Extended aws_vpn_gateway use case. (#67)

* Extended aws_vpn_gateway use case * Fixed warning from outputs on vgw_id

Extended aws_vpn_gateway use case. (#67)
* Extended aws_vpn_gateway use case * Fixed warning from outputs on vgw_id
a907849c · robh007 · Anton Babenko · e651b0b6 · a907849c · a907849c
Commit a907849c authored Feb 10, 2018 by robh007 Committed by Anton Babenko Feb 10, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 11 deletions

main.tf main.tf +23 -4

outputs.tf outputs.tf +1 -1

variables.tf variables.tf +11 -6

No files found.
--- a/main.tf
+++ b/main.tf
@@ -62,8 +62,7 @@ resource "aws_internet_gateway" "this" {
 resource "aws_route_table" "public" {
  count = "${var.create_vpc && length(var.public_subnets) > 0 ? 1 : 0}"
-  vpc_id           = "${aws_vpc.this.id}"
+  vpc_id = "${aws_vpc.this.id}"
-  propagating_vgws = ["${var.public_propagating_vgws}"]
  tags = "${merge(var.tags, var.public_route_table_tags, map("Name", format("%s-public", var.name)))}"
 }
@@ -83,8 +82,7 @@ resource "aws_route" "public_internet_gateway" {
 resource "aws_route_table" "private" {
  count = "${var.create_vpc && local.max_subnet_length > 0 ? local.max_subnet_length : 0}"
-  vpc_id           = "${aws_vpc.this.id}"
+  vpc_id = "${aws_vpc.this.id}"
-  propagating_vgws = ["${var.private_propagating_vgws}"]
  tags = "${merge(var.tags, var.private_route_table_tags, map("Name", format("%s-private-%s", var.name, element(var.azs, count.index))))}"
@@ -340,6 +338,27 @@ resource "aws_vpn_gateway" "this" {
  tags = "${merge(var.tags, map("Name", format("%s", var.name)))}"
 }
+resource "aws_vpn_gateway_attachment" "this" {
+  count = "${var.vpn_gateway_id != "" ? 1 : 0}"
+  vpc_id         = "${aws_vpc.this.id}"
+  vpn_gateway_id = "${var.vpn_gateway_id}"
+}
+resource "aws_vpn_gateway_route_propagation" "public" {
+  count = "${var.create_vpc && var.propagate_public_route_tables_vgw && (var.enable_vpn_gateway  || var.vpn_gateway_id != "") ? 1 : 0}"
+  route_table_id = "${element(aws_route_table.public.*.id, count.index)}"
+  vpn_gateway_id = "${element(concat(aws_vpn_gateway.this.*.id, aws_vpn_gateway_attachment.this.*.vpn_gateway_id), count.index)}"
+}
+resource "aws_vpn_gateway_route_propagation" "private" {
+  count = "${var.create_vpc && var.propagate_private_route_tables_vgw && (var.enable_vpn_gateway || var.vpn_gateway_id != "") ? length(var.private_subnets) : 0}"
+  route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
+  vpn_gateway_id = "${element(concat(aws_vpn_gateway.this.*.id, aws_vpn_gateway_attachment.this.*.vpn_gateway_id), count.index)}"
+}
 ###########
 # Defaults
 ###########

--- a/outputs.tf
+++ b/outputs.tf
@@ -181,7 +181,7 @@ output "vpc_endpoint_dynamodb_id" {
 # VPN Gateway
 output "vgw_id" {
  description = "The ID of the VPN Gateway"
-  value       = "${element(concat(aws_vpn_gateway.this.*.id, list("")), 0)}"
+  value       = "${element(concat(aws_vpn_gateway.this.*.id, aws_vpn_gateway_attachment.this.*.vpn_gateway_id, list("")), 0)}"
 }
 output "vpc_endpoint_dynamodb_pl_id" {

--- a/variables.tf
+++ b/variables.tf
@@ -107,14 +107,19 @@ variable "enable_vpn_gateway" {
  default     = false
 }
-variable "private_propagating_vgws" {
+variable "vpn_gateway_id" {
-  description = "A list of VGWs the private route table should propagate"
+  description = "ID of VPN Gateway to attach to the VPC"
-  default     = []
+  default     = ""
 }
-variable "public_propagating_vgws" {
+variable "propagate_private_route_tables_vgw" {
-  description = "A list of VGWs the public route table should propagate"
+  description = "Should be true if you want route table propagation"
-  default     = []
+  default     = false
+}
+variable "propagate_public_route_tables_vgw" {
+  description = "Should be true if you want route table propagation"
+  default     = false
 }
 variable "tags" {