-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
35 lines (30 loc) · 1.08 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
provider "aws" {
alias = "protected"
}
#########################
# Resource Access Manager
#########################
#find the resource share in the transit account
data "aws_ram_resource_share" "this" {
name = var.resource_share_name
resource_owner = "SELF"
}
# AWS resources shared via Resource Access Manager can take a few seconds to
# propagate across AWS accounts after RAM returns a successful association.
resource "time_sleep" "ram_resource_propagation" {
create_duration = "60s"
triggers = {
# This sets up a proper dependency on the RAM association
tgw_resource_arn = aws_ram_principal_association.example.resource_arn
}
}
#create a new principal association to the existing resource share
resource "aws_ram_principal_association" "this" {
principal = var.principal
resource_share_arn = data.aws_ram_resource_share.this.arn
}
#accept the shared resource on the customer spoke VPC account
resource "aws_ram_resource_share_accepter" "this" {
provider = aws.protected
share_arn = [time_sleep.ram_resource_propagation.triggers["tgw_resource_arn"]]
}