CODEWITHSUNDEEP
moduleterraformterraform-provider-awstransit-gateway
Renaira Santos
Renaira Santos

Reputation: 1

How to deactivate automatic association/propagation on terraform transit gateway module?

I created a TGW using a terraform module, and when I shared between accounts, the association and propagation was created by default and I don't want that because I need to attach other route tables. The TGW module creates two tables: spoke and hub, I need to add specific associations for each one, so I don't want to leave it as default, but how do I do that? I tried adding default_route_table = false, but it didn't work...

module "tgw" {
  source = "git::https://github.com/terraform-aws-transit-gateway.git?ref=v1.1.0"

  amazon_side_asn = var.amazon_side_asn

  enable_auto_accept_shared_attachments = true
  enable_multicast_support              = false
  enable_vpn_ecmp_support               = true

  vpc_attachments = {
    vpc_endpoint = {
      vpc_id = data.aws_ssm_parameter.endpoint_network_id.value
      subnet_ids = [
        data.aws_ssm_parameter.endpoint_tgw_attachment_network_private_id1.value,
        data.aws_ssm_parameter.endpoint_tgw_attachment_network_private_id2.value
      ]
      dns_support = true

      transit_gateway_default_route_table_association = false
      transit_gateway_default_route_table_propagation = false

    },

    vpc_iam_nss = {
      vpc_id = data.aws_ssm_parameter.iam_network_id.value
      subnet_ids = [
        data.aws_ssm_parameter.iam_nss_tgw_attachment_network_private_id1.value,
        data.aws_ssm_parameter.iam_nss_tgw_attachment_network_private_id2.value
      ]
      dns_support = true

      transit_gateway_default_route_table_association = false
      transit_gateway_default_route_table_propagation = false

    }

Upvotes: 0

Views: 49

Answers (1)

Renaira Santos
Renaira Santos

Reputation: 1

I don't know if this is the best approach, but it worked as follows,


resource "null_resource" "remove_tgw_attachment_hub_rtb" {
  provisioner "local-exec" {
    command = <<EOT
      aws ec2 disassociate-transit-gateway-route-table \
          --transit-gateway-route-table-id ${var.route_table_id} \
          --transit-gateway-attachment-id ${var.tgw_attach_id} \
          --region ${var.aws_region}
    EOT
  }

}

associate on new route table:

resource "aws_ec2_transit_gateway_route_table_association" "spoke_association" {
  transit_gateway_attachment_id  = var.tgw_attach_id
  transit_gateway_route_table_id = module.tgw.ec2_transit_gateway_route_table_id

  lifecycle {
    create_before_destroy = true
  }
}

Upvotes: 0

Related Questions