terraform-aws-arc-transit-gateway

Module: sourcefuse/arc-transit-gateway/aws

Registry: https://registry.terraform.io/modules/sourcefuse/arc-transit-gateway/aws

Category: Networking / Transit

Source: https://github.com/sourcefuse/terraform-aws-arc-transit-gateway

Overview

Creates AWS Transit Gateway with VPC attachments, route table associations, and cross-account sharing via Resource Access Manager.

Architecture

What It Does

• Transit Gateway with configurable ASN and routing options
• VPC attachments with subnet configuration
• Route table associations and propagations
• Cross-account sharing via AWS RAM
• Static routes for custom routing
• DNS support and multicast configuration

Quickstart

module "tgw" {
  source  = "sourcefuse/arc-transit-gateway/aws"
  version = "1.0.0"

  namespace   = "myapp"
  environment = "prod"

  create_transit_gateway = true
  transit_gateway_name   = "myapp-prod-tgw"

  vpc_attachments = {
    "spoke-vpc" = {
      vpc_id     = data.aws_vpc.spoke.id
      subnet_ids = data.aws_subnets.private.ids
    }
  }

  tags = { Environment = "prod" }
}

Required Inputs

Name	Type	Description
namespace	string	Namespace prefix
environment	string	Deployment environment
## Key Outputs

Name	Description
transit_gateway_id	Transit Gateway ID
transit_gateway_arn	Transit Gateway ARN
vpc_attachment_ids	Map of VPC attachment IDs
## Full Variable & Output Reference

The complete inputs/outputs reference is auto-generated below.

Requirements

Name	Version
terraform	~> 1.3, < 2.0.0
aws	~> 5.0
random	~> 3.0

Providers

Name	Version
aws	5.64.0
aws.target	5.64.0

Modules

No modules.

Resources

Name	Type
aws_ec2_transit_gateway.this	resource
aws_ec2_transit_gateway_vpc_attachment.source	resource
aws_ec2_transit_gateway_vpc_attachment.this	resource
aws_ec2_transit_gateway_vpc_attachment_accepter.this	resource
aws_ram_principal_association.target_account	resource
aws_ram_resource_association.transit_gateway	resource
aws_ram_resource_share.transit_gateway	resource
aws_ram_resource_share_accepter.transit_gateway	resource
aws_route.source	resource
aws_route.this	resource
aws_ec2_transit_gateway.this	data source
aws_vpc.source_vpc	data source
aws_vpc.target_vpc	data source

Inputs

Name	Description	Type	Default	Required
allow_external_principals	Indicates whether external principals (accounts outside the organization) are allowed.	bool	true	no
auto_accept_shared_attachments	Whether resource attachment requests are automatically accepted	string	"disable"	no
create_transit_gateway	n/a	bool	true	no
create_transit_gateway_attacment_in_source_account	n/a	bool	true	no
default_route_table_association	Whether resource attachments are associated with the default route table	string	"enable"	no
default_route_table_propagation	Whether resource attachments automatically propagate routes to the default route table	string	"enable"	no
dns_support	Enable or disable DNS support	string	"enable"	no
existing_transit_gateway_id	n/a	string	null	no
source_attachment_dns_support	Enable or disable DNS support	string	"enable"	no
source_attachment_ipv6_support	Enable or disable IPv6 support	string	"disable"	no
source_attachment_name	The name tag for the source Transit Gateway VPC attachment.	string	"TransitGateway-VPC-Attachment-Source"	no
source_cidr_block	Destination CIDR block for the route	string	null	no
source_route_table_ids	Route table ID to add routes to	list(any)	[]	no
source_subnet_ids	List of subnet IDs for the Transit Gateway VPC attachment	list(string)	[]	no
source_vpc_id	The VPC ID for the Transit Gateway VPC attachment	string	null	no
tags	A map of tags to assign to the resource.	map(string)	{}	no
target_account_id	The AWS Account ID where the Transit Gateway is shared	list(any)	n/a	yes
target_attachment_dns_support	Enable or disable DNS support	string	"enable"	no
target_attachment_ipv6_support	Enable or disable IPv6 support	string	"disable"	no
target_attachment_name	The name tag for the target Transit Gateway VPC attachment.	string	"TransitGateway-VPC-Attachment-Target"	no
target_cidr_block	Destination CIDR block for the route	string	null	no
target_route_table_ids	Route table ID to add routes to	list(any)	n/a	yes
target_subnet_ids	List of subnet IDs for the Transit Gateway VPC attachment	list(string)	n/a	yes
target_vpc_id	The VPC ID for the Transit Gateway VPC attachment	string	n/a	yes
transit_gateway_asn	Amazon side ASN for the Transit Gateway	number	64512	no
transit_gateway_name	Name of the Transit Gateway	string	"Transit-GW"	no
transit_gateway_share_name	The name of the Transit Gateway resource share.	string	"transit-gateway-share"	no
vpn_ecmp_support	Enable or disable Equal Cost Multipath support for VPN	string	"enable"	no

Outputs

Name	Description
transit_gateway_arn	The ARN of the Transit Gateway
transit_gateway_id	The ID of the Transit Gateway

Versioning

This project uses a .version file at the root of the repo which the pipeline reads from and does a git tag.

When you intend to commit to main, you will need to increment this version. Once the project is merged, the pipeline will kick off and tag the latest git commit.

Development

Prerequisites

• terraform
• terraform-docs
• pre-commit
• golang
• golint

Configurations

• Configure pre-commit hooks

  pre-commit install
  

Versioning

while Contributing or doing git commit please specify the breaking change in your commit message whether its major,minor or patch

For Example

git commit -m "your commit message #major"

By specifying this , it will bump the version and if you don't specify this in your commit message then by default it will consider patch and will bump that accordingly

Tests

• Tests are available in test directory
• Configure the dependencies

  cd test/
  go mod init github.com/sourcefuse/terraform-aws-refarch-<module_name>
  go get github.com/gruntwork-io/terratest/modules/terraform
  

• Now execute the test
  

  go test -timeout  30m
  

Contributing

See CONTRIBUTING.md for commit conventions and development setup.

Authors

This project is authored by: - SourceFuse ARC Team