jeffbrl · January 16, 2020 00:58
diff --git a/vpc-full-mesh-tgw.tf b/vpc-full-mesh-tgw.tf
 module "vpc-one" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "1.53.0"

  name = "terraform-vpc-one"

  cidr = "10.1.0.0/16"

  azs = ["ap-northeast-1a", "ap-northeast-1c"]

  public_subnets       = ["10.1.0.0/24", "10.1.1.0/24"]
  enable_dns_hostnames = true
  enable_dns_support   = true
 }

 module "vpc-two" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "1.53.0"

  name = "terraform-vpc-two"

  cidr = "10.2.0.0/16"

  azs = ["ap-northeast-1a", "ap-northeast-1c"]

  private_subnets      = ["10.2.0.0/24", "10.2.1.0/24"]
  enable_dns_hostnames = true
  enable_dns_support   = true
 }

 module "vpc-three" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "1.53.0"

  name = "terraform-vpc-three"

  cidr = "10.3.0.0/16"

  azs = ["ap-northeast-1a", "ap-northeast-1c"]

  private_subnets      = ["10.3.0.0/24", "10.3.1.0/24"]
  enable_dns_hostnames = true
  enable_dns_support   = true
 }

 module "vpc-four" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "1.53.0"

  name = "terraform-vpc-four"

  cidr = "10.4.0.0/16"
  azs  = ["ap-northeast-1a", "ap-northeast-1c"]

  private_subnets      = ["10.4.0.0/24", "10.4.1.0/24"]
  enable_dns_hostnames = true
  enable_dns_support   = true
 }

 resource "aws_ec2_transit_gateway" "tgw" {
  auto_accept_shared_attachments = "enable"
 }

 resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-one_tgw_attachment" {
  subnet_ids         = ["${module.vpc-one.public_subnets}"]
  transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
  vpc_id             = "${module.vpc-one.vpc_id}"
 }

 resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-two_tgw_attachment" {
  subnet_ids         = ["${module.vpc-two.private_subnets}"]
  transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
  vpc_id             = "${module.vpc-two.vpc_id}"
 }

 resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-three_tgw_attachment" {
  subnet_ids         = ["${module.vpc-three.private_subnets}"]
  transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
  vpc_id             = "${module.vpc-three.vpc_id}"
 }

 resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-four_tgw_attachment" {
  subnet_ids         = ["${module.vpc-four.private_subnets}"]
  transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
  vpc_id             = "${module.vpc-four.vpc_id}"
 }

 resource "aws_route" "tgw-route-one" {
  route_table_id         = "${module.vpc-one.public_route_table_ids[0]}"
  destination_cidr_block = "10.0.0.0/8"
  transit_gateway_id     = "${aws_ec2_transit_gateway.tgw.id}"
 }

 resource "aws_route" "tgw-route-two" {
  route_table_id         = "${module.vpc-two.private_route_table_ids[0]}"
  destination_cidr_block = "10.0.0.0/8"
  transit_gateway_id     = "${aws_ec2_transit_gateway.tgw.id}"
 }

 resource "aws_route" "tgw-route-three" {
  route_table_id         = "${module.vpc-three.private_route_table_ids[0]}"
  destination_cidr_block = "10.0.0.0/8"
  transit_gateway_id     = "${aws_ec2_transit_gateway.tgw.id}"
 }

 resource "aws_route" "tgw-route-four" {
  route_table_id         = "${module.vpc-four.private_route_table_ids[0]}"
  destination_cidr_block = "10.0.0.0/8"
  transit_gateway_id     = "${aws_ec2_transit_gateway.tgw.id}"
 }
diff --git a/vpc-instances.tf b/vpc-instances.tf
 data "template_file" "user_data" {
  template = "${file("user-data.tpl")}"

  vars = {
    private_key_contents = "${file("mykey")}"
  }
 }

 resource "aws_security_group" "vpc-one-ssh-in" {
  name   = "allow-ssh-sg"
  vpc_id = "${module.vpc-one.vpc_id}"

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = 22
    to_port   = 22
    protocol  = "tcp"
  }
 }

 resource "aws_security_group" "vpc-two-ping-ssh-in" {
  name   = "allow-ping-ssh-sg"
  vpc_id = "${module.vpc-two.vpc_id}"

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = 22
    to_port   = 22
    protocol  = "tcp"
  }

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = -1
    to_port   = -1
    protocol  = "icmp"
  }
 }

 resource "aws_security_group" "vpc-three-ping-ssh-in" {
  name   = "allow-ping-ssh-sg"
  vpc_id = "${module.vpc-three.vpc_id}"

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = 22
    to_port   = 22
    protocol  = "tcp"
  }

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = -1
    to_port   = -1
    protocol  = "icmp"
  }
 }

 resource "aws_security_group" "vpc-four-ping-ssh-in" {
  name   = "allow-ping-ssh-sg"
  vpc_id = "${module.vpc-four.vpc_id}"

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = 22
    to_port   = 22
    protocol  = "tcp"
  }

  ingress {
    cidr_blocks = [
      "0.0.0.0/0",
    ]

    from_port = -1
    to_port   = -1
    protocol  = "icmp"
  }
 }

 resource "aws_key_pair" "terraform-tgw-ssh-keypair" {
  key_name   = "terraform-tgw-ssh-keypair"
  public_key = "${file("mykey.pub")}"
 }

 resource "aws_instance" "vpc-one-bastion" {
  ami                         = "${var.ubuntu_ami}"
  instance_type               = "t2.micro"
  associate_public_ip_address = true
  subnet_id                   = "${module.vpc-one.public_subnets[0]}"
  security_groups             = ["${aws_security_group.vpc-one-ssh-in.id}", "${module.vpc-one.default_security_group_id}"]
  key_name                    = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
  user_data                   = "${data.template_file.user_data.rendered}"

  tags = {
    Name = "vpc-one-bastion"
  }
 }

 resource "aws_instance" "vpc-two-test" {
  ami = "${var.ubuntu_ami}"

  instance_type   = "t2.micro"
  subnet_id       = "${module.vpc-two.private_subnets[0]}"
  key_name        = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
  security_groups = ["${aws_security_group.vpc-two-ping-ssh-in.id}", "${module.vpc-two.default_security_group_id}"]
  private_ip      = "10.2.0.10"
  user_data       = "${data.template_file.user_data.rendered}"

  tags = {
    Name = "vpc-two-test"
  }
 }

 resource "aws_instance" "vpc-three-test" {
  ami             = "${var.ubuntu_ami}"
  instance_type   = "t2.micro"
  subnet_id       = "${module.vpc-three.private_subnets[0]}"
  key_name        = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
  security_groups = ["${aws_security_group.vpc-three-ping-ssh-in.id}", "${module.vpc-three.default_security_group_id}"]
  private_ip      = "10.3.0.10"
  user_data       = "${data.template_file.user_data.rendered}"

  tags = {
    Name = "vpc-three-test"
  }
 }

 resource "aws_instance" "vpc-four-test" {
  ami             = "${var.ubuntu_ami}"
  instance_type   = "t2.micro"
  key_name        = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
  security_groups = ["${aws_security_group.vpc-four-ping-ssh-in.id}", "${module.vpc-four.default_security_group_id}"]
  subnet_id       = "${module.vpc-four.private_subnets[0]}"
  private_ip      = "10.4.0.10"
  user_data       = "${data.template_file.user_data.rendered}"

  tags = {
    Name = "vpc-four-test"
  }
 }
diff --git a/z_README.md b/z_README.md
	module "vpc-one" {
	source = "terraform-aws-modules/vpc/aws"
	version = "1.53.0"

	name = "terraform-vpc-one"

	cidr = "10.1.0.0/16"

	azs = ["ap-northeast-1a", "ap-northeast-1c"]

	public_subnets = ["10.1.0.0/24", "10.1.1.0/24"]
	enable_dns_hostnames = true
	enable_dns_support = true
	}

	module "vpc-two" {
	source = "terraform-aws-modules/vpc/aws"
	version = "1.53.0"

	name = "terraform-vpc-two"

	cidr = "10.2.0.0/16"

	azs = ["ap-northeast-1a", "ap-northeast-1c"]

	private_subnets = ["10.2.0.0/24", "10.2.1.0/24"]
	enable_dns_hostnames = true
	enable_dns_support = true
	}

	module "vpc-three" {
	source = "terraform-aws-modules/vpc/aws"
	version = "1.53.0"

	name = "terraform-vpc-three"

	cidr = "10.3.0.0/16"

	azs = ["ap-northeast-1a", "ap-northeast-1c"]

	private_subnets = ["10.3.0.0/24", "10.3.1.0/24"]
	enable_dns_hostnames = true
	enable_dns_support = true
	}

	module "vpc-four" {
	source = "terraform-aws-modules/vpc/aws"
	version = "1.53.0"

	name = "terraform-vpc-four"

	cidr = "10.4.0.0/16"
	azs = ["ap-northeast-1a", "ap-northeast-1c"]

	private_subnets = ["10.4.0.0/24", "10.4.1.0/24"]
	enable_dns_hostnames = true
	enable_dns_support = true
	}

	resource "aws_ec2_transit_gateway" "tgw" {
	auto_accept_shared_attachments = "enable"
	}

	resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-one_tgw_attachment" {
	subnet_ids = ["${module.vpc-one.public_subnets}"]
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	vpc_id = "${module.vpc-one.vpc_id}"
	}

	resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-two_tgw_attachment" {
	subnet_ids = ["${module.vpc-two.private_subnets}"]
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	vpc_id = "${module.vpc-two.vpc_id}"
	}

	resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-three_tgw_attachment" {
	subnet_ids = ["${module.vpc-three.private_subnets}"]
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	vpc_id = "${module.vpc-three.vpc_id}"
	}

	resource "aws_ec2_transit_gateway_vpc_attachment" "vpc-four_tgw_attachment" {
	subnet_ids = ["${module.vpc-four.private_subnets}"]
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	vpc_id = "${module.vpc-four.vpc_id}"
	}

	resource "aws_route" "tgw-route-one" {
	route_table_id = "${module.vpc-one.public_route_table_ids[0]}"
	destination_cidr_block = "10.0.0.0/8"
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	}

	resource "aws_route" "tgw-route-two" {
	route_table_id = "${module.vpc-two.private_route_table_ids[0]}"
	destination_cidr_block = "10.0.0.0/8"
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	}

	resource "aws_route" "tgw-route-three" {
	route_table_id = "${module.vpc-three.private_route_table_ids[0]}"
	destination_cidr_block = "10.0.0.0/8"
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	}

	resource "aws_route" "tgw-route-four" {
	route_table_id = "${module.vpc-four.private_route_table_ids[0]}"
	destination_cidr_block = "10.0.0.0/8"
	transit_gateway_id = "${aws_ec2_transit_gateway.tgw.id}"
	}
	data "template_file" "user_data" {
	template = "${file("user-data.tpl")}"

	vars = {
	private_key_contents = "${file("mykey")}"
	}
	}

	resource "aws_security_group" "vpc-one-ssh-in" {
	name = "allow-ssh-sg"
	vpc_id = "${module.vpc-one.vpc_id}"

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = 22
	to_port = 22
	protocol = "tcp"
	}
	}

	resource "aws_security_group" "vpc-two-ping-ssh-in" {
	name = "allow-ping-ssh-sg"
	vpc_id = "${module.vpc-two.vpc_id}"

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = 22
	to_port = 22
	protocol = "tcp"
	}

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = -1
	to_port = -1
	protocol = "icmp"
	}
	}

	resource "aws_security_group" "vpc-three-ping-ssh-in" {
	name = "allow-ping-ssh-sg"
	vpc_id = "${module.vpc-three.vpc_id}"

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = 22
	to_port = 22
	protocol = "tcp"
	}

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = -1
	to_port = -1
	protocol = "icmp"
	}
	}

	resource "aws_security_group" "vpc-four-ping-ssh-in" {
	name = "allow-ping-ssh-sg"
	vpc_id = "${module.vpc-four.vpc_id}"

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = 22
	to_port = 22
	protocol = "tcp"
	}

	ingress {
	cidr_blocks = [
	"0.0.0.0/0",
	]

	from_port = -1
	to_port = -1
	protocol = "icmp"
	}
	}

	resource "aws_key_pair" "terraform-tgw-ssh-keypair" {
	key_name = "terraform-tgw-ssh-keypair"
	public_key = "${file("mykey.pub")}"
	}

	resource "aws_instance" "vpc-one-bastion" {
	ami = "${var.ubuntu_ami}"
	instance_type = "t2.micro"
	associate_public_ip_address = true
	subnet_id = "${module.vpc-one.public_subnets[0]}"
	security_groups = ["${aws_security_group.vpc-one-ssh-in.id}", "${module.vpc-one.default_security_group_id}"]
	key_name = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
	user_data = "${data.template_file.user_data.rendered}"

	tags = {
	Name = "vpc-one-bastion"
	}
	}

	resource "aws_instance" "vpc-two-test" {
	ami = "${var.ubuntu_ami}"

	instance_type = "t2.micro"
	subnet_id = "${module.vpc-two.private_subnets[0]}"
	key_name = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
	security_groups = ["${aws_security_group.vpc-two-ping-ssh-in.id}", "${module.vpc-two.default_security_group_id}"]
	private_ip = "10.2.0.10"
	user_data = "${data.template_file.user_data.rendered}"

	tags = {
	Name = "vpc-two-test"
	}
	}

	resource "aws_instance" "vpc-three-test" {
	ami = "${var.ubuntu_ami}"
	instance_type = "t2.micro"
	subnet_id = "${module.vpc-three.private_subnets[0]}"
	key_name = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
	security_groups = ["${aws_security_group.vpc-three-ping-ssh-in.id}", "${module.vpc-three.default_security_group_id}"]
	private_ip = "10.3.0.10"
	user_data = "${data.template_file.user_data.rendered}"

	tags = {
	Name = "vpc-three-test"
	}
	}

	resource "aws_instance" "vpc-four-test" {
	ami = "${var.ubuntu_ami}"
	instance_type = "t2.micro"
	key_name = "${aws_key_pair.terraform-tgw-ssh-keypair.key_name}"
	security_groups = ["${aws_security_group.vpc-four-ping-ssh-in.id}", "${module.vpc-four.default_security_group_id}"]
	subnet_id = "${module.vpc-four.private_subnets[0]}"
	private_ip = "10.4.0.10"
	user_data = "${data.template_file.user_data.rendered}"

	tags = {
	Name = "vpc-four-test"
	}
	}