A Terraform module for setting up VPC peering between two VPCs that enables to route traffic between them.
This module features the following components to be provisioned with different combinations:
- VPC Peering Connection [aws_vpc_peering_connection]
- VPC Peering Connection Accepter [aws_vpc_peering_connection_accepter]
- VPC Peering Connection Option [aws_vpc_peering_connection_options]
- For VPC Peering Connection Requester
- For VPC Peering Connection Accepter
- Route [aws_route]
| Name | Version |
|---|---|
| terraform | >= 1.2.5 |
| aws | >= 4.22.0 |
| Name | Version |
|---|---|
| aws | >= 4.22.0 |
Refer Configuration Examples for effectively utilizing this module.
| Name | Description | Type | Default | Required | Example |
|---|---|---|---|---|---|
| vpc_peering_connection_handler | Peering Connection Handler. | string |
"both" |
no | |
| owner_account_id | The AWS account ID of the owner of the peer VPC. | string |
null |
no | |
| owner_vpc_id | The ID of the owner VPC. | string |
yes | ||
| peer_vpc_id | The ID of the VPC with which you are creating the VPC Peering Connection. | string |
yes | ||
| peer_vpc_region | The region of the Peer VPC of the VPC Peering Connection. | string |
null |
no | |
| peering_connection_id | VPC Peering Connection ID. Required if vpc_peering_connection_handler is set as peer |
string |
null |
no | |
| auto_accept_peering | Flag to decide if peering request should be accepted. | bool |
false |
no | |
| allow_owner_vpc_dns_resolution | Flag to decide if allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. | bool |
false |
no | |
| allow_peer_vpc_dns_resolution | Flag to decide if allow a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC. | bool |
false |
no | |
| generalize_routes_to_peer | Flag to decide if Routes to peer_cidrs should be set in all Owner VPC's route tables. |
bool |
false |
no | |
| peer_cidrs | The list of CIDRs for which routes should be created in all Owner VPC's route tables. | list(string) |
[] |
no | |
| specific_routes_to_peer | The specific routes to Peer VPC through VPC peering connection. | list(map(string)) |
[] |
no | |
| generalize_routes_to_owner | Flag to decide if Routes to owner_cidrs should be set in all Peer VPC's route tables. |
bool |
false |
no | |
| owner_cidrs | The list of CIDRs for which routes should be created in all Peer VPC's route tables. | list(string) |
[] |
no | |
| specific_routes_to_owner | The specific routes to Owner VPC through VPC peering connection. | list(map(string)) |
[] |
no | |
| tags | Map of tags to be assigned to Peering connection. | map(string) |
{} |
no |
- It required 2 alias AWS Providers, one for Connection Requester and other for Connection Accepter.
providers = {
aws.owner = <provider for Requester>
aws.peer = <provider for Accepter>
}
- Connection options can't be set until the connection has been accepted. So,
- If
vpc_peering_connection_handleris set asbothallow_owner_vpc_dns_resolutionandallow_peer_vpc_dns_resolutioncan only be settrueifauto_accept_peeringis also settrue
- If
vpc_peering_connection_handleris set asowner,allow_peer_vpc_dns_resolutionmust be setfalseallow_owner_vpc_dns_resolutionmust be setfalseand should only settrueonce connection is accepted by Peer
- If
vpc_peering_connection_handleris set aspeer,allow_owner_vpc_dns_resolutionmust be setfalseallow_peer_vpc_dns_resolutioncan only be settrueifauto_accept_peeringis also settrue.
- If
| Name | Type | Description |
|---|---|---|
| id | The ID of the VPC Peering Connection. | string |
| status | The status of the VPC Peering Connection request. | string |
| owner_connection_option | The ID of the VPC Peering Connection Owner Option. | string |
| peer_connection_option | The ID of the VPC Peering Connection Peer Option. | string |
Module is maintained by Ankit Jain with help from these professional.