aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.11k stars 56 forks source link

AWS::EC2::TransitGateway - new return value #61

Open mugurelmargaritkurtgeiger opened 5 years ago

mugurelmargaritkurtgeiger commented 5 years ago

1. Title

AWS::EC2::TransitGateway-NewReturnValue

2. Scope of request

We should be able to use the Fn::GetAtt intrinsic function to return the ARN of the transit gateway.

3. Expected behavior

I should be able to use the below and an ARN to be returned:

{ "Fn::GetAtt" : [ "TransitGateway", "Arn" ] }

4. Suggest specific test cases

It would be helpful to use this ARN for resource sharing, ARN being a required property (ResourceArns) for the AWS::RAM::ResourceShare resource.

5. Helpful Links to speed up research and evaluation

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html (only Ref seems to be supported) https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ram-resourceshare.html

6. Category (required) - Will help with tagging and be easier to find by other users to +1

  1. Security (IAM, KMS...)
benbridts commented 5 years ago

see also #68

yannickvr commented 4 years ago

Unneccesary, just use

!Sub "arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:transit-gateway/${TransitGateway}"

Where TransitGateway is the logical name of the Cloudformation resource that created your transit gateway. For reference

  TransitGateway:
    Type: "AWS::EC2::TransitGateway"
    Properties:
      AmazonSideAsn: !Ref AmazonSideAsn
      Description: !Ref GatewayName
      AutoAcceptSharedAttachments: !Ref AutoAcceptSharedAttachments
      DefaultRouteTableAssociation: !Ref DefaultRouteTableAssociation
      DnsSupport: !Ref DnsSupport
      VpnEcmpSupport: !Ref VpnEcmpSupport

  TransitGatewayResourceShare:
    Type: "AWS::RAM::ResourceShare"
    Properties:
      Name: !Sub "${GatewayName}-${AWS::Region}-transitgateway"
      ResourceArns:
        - !Sub "arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:transit-gateway/${TransitGateway}" 
      Principals: !Ref OrganizationAccounts