v-rosa
commented
2 years ago Which VPC are you referring? The default one or the VPC created at the account customisations level?
Open ganniterix opened 2 years ago
v-rosa
commented
2 years ago Which VPC are you referring? The default one or the VPC created at the account customisations level?
ganniterix
commented
2 years ago The VPC created at account customisations level.
At the moment this can be obtained in this way
data "aws_vpc" "aft-management-vpc" {
provider = aws.aft_management
depends_on = [
module.aft_pipeline
]
tags = {
"Name" = "aft-management-vpc"
}
}Assuming the provider has been declared similar to this
data "aws_partition" "current" {}
locals {
aft_session_name = "AWSAFT-Session"
}
provider "aws" {
alias = "aft_management"
region = "eu-west-1"
assume_role {
role_arn = "arn:${data.aws_partition.current.partition}:iam::<AFT Management Account ID>:role/AWSControlTowerExecution"
session_name = local.aft_session_name
}
token = data.vault_aws_access_credentials.provisioning_admin.security_token
access_key = data.vault_aws_access_credentials.provisioning_admin.access_key
secret_key = data.vault_aws_access_credentials.provisioning_admin.secret_key
default_tags {
tags = {
managed_by = "AFT"
}
}
}However there is no documentation with regards to the naming of this VPC. It could easily change and break the code.
balltrev
commented
2 years ago Thanks for the request @ganniterix , I've gone ahead and created a backlog with the team to expose this as an output
ganniterix
commented
2 years ago @balltrev thanks for taking this into consideration.
stumins
commented
1 year ago
It would be of benefit if the VPC details can be extracted programmatically following the creation of the pipeline. This would make it easier to attach it to relevant transit gateways to transport it to outside networks.