This module creates a Transit Gateway (TGW) and allows you to attach multiple VPCs with customizable route propagation and association settings.
| Name | Version |
|---|---|
| aws | 5.82.2 |
| Terraform | >= 1.12.1 |
module "transit_gateway" {
source = "OT-CLOUD-KIT/terraform-aws-rds-postgres"
amazon_side_asn = 64512
auto_accept_shared_attachments = "enable"
default_route_table_association = "enable"
default_route_table_propagation = "enable"
dns_support = "enable"
multicast_support = "disable"
vpn_ecmp_support = "enable"
security_group_referencing_support = "disable"
transit_gateway_cidr_blocks = ["172.31.0.0/16"]
vpc_attachments = {
"vpc-a" = {
vpc_id = "vpc-0123456789abcdef0"
subnet_ids = ["subnet-03b5635832hg", "subnet-5h673490bg"]
dns_support = true
ipv6_support = false
appliance_mode_support = false
security_group_referencing_support = false
default_association = true
default_propagation = true
}
"vpc-b" = {
vpc_id = "vpc-0abcdef1234567890"
subnet_ids = ["subnet-bbb11146fga1", "subnet-bbbaQFG222"]
dns_support = true
ipv6_support = false
appliance_mode_support = false
security_group_referencing_support = false
default_association = true
default_propagation = true
}
}
tgw_route_cidr_block = {
"vpc-a" = {
cidr = "10.0.0.0/16"
attachment_key = "vpc-a"
}
"vpc-b" = {
cidr = "10.1.0.0/16"
attachment_key = "vpc-b"
}
}
tags = {
Environment = "dev"
Owner = "team-x"
}
transit_gateway_name = "tgw"
}
Note:
The above example demonstrates how to use the module. All variables, resources, and outputs used here are already defined within this module.
Related Module:
If you're looking for a production-ready VPC setup with best practices (CIDR structure, subnets, route tables, flow logs, tagging, etc.), check out our
Terraform AWS Network Skeleton
| Name | Type |
|---|---|
| aws_ec2_transit_gateway | resource |
| aws_ec2_transit_gateway_vpc_attachment | resource |
| aws_route | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| amazon_side_asn | ASN for the Amazon side of the TGW | number |
4200000000 |
no |
| auto_accept_shared_attachments | Automatically accept shared attachments | string |
"enable" |
no |
| default_route_table_association | Automatically associate TGW route tables | string |
"enable" |
no |
| default_route_table_propagation | Automatically propagate to TGW route tables | string |
"enable" |
no |
| dns_support | Enable DNS support for TGW | string |
"enable" |
no |
| transit_gateway_cidr_blocks | List of CIDR blocks assigned to the TGW | list(string) |
["10.200.0.0/16"] |
no |
| transit_gateway_name | Name tag for the TGW | string |
"prod-tgw" |
no |
| tags | Common tags applied to all TGW resources | map(string) |
{ Environment = "prod", Owner = "Nikita" } |
no |
| tgw_route_cidr_block | Global CIDR block for adding TGW routes | string |
"10.0.0.0/8" |
yes |
| vpc_attachments | List of VPC attachments with details | list(object) |
[] |
yes |
name |
Name of the TGW VPC attachment | string |
tgw-attachment-vpc-a | yes |
vpc_id |
VPC ID to attach to the TGW | string |
vpc-0b2e7e2387bf08301 | yes |
subnet_ids |
List of subnet IDs used for TGW attachment (must be in different AZs) | list(string) |
- | yes |
route_table_id |
Route table ID to which TGW routes will be added | string |
- | yes |
dns_support |
Enable or disable DNS support for attachment | string |
- | yes |
ipv6_support |
Enable or disable IPv6 support | string |
- | yes |
associate_with_tgw_route_table |
Whether to associate this attachment with the TGW route table | bool |
- | yes |
propagate_to_tgw_route_table |
Whether to propagate routes to the TGW route table | bool |
- | yes |
| Name | Description |
|---|---|
transit_gateway_id |
The ID of the created Transit Gateway |
vpc_attachment_ids |
A map of VPC attachment names to their TGW attachment IDs |
- Ensure VPCs, subnets, and route tables exist before applying this module.
- Validate that subnet IDs are correct and belong to the specified VPC.