Merge pull request #6757 from ministryofjustice/feat/apc-pttp-tgw

✨ APC PTTP TGW attachment

scripts/terraform-plan-evaluator.sh

@@ -22,7 +22,8 @@ RESOURCES_TO_CHECK_FOR=(
   "aws_cloudformation_stack",
   "aws_cloudformation_stack_set",
   "aws_cloudformation_stack_set_instance",
-  "aws_cloudformation_type"
+  "aws_cloudformation_type",
+  "aws_ec2_transit_gateway_vpc_attachment"
 )
 
 resourcesFound=false

terraform/environments/analytical-platform-compute/data.tf

@@ -1,5 +1,33 @@
 data "aws_availability_zones" "available" {}
 
+data "aws_ec2_transit_gateway" "pttp" {
+  id = "tgw-026162f1ba39ce704"
+}
+
+# data "aws_ram_resource_share" "moj_tgw" {
+#   filter {
+#     name   = "resourceType"
+#     values = ["ec2:TransitGateway"]
+#   }
+# }
+
+# data "aws_arn" "moj_tgw" {
+#   arn = data.aws_ram_resource_share.moj_tgw.resource_arns[0]
+# }
+
+# TODO: revisit this to unhardcode the tgw ID above
+# data "aws_ram_resource_share" "tgw_moj" {
+#   name           = "tgw-moj"
+#   resource_owner = "OTHER-ACCOUNTS"
+# }
+
+# data "aws_ec2_transit_gateway" "pttp" {
+#   filter {
+#     name   = "owner-id"
+#     values = [data.aws_ram_resource_share.tgw_moj.resource_arns]
+#   }
+# }
+
 data "aws_iam_roles" "eks_sso_access_role" {
   name_regex  = "AWSReservedSSO_${local.environment_configuration.eks_sso_access_role}_.*"
   path_prefix = "/aws-reserved/sso.amazonaws.com/"

terraform/environments/analytical-platform-compute/transit-gateway-vpc-attachments.tf

@@ -0,0 +1,8 @@
+resource "aws_ec2_transit_gateway_vpc_attachment" "pttp" {
+  transit_gateway_id = data.aws_ec2_transit_gateway.pttp.id
+  # transit_gateway_id = data.aws_arn.moj_tgw.resource
+  vpc_id             = module.vpc.vpc_id
+  subnet_ids         = module.vpc.private_subnets
+
+  tags = local.tags
+}