74f Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:32:39 +0300 Subject: [PATCH 06/14] update variables.tf --- variables.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/variables.tf b/variables.tf index 8b66528..891cf47 100644 --- a/variables.tf +++ b/variables.tf @@ -18,6 +18,11 @@ variable "cross_region_peering" { default = false } +variable "this_region" { + description = "Main region alias: string" + default = "" +} + variable "peer_provider" { description = "Provider alias for the peer: string" default = "" From 1f401f71019913d2c19e718b64778773416f9f69 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:42:12 +0300 Subject: [PATCH 07/14] Fix interpolation in outputs --- outputs.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/outputs.tf b/outputs.tf index d2b16a0..71bdcb4 100644 --- a/outputs.tf +++ b/outputs.tf @@ -5,17 +5,17 @@ output "vpc_peering_id" { output "local_vpc_peering_accept_status" { description = "Accept status for the connection" - value = "${aws_vpc_peering_connection.this.id == "" ? "No local peering" : aws_vpc_peering_connection.this.accept_status}" + value = "${element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) == "" ? "No local peering" : element(concat(aws_vpc_peering_connection.this.*.accept_status, list("")), 0)}" } output "cross_region_peering_connection_id" { description = "Cross Region Peering ID" - value = "${var.cross_region_peering == 0 ? "No cross-region peering" : aws_vpc_peering_connection.this_cross_region.id}" + value = "${var.cross_region_peering == 0 ? "No cross-region peering" : element(concat(aws_vpc_peering_connection.this_cross_region.*.id, list("")), 0)}" } output "cross_region_peering_accept_status" { description = "Cross Region Peering Status" - value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" : aws_vpc_peering_connection.this_cross_region.accept_status}" + value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" : element(concat(aws_vpc_peering_connection.this_cross_region.*.accept_status, list("")), 0)}" } output "private_route_tables" { From 6e892a839a80a139aa2d8afd1349580f639606d9 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:51:50 +0300 Subject: [PATCH 08/14] Provide outputs via locals --- outputs.tf | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/outputs.tf b/outputs.tf index 71bdcb4..facaf0d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,31 +1,28 @@ +locals { + vpc_peering_id = "${compact(concat(coalescelist(aws_vpc_peering_connection.this.*.id, aws_vpc_peering_connection.this_cross_region.*.id), list("")))}" + peering_accept_status = "${compact(concat(coalescelist(aws_vpc_peering_connection.this.*.accept_status, aws_vpc_peering_connection.this_cross_region.*.accept_status), list("")))}" + private_route_tables = "${compact(concat(coalescelist(var.private_route_table_ids), list("")))}" + public_route_tables = "${compact(concat(coalescelist(var.private_route_table_ids), list("")))}" +} + output "vpc_peering_id" { description = "Peering connection ID" - value = "${var.peering_id == "" ? element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) : var.peering_id}" + value = ["${local.vpc_peering_id}"] } -output "local_vpc_peering_accept_status" { +output "vpc_peering_accept_status" { description = "Accept status for the connection" - value = "${element(concat(aws_vpc_peering_connection.this.*.id, list("")), 0) == "" ? "No local peering" : element(concat(aws_vpc_peering_connection.this.*.accept_status, list("")), 0)}" -} - -output "cross_region_peering_connection_id" { - description = "Cross Region Peering ID" - value = "${var.cross_region_peering == 0 ? "No cross-region peering" : element(concat(aws_vpc_peering_connection.this_cross_region.*.id, list("")), 0)}" -} - -output "cross_region_peering_accept_status" { - description = "Cross Region Peering Status" - value = "${var.cross_region_peering * var.create_peering == 0 ? "No cross-region peering" : element(concat(aws_vpc_peering_connection.this_cross_region.*.accept_status, list("")), 0)}" + value = ["${local.peering_accept_status}"] } output "private_route_tables" { description = "Private route tables" - value = ["${var.private_route_table_ids}"] + value = ["${local.private_route_tables}"] } output "public_route_table" { description = "Public route tables" - value = ["${var.public_route_table_ids}"] + value = ["${local.public_route_table_ids}"] } output "peer_cidr_block" { From 063a409933ebbbd02e16dc3349348c0b47835afe Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:54:07 +0300 Subject: [PATCH 09/14] Fix mistake in a function --- outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/outputs.tf b/outputs.tf index facaf0d..6ec876a 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,8 +1,8 @@ locals { vpc_peering_id = "${compact(concat(coalescelist(aws_vpc_peering_connection.this.*.id, aws_vpc_peering_connection.this_cross_region.*.id), list("")))}" peering_accept_status = "${compact(concat(coalescelist(aws_vpc_peering_connection.this.*.accept_status, aws_vpc_peering_connection.this_cross_region.*.accept_status), list("")))}" - private_route_tables = "${compact(concat(coalescelist(var.private_route_table_ids), list("")))}" - public_route_tables = "${compact(concat(coalescelist(var.private_route_table_ids), list("")))}" + private_route_tables = "${compact(concat(var.private_route_table_ids, list("")))}" + public_route_tables = "${compact(concat(var.private_route_table_ids, list("")))}" } output "vpc_peering_id" { From 4e3218565816728def3c8210dc5ee0890fb757d5 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 12:55:41 +0300 Subject: [PATCH 10/14] fix typo --- outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/outputs.tf b/outputs.tf index 6ec876a..64375e7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -22,7 +22,7 @@ output "private_route_tables" { output "public_route_table" { description = "Public route tables" - value = ["${local.public_route_table_ids}"] + value = ["${local.public_route_tables}"] } output "peer_cidr_block" { From 91719f4a475adf7f3aabb3b42dc2873153a5ce2c Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 14:01:36 +0300 Subject: [PATCH 11/14] Make variables consistent --- main.tf | 2 +- variables.tf | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index 469e4de..a58bce5 100644 --- a/main.tf +++ b/main.tf @@ -16,7 +16,7 @@ resource "aws_vpc_peering_connection" "this" { provider = "aws.this" count = "${(var.create_peering * (1 + var.cross_region_peering)) == "1" ? 1 : 0}" peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" - peer_vpc_id = "${var.vpc_peer_id}" + peer_vpc_id = "${var.peer_vpc_id}" vpc_id = "${var.this_vpc_id}" auto_accept = "${var.auto_accept_peering}" tags = "${var.tags}" diff --git a/variables.tf b/variables.tf index 891cf47..386cc76 100644 --- a/variables.tf +++ b/variables.tf @@ -3,7 +3,7 @@ variable "owner_account_id" { default = "" } -variable "vpc_peer_id" { +variable "peer_vpc_id" { description = "Peer VPC ID: string" default = "" } @@ -19,8 +19,8 @@ variable "cross_region_peering" { } variable "this_region" { - description = "Main region alias: string" - default = "" + description = "Main region alias: string" + default = "" } variable "peer_provider" { From 534d0bac171f76ad6e8880691c8cd384404cb7de Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 14:03:34 +0300 Subject: [PATCH 12/14] make variables consistent --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index a58bce5..4589389 100644 --- a/main.tf +++ b/main.tf @@ -49,7 +49,7 @@ resource "aws_vpc_peering_connection" "this_cross_region" { provider = "aws.this" count = "${(var.create_peering * var.cross_region_peering) == "1" ? 1 : 0}" peer_owner_id = "${var.owner_account_id == "" ? data.aws_caller_identity.current.account_id : var.owner_account_id}" - peer_vpc_id = "${var.vpc_peer_id}" + peer_vpc_id = "${var.peer_vpc_id}" vpc_id = "${var.this_vpc_id}" peer_region = "${var.peer_region}" } From 74710c61332aa68fbbee934fd43a57124a194d71 Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 16:11:05 +0300 Subject: [PATCH 13/14] Leverage proxy configuration blocks for providers --- main.tf | 8 ++++---- variables.tf | 5 ----- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/main.tf b/main.tf index 4589389..d1c48dc 100644 --- a/main.tf +++ b/main.tf @@ -1,12 +1,10 @@ # Providers are required because of cross-region provider "aws" { - region = "${var.this_region}" - alias = "this" + alias = "this" } provider "aws" { - region = "${var.peer_region}" - alias = "peer" + alias = "peer" } ########################## @@ -26,6 +24,7 @@ resource "aws_vpc_peering_connection" "this" { # Private routes # ################## resource "aws_route" "private_route_table" { + provider = "aws.this" count = "${length(var.private_route_table_ids)}" route_table_id = "${element(var.private_route_table_ids, count.index)}" destination_cidr_block = "${var.peer_cidr_block}" @@ -36,6 +35,7 @@ resource "aws_route" "private_route_table" { # Public routes # ################# resource "aws_route" "public_route_table" { + provider = "aws.this" count = "${length(var.public_route_table_ids)}" route_table_id = "${element(var.public_route_table_ids, count.index)}" destination_cidr_block = "${var.peer_cidr_block}" diff --git a/variables.tf b/variables.tf index 386cc76..d213116 100644 --- a/variables.tf +++ b/variables.tf @@ -18,11 +18,6 @@ variable "cross_region_peering" { default = false } -variable "this_region" { - description = "Main region alias: string" - default = "" -} - variable "peer_provider" { description = "Provider alias for the peer: string" default = "" From ca68798aa09fafef5d583e638246843e069a2a1e Mon Sep 17 00:00:00 2001 From: Yurii Rochniak Date: Tue, 9 Oct 2018 16:32:07 +0300 Subject: [PATCH 14/14] Update README --- README.md | 77 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 63 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 56937c9..ee3ddf4 100644 --- a/README.md +++ b/README.md @@ -8,41 +8,61 @@ This module is designed to work with [VPC](https://registry.terraform.io/modules Note ---- -Some features of the `aws_peering_conection` resource are missing. However, they can be easily added on request These types of resources are supported: * [Peering Connection](https://www.terraform.io/docs/providers/aws/d/vpc_peering_connection.html) * [AWS Route](https://www.terraform.io/docs/providers/aws/r/route.html) +* [Aws VPC Peering Connection Accepter](https://www.terraform.io/docs/providers/aws/r/vpc_peering_accepter.html) Usage ----- -Sample usage in combination with [VPC](https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/) Terraform module: + +### Single Region Peering +**Notice**: You need to declare both providers even with single region peering. ```hc1 -module "vpc-peering" { +module "vpc_single_region_peering" { source = "./terraform-aws-vpc-peering" - owner_account_id = "000000000000" - vpc_peer_id = "vpc-00000000" - this_vpc_id = "${module.vpc.vpc_id}" - private_route_table_ids = ["${module.vpc.private_route_table_ids}"] - public_route_table_ids = ["${module.vpc.public_route_table_ids}"] + providers = { + aws.this = "aws" + aws.peer = "aws" + } + + peer_region = "eu-west-1" + this_vpc_id = "vpc-00000000" + peer_vpc_id = "vpc-11111111" + cross_region_peering = false + private_route_table_ids = ["rtb-0000000"] + public_route_table_ids = ["rtb-1111111"] peer_cidr_block = "10.1.0.1/24" auto_accept_peering = true + create_peering = true + + tags = { + Name = "my-peering-connection" + Environment = "prod" + } } ``` Usage with already created peering connection: ```hc1 -module "vpc-peering" { +module "vpc_single_region_peering" { source = "./terraform-aws-vpc-peering" - owner_account_id = "000000000000" - vpc_peer_id = "vpc-00000000" - this_vpc_id = "${module.vpc.vpc_id}" - private_route_table_ids = ["${module.vpc.private_route_table_ids}"] - public_route_table_ids = ["${module.vpc.public_route_table_ids}"] + providers = { + aws.this = "aws" + aws.peer = "aws" + } + + peer_region = "eu-west-1" + this_vpc_id = "vpc-00000000" + peer_vpc_id = "vpc-11111111" + cross_region_peering = false + private_route_table_ids = ["rtb-0000000"] + public_route_table_ids = ["rtb-1111111"] peer_cidr_block = "10.1.0.1/24" auto_accept_peering = true create_peering = 0 @@ -50,6 +70,35 @@ module "vpc-peering" { } ``` + +### Cross Region Peering + +```hc1 +module "vpc_cross_region_peering" { + source = "github.com/grem11n/terraform-aws-vpc-peering?ref=cross-region-peering" + + providers = { + aws.this = "aws.src" + aws.peer = "aws.dst" + } + + peer_region = "us-east-1" + this_vpc_id = "vpc-00000000" + peer_vpc_id = "vpc-11111111" + cross_region_peering = true + private_route_table_ids = ["rtb-0000000"] + public_route_table_ids = ["rtb-1111111"] + peer_cidr_block = "10.1.0.1/24" + auto_accept_peering = true + create_peering = true + + tags = { + Name = "my-peering-connection" + Environment = "prod" + } +} +``` + Examples -------- Complete example is shown above