feat: Allow specifying additional TGW routes in attached VPCs

Adds parameter `tgw_additional_vpc_cidrs` to the `vpc_attachments` map that enables adding additional `aws_route` resources that send traffic across the TGW peering connection.

Changes the name of the existing `aws_route` resource from `this` since there are now more than one in the state file.

Author: partcyborg

README.md

@@ -68,7 +68,7 @@ module "vpc" {
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.1 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.4 |
 
 ## Providers
@@ -96,7 +96,8 @@ No modules.
 | [aws_ram_resource_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_association) | resource |
 | [aws_ram_resource_share.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_share) | resource |
 | [aws_ram_resource_share_accepter.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_share_accepter) | resource |
-| [aws_route.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
+| [aws_route.additional_cidrs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
+| [aws_route.destination_cidr](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route) | resource |
 
 ## Inputs
 

examples/multi-account/main.tf

@@ -105,7 +105,8 @@ module "tgw_peer" {
       transit_gateway_default_route_table_propagation = false
 
       vpc_route_table_ids  = module.vpc1.private_route_table_ids
-      tgw_destination_cidr = "0.0.0.0/0"
+      tgw_destination_cidr = "10.0.0.0/8"
+      tgw_additional_cidrs = ["172.0.0/12"]
 
       tgw_routes = [
         {

main.tf

@@ -19,6 +19,18 @@ locals {
       }
     ]
   ])
+
+  vpc_route_table_additional_cidrs = flatten([
+    for k, v in var.vpc_attachments : [
+      for rtb_id in try(v.vpc_route_table_ids, []) : [
+        for cidr in try(v.tgw_additional_cidrs, []) : {
+          rtb_id = rtb_id
+          cidr   = cidr
+          tgw_id = var.create_tgw ? aws_ec2_transit_gateway.this[0].id : v.tgw_id
+        }
+      ]
+    ]
+  ])
 }
 
 ################################################################################
@@ -112,7 +124,7 @@ resource "aws_ec2_transit_gateway_route" "this" {
   transit_gateway_attachment_id  = tobool(try(local.vpc_attachments_with_routes[count.index][1].blackhole, false)) == false ? aws_ec2_transit_gateway_vpc_attachment.this[local.vpc_attachments_with_routes[count.index][0].key].id : null
 }
 
-resource "aws_route" "this" {
+resource "aws_route" "destination_cidr" {
   for_each = { for x in local.vpc_route_table_destination_cidr : x.rtb_id => {
     cidr   = x.cidr,
     tgw_id = x.tgw_id
@@ -124,6 +136,24 @@ resource "aws_route" "this" {
   transit_gateway_id          = each.value["tgw_id"]
 }
 
+moved {
+  from = aws_route.this
+  to   = aws_route.destination_cidr
+}
+
+resource "aws_route" "additional_cidrs" {
+  for_each = { for x in local.vpc_route_table_additional_cidrs : "${x.rtb_id}_${x.cidr}" => {
+    cidr   = x.cidr
+    rtb_id = x.rtb_id
+    tgw_id = x.tgw_id
+  } }
+
+  route_table_id              = each.value["rtb_id"]
+  destination_cidr_block      = try(each.value.ipv6_support, false) ? null : each.value["cidr"]
+  destination_ipv6_cidr_block = try(each.value.ipv6_support, false) ? each.value["cidr"] : null
+  transit_gateway_id          = each.value["tgw_id"]
+}
+
 resource "aws_ec2_transit_gateway_route_table_association" "this" {
   for_each = {
     for k, v in var.vpc_attachments : k => v if var.create_tgw && var.create_tgw_routes && try(v.transit_gateway_default_route_table_association, true) != true

versions.tf

@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 0.13.1"
+  required_version = ">= 1.1"
 
   required_providers {
     aws = {