Open ganniterix opened 2 years ago
Which VPC are you referring? The default one or the VPC created at the account customisations level?
The VPC created at account customisations level.
At the moment this can be obtained in this way
data "aws_vpc" "aft-management-vpc" {
provider = aws.aft_management
depends_on = [
module.aft_pipeline
]
tags = {
"Name" = "aft-management-vpc"
}
}
Assuming the provider has been declared similar to this
data "aws_partition" "current" {}
locals {
aft_session_name = "AWSAFT-Session"
}
provider "aws" {
alias = "aft_management"
region = "eu-west-1"
assume_role {
role_arn = "arn:${data.aws_partition.current.partition}:iam::<AFT Management Account ID>:role/AWSControlTowerExecution"
session_name = local.aft_session_name
}
token = data.vault_aws_access_credentials.provisioning_admin.security_token
access_key = data.vault_aws_access_credentials.provisioning_admin.access_key
secret_key = data.vault_aws_access_credentials.provisioning_admin.secret_key
default_tags {
tags = {
managed_by = "AFT"
}
}
}
However there is no documentation with regards to the naming of this VPC. It could easily change and break the code.
Thanks for the request @ganniterix , I've gone ahead and created a backlog with the team to expose this as an output
@balltrev thanks for taking this into consideration.
It would be of benefit if the VPC details can be extracted programmatically following the creation of the pipeline. This would make it easier to attach it to relevant transit gateways to transport it to outside networks.