terraform VPC peering module

main.tf

provider "aws" {
  alias   = "this"
  version = ">= 1.23.0"
}

provider "aws" {
  alias   = "peer"
  version = ">= 1.23.0"
}

locals {
  # need_acceptor == true means no auto_accept
  need_accepter   = "${(local.this_region != local.peer_region || local.this_account_id != local.peer_account_id) ? true : false}"
  this_region     = "${data.aws_region.this.name}"
  peer_region     = "${data.aws_region.peer.name}"
  this_account_id = "${data.aws_caller_identity.this.account_id}"
  peer_account_id = "${data.aws_caller_identity.peer.account_id}"
}

data "aws_region" "this" {
  provider = "aws.this"
}

data "aws_caller_identity" "this" {
  provider = "aws.this"
}

data "aws_region" "peer" {
  provider = "aws.peer"
}

data "aws_caller_identity" "peer" {
  provider = "aws.peer"
}

# Make our peering connection
resource "aws_vpc_peering_connection" "p" {
  provider = "aws.this"

  peer_owner_id = "${local.peer_account_id}"
  peer_vpc_id   = "${var.peer_vpc_id}"
  peer_region   = "${local.need_accepter ? local.peer_region : ""}"
  vpc_id        = "${var.requester_vpc_id}"
  auto_accept   = "${local.need_accepter ? false : true}"

  tags = "${var.tags}"
}

resource "aws_vpc_peering_connection_accepter" "a" {
  count                     = "${local.need_accepter ? 1 : 0}"
  provider                  = "aws.peer"
  vpc_peering_connection_id = "${aws_vpc_peering_connection.p.id}"
  auto_accept               = true
}

# Add routes to peering connections for peer VPC
resource "aws_route" "peer" {
  count    = "${length(var.peer_subnets)}"
  provider = "aws.peer"

  route_table_id            = "${element(data.aws_route_table.peer.*.route_table_id, count.index)}"
  destination_cidr_block    = "${var.requester_vpc_cidr}"
  vpc_peering_connection_id = "${aws_vpc_peering_connection.p.id}"
}

data "aws_route_table" "peer" {
  provider  = "aws.peer"
  count     = "${length(var.peer_subnets)}"
  subnet_id = "${element(var.peer_subnets, count.index)}"
}

# Add routes to peering connections for requester VPC
resource "aws_route" "requester" {
  provider = "aws.this"
  count    = "${length(var.requester_subnets)}"

  route_table_id            = "${element(data.aws_route_table.requester.*.route_table_id, count.index)}"
  destination_cidr_block    = "${var.peer_vpc_cidr}"
  vpc_peering_connection_id = "${aws_vpc_peering_connection.p.id}"
}

data "aws_route_table" "requester" {
  provider  = "aws.this"
  count     = "${length(var.requester_subnets)}"
  subnet_id = "${element(var.requester_subnets, count.index)}"
}

variables.tf

variable "requester_vpc_id" {
  description = "The ID of the VPC we are requesting peering from."
  type        = "string"
}

variable "requester_vpc_cidr" {
  description = "The CIDR block of the VPC we are requesting peering from."
  type        = "string"
}

variable "peer_vpc_id" {
  description = "VPC id in the vpc_peer_account_id to peer to."
  type        = "string"
}

variable "peer_vpc_cidr" {
  description = "CIDR range of the VPC to peer to."
  type        = "string"
}

variable "requester_subnets" {
  description = "list of requester VPC subnets to add pcx route to accepter"
  default     = []
}

variable "peer_subnets" {
  description = "list of subnets to add pcx routes to requester"
  default     = []
}

variable "tags" {
  description = "A map of tags for the peering connection"
  default     = {}
}