generated from cloudposse-terraform-components/template
-
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathREADME.yaml
More file actions
127 lines (115 loc) · 3.66 KB
/
README.yaml
File metadata and controls
127 lines (115 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: "aws-tgw-spoke"
# Canonical GitHub repo
github_repo: "cloudposse-terraform-components/aws-tgw-spoke"
# Short description of this project
description: |-
This component is responsible for provisioning [AWS Transit Gateway](https://aws.amazon.com/transit-gateway) attachments
to connect VPCs in a `spoke` account to different accounts through a central `hub`.
usage: |-
**Stack Level**: Regional
Here's an example snippet for how to configure and use this component:
stacks/catalog/tgw/spoke.yaml
```yaml
components:
terraform:
tgw/spoke-defaults:
metadata:
type: abstract
component: tgw/spoke
vars:
enabled: true
name: tgw-spoke
tags:
Team: sre
Service: tgw-spoke
expose_eks_sg: false
tgw_hub_tenant_name: core
tgw_hub_stage_name: network
tgw/spoke:
metadata:
inherits:
- tgw/spoke-defaults
vars:
# This is what THIS spoke is allowed to connect to.
# since this is deployed to each plat account (dev->prod),
# we allow connections to network and auto.
connections:
- account:
tenant: core
stage: network
# Set this value if the vpc component has a different name in this account
vpc_component_names:
- vpc-dev
- account:
tenant: core
stage: auto
```
stacks/ue2/dev.yaml
```yaml
import:
- catalog/tgw/spoke
components:
terraform:
tgw/spoke:
vars:
# use when there is not an EKS cluster in the stack
expose_eks_sg: false
# override default connections
connections:
- account:
tenant: core
stage: network
vpc_component_names:
- vpc-dev
- account:
tenant: core
stage: auto
- account:
tenant: plat
stage: dev
eks_component_names:
- eks/cluster
- account:
tenant: plat
stage: qa
eks_component_names:
- eks/cluster
```
To provision the attachments for a spoke account:
```sh
atmos terraform plan tgw/spoke -s <tenant>-<environment>-<stage>
atmos terraform apply tgw/spoke -s <tenant>-<environment>-<stage>
```
<!-- prettier-ignore-start -->
<!-- prettier-ignore-end -->
references:
- name: cloudposse-terraform-components
url: https://github.com/orgs/cloudposse-terraform-components/repositories
description: Cloud Posse's upstream component
tags:
- component/tgw/spoke
- layer/network
- provider/aws
# Categories of this project
categories:
- component/tgw/spoke
- layer/network
- provider/aws
# License of this project
license: "APACHE2"
# Badges to display
badges:
- name: Latest Release
image: https://img.shields.io/github/release/cloudposse-terraform-components/aws-tgw-spoke.svg?style=for-the-badge
url: https://github.com/cloudposse-terraform-components/aws-tgw-spoke/releases/latest
- name: Slack Community
image: https://slack.cloudposse.com/for-the-badge.svg
url: https://slack.cloudposse.com
related:
- name: "Cloud Posse Terraform Modules"
description: Our collection of reusable Terraform modules used by our reference architectures.
url: "https://docs.cloudposse.com/modules/"
- name: "Atmos"
description: "Atmos is like docker-compose but for your infrastructure"
url: "https://atmos.tools"
contributors: [] # If included generates contribs