Merge branch 'add_transit_gw_peering' into tgw_peer_tests

examples/transit-gateway-cross-account-peering-attachment/README.md

@@ -0,0 +1,24 @@
+# EC2 Transit Gateway Cross-Account Peering Attachment
+
+This example demonstrates how to peer two Transit Gateways in different regions. The peer transit gateway can be in your account or a different AWS account. The following AWS Regions are supported: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), and Europe (Ireland).
+
+See [more in the Transit Gateway Peering Attachment documentation](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-peering.html).
+
+## Running this example
+
+Either `cp terraform.template.tfvars terraform.tfvars` and modify that new file accordingly or provide variables via CLI:
+
+```
+terraform apply \
+	-var="aws_first_access_key=AAAAAAAAAAAAAAAAAAA" \
+	-var="aws_first_secret_key=SuperSecretKeyForAccount1" \
+	-var="aws_second_access_key=BBBBBBBBBBBBBBBBBBB" \
+	-var="aws_second_secret_key=SuperSecretKeyForAccount2" \
+	-var="aws_first_region=us-east-2" \
+	-var="aws_second_region=us-west-2"
+```
+
+## Prerequisites
+
+- This example requires two AWS accounts within the same AWS Organizations Organization
+- Ensure Resource Access Manager is enabled in your organization. For more information, see the [Resource Access Manager User Guide](https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html).

examples/transit-gateway-cross-account-peering-attachment/main.tf

@@ -0,0 +1,86 @@
+// First accepts the Peering attachment.
+provider "aws" {
+  alias = "first"
+
+  region     = "${var.aws_first_region}"
+  access_key = "${var.aws_first_access_key}"
+  secret_key = "${var.aws_first_secret_key}"
+}
+
+// Second creates the Peering attachment.
+provider "aws" {
+  alias = "second"
+
+  region     = "${var.aws_second_region}"
+  access_key = "${var.aws_second_access_key}"
+  secret_key = "${var.aws_second_secret_key}"
+}
+
+data "aws_caller_identity" "first" {
+  provider = "aws.first"
+}
+
+data "aws_caller_identity" "second" {
+  provider = "aws.second"
+}
+
+resource "aws_ec2_transit_gateway" "first" {
+  provider = "aws.first"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+resource "aws_ram_resource_share" "example" {
+  provider = "aws.first"
+
+  name = "terraform-example"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+// Share the transit gateway...
+resource "aws_ram_resource_association" "example" {
+  provider = "aws.first"
+
+  resource_arn       = "${aws_ec2_transit_gateway.first.arn}"
+  resource_share_arn = "${aws_ram_resource_share.example.id}"
+}
+
+// ...with the second account.
+resource "aws_ram_principal_association" "example" {
+  provider = "aws.first"
+
+  principal          = "${data.aws_caller_identity.second.account_id}"
+  resource_share_arn = "${aws_ram_resource_share.example.id}"
+}
+
+resource "aws_ec2_transit_gateway" "second" {
+  provider = "aws.second"
+
+  tags = {
+    Name = "terraform-example"
+  }
+}
+
+// Create the Peering attachment in the second account...
+resource "aws_ec2_transit_gateway_peering_attachment" "example" {
+  provider = "aws.second"
+  peer_account_id         = "${data.aws_caller_identity.first.account_id}"
+  peer_region             = "${var.aws_first_region}"
+  peer_transit_gateway_id = "${aws_ec2_transit_gateway.first.id}"
+  transit_gateway_id      = "${aws_ec2_transit_gateway.second.id}"
+  tags = {
+    Name = "terraform-example"
+    Side = "Creator"
+  }
+  depends_on = ["aws_ram_principal_association.example", "aws_ram_resource_association.example"]
+
+}
+
+// ...it then needs to accepted by the first account.
+
+// ...terraform currently doesnt have resource for Transit Gateway Peering Attachment Acceptance

examples/transit-gateway-cross-account-peering-attachment/terraform.template.tfvars

@@ -0,0 +1,9 @@
+# First account
+aws_first_access_key = "AAAAAAAAAAAAAAAAAAA"
+aws_first_secret_key = "SuperSecretKeyForAccount1"
+
+# Second account
+aws_second_access_key = "BBBBBBBBBBBBBBBBBBB"
+aws_second_secret_key = "SuperSecretKeyForAccount2"
+
+aws_region = "us-east-1"

examples/transit-gateway-cross-account-peering-attachment/variables.tf

@@ -0,0 +1,11 @@
+variable "aws_first_access_key" {}
+
+variable "aws_first_secret_key" {}
+
+variable "aws_second_access_key" {}
+
+variable "aws_second_secret_key" {}
+
+variable "aws_first_region" {}
+
+variable "aws_second_region" {}

website/aws.erb

@@ -1076,6 +1076,9 @@
                                 <li>
                                     <a href="/docs/providers/aws/r/ec2_transit_gateway_route_table_propagation.html">aws_ec2_transit_gateway_route_table_propagation</a>
                                 </li>
+                                <li>
+                                    <a href="/docs/providers/aws/r/ec2_transit_gateway_peering_attachment.html">aws_ec2_transit_gateway_peering_attachment</a>
+                                </li>
                                 <li>
                                     <a href="/docs/providers/aws/r/ec2_transit_gateway_vpc_attachment.html">aws_ec2_transit_gateway_vpc_attachment</a>
                                 </li>

website/docs/r/ec2_transit_gateway_peering_attachment.html.markdown

@@ -8,21 +8,23 @@ description: |-
 
 # Resource: aws_ec2_transit_gateway_peering_attachment
 
-Manages an EC2 Transit Gateway Peering Attachment. For examples of custom route table association and propagation, see the EC2 Transit Gateway Networking Examples Guide.
+Manages an EC2 Transit Gateway Peering Attachment, supporting the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), and Europe (Ireland). For examples of custom route table association and propagation, see the EC2 Transit Gateway Networking Examples Guide.
 
 ## Example Usage
 
 ```hcl
 resource "aws_ec2_transit_gateway_peering_attachment" "example" {
-  peer_account_id             = "00000000000"
+  peer_account_id             = "123456789012"
   peer_region                 = "us-east-2"
-  peer_transit_gateway_id     = "tgw-00000000000000000"
-  tags                        = "example"
-  transit_gateway_id          = "tgw-00000000000000000"
-}
+  peer_transit_gateway_id     = "tgw-12345678901234567"
+  transit_gateway_id          = "tgw-76543210987654321"
+
+  tags = {
+    Name = "Example cross-account attachment"
+  }}
 ```
 
-A full example of how to create a Transit Gateway in one AWS account, share it with a second AWS account, and attach a VPC in the second account to the Transit Gateway via the `aws_ec2_transit_gateway_vpc_attachment` and `aws_ec2_transit_gateway_vpc_attachment_accepter` resources can be found in [the `./examples/transit-gateway-cross-account-vpc-attachment` directory within the Github Repository](https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples/transit-gateway-cross-account-vpc-attachment).
+A full example of how to create a Transit Gateway in one AWS account, share it with a second AWS account, and attach a to a Transit Gateway in the second account via the `aws_ec2_transit_gateway_peering_attachment` resource can be found in [the `./examples/transit-gateway-cross-account-peering-attachment` directory within the Github Repository](https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples/transit-gateway-cross-account-peering-attachment).
 
 ## Argument Reference