Support multiple route tables for a single tgw

[flah00]

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform?

• Yes ✅: 0.0.0?

I assume we've always been able to associate more than one tgw route table with a tgw?

Is your request related to a problem? Please describe.

We want to associate multiple tgw route tables to a single tgw. We also want to manage routes for each of the tgw route tables.

Within our network account we want to create a tgw per region. Within the region we will create "environment" VPCs, eg prod, nonprod, uat. Each VPC will attach to the tgw but each environment will be routed using a table dedicated to the environment. Thus each tgw will have four route tables, the default, prod, nonprod, and uat.

Describe the solution you'd like.

It would be great if we could create n tgw route tables for a tgw and associate attachments with one of the tgw route tables.

Describe alternatives you've considered.

A main module and then one module instance per "environment".
This is unworkable, because tgw route tables are only managed when create_tgw and create_tgw_routes are both true.

module "transit_gateway" {
  source  = "terraform-aws-modules/transit-gateway/aws"
  version = "2.13.0"

  name = var.tgw_name

  vpc_attachments             = var.tgw_vpc_attachments
  transit_gateway_cidr_blocks = var.tgw_cidr_blocks

  amazon_side_asn = "64535"
  create_tgw      = true

  tgw_default_route_table_tags = data.aws_default_tags.aws.tags
  tgw_route_table_tags         = data.aws_default_tags.aws.tags
  tgw_vpc_attachment_tags      = data.aws_default_tags.aws.tags
  tgw_tags                     = data.aws_default_tags.aws.tags

  enable_auto_accept_shared_attachments = var.tgw_enable_auto_accept_shared_attachments
}

module "nonprod" {
  source  = "terraform-aws-modules/transit-gateway/aws"
  version = "2.13.0"
  # 💥 this configuration would not lead to tgw route table creation 😢 💥 
  # https://github.com/terraform-aws-modules/terraform-aws-transit-gateway/blob/master/main.tf#L94
  create_tgw        = false
  create_tgw_routes = true

  vpc_attachments = {
    "nonprod" = {
      name        = "some-non-prod-thing"
      tgw_id      = module.transit_gateway.ec2_transit_gateway_id
      description = "some-non-prod-thing attachment to network"
      vpc_id      = module.vpc.vpc_id
      subnet_ids  = module.vpc.private_subnets


      vpc_route_table_ids  = module.vpc.private_route_table_ids
      tgw_destination_cidr = "10.0.0.0/8"

      security_group_referencing_support = false
      dns_support                        = true
      ipv6_support                       = false

      transit_gateway_default_route_table_association = false
      transit_gateway_default_route_table_propagation = false
    }
  }
}

Additional context

[ronaldour]

Looks like #132 #113 addresses this too. Hopefully they will get a release soon

[edit] wrong PR number

[marcelomanchester]

@ronaldour I don't think so; this PR includes additional vpc routes but not more tgw route tables.

I also would like to create multiple tgw route tables for a single tgw, I'm working on creating a single exit point VPC architecture.
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/creating-a-single-internet-exit-point-from-multiple-vpcs-using-aws-transit-gateway/

[ronaldour]

@marcelomanchester sorry wrong PR number, looks like 113 has a big refactor of the module with breaking changes and potentially solving multiple issues

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions]

This issue was automatically closed because of stale in 10 days

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.