in src/deployments/cdk/src/deployments/transit-gateway/step-3.ts [36:192]
export async function step3(props: TransitGatewayStep3Props) {
const { accountStacks, outputs, config } = props;
const tgwPeeringAttachmentOutputs = TransitGatewayPeeringAttachmentOutputFinder.findAll({
outputs,
});
const accountConfigs = config.getAccountConfigs();
for (const [accountKey, accountConfig] of accountConfigs) {
const tgwConfigs = accountConfig.deployments?.tgw;
if (!tgwConfigs || tgwConfigs.length === 0) {
continue;
}
for (const tgwConfig of tgwConfigs) {
const transitGateway = TransitGatewayOutputFinder.tryFindOneByName({
outputs,
accountKey,
name: tgwConfig.name,
});
if (!transitGateway) {
console.warn(`TGW not found "${accountKey}/${tgwConfig.name}"`);
continue;
}
const accountStack = accountStacks.tryGetOrCreateAccountStack(accountKey, tgwConfig.region);
if (!accountStack) {
console.warn(`Cannot find account stack ${accountKey} in region ${tgwConfig.region}`);
continue;
}
const tgwPeeringAttachment = tgwPeeringAttachmentOutputs.find(output => {
const tgwPeer = output.tgws.find(tgw => tgw.name === tgwConfig.name && tgw.region === tgwConfig.region);
return !!tgwPeer;
});
if (!tgwConfig['tgw-routes']) {
continue;
}
for (const tgwRoute of tgwConfig['tgw-routes']) {
if (!tgwRoute.routes) {
continue;
}
for (const route of tgwRoute.routes) {
if (route['target-tgw']) {
if (!tgwPeeringAttachment) {
console.warn(`No Peering Attachment found for "${tgwConfig.name}"`);
continue;
}
CreateRoute({
scope: accountStack,
cidr: route.destination,
routeName: tgwRoute.name,
transitGateway,
attachmentId: tgwPeeringAttachment.tgwAttachmentId,
blackhole: route['blackhole-route'],
});
} else if (route['target-vpc']) {
const vpcOutput = VpcOutputFinder.tryFindOneByAccountAndRegionAndName({
outputs,
accountKey: route['target-account'] || accountKey,
region: tgwConfig.region,
vpcName: route['target-vpc'],
});
if (!vpcOutput) {
console.warn(`Cannot find VPC "${route['target-vpc']}" in outputs`);
continue;
}
const tgwAttachmentIds = vpcOutput.tgwAttachments.map(t => t.id);
CreateRoutes({
scope: accountStack,
cidr: route.destination,
routeName: tgwRoute.name,
transitGateway,
attachmentIds: tgwAttachmentIds,
blackhole: route['blackhole-route'],
});
} else if (route['target-vpn']) {
const vpnAttachments = TgwVpnAttachmentsOutputFinder.tryFindOneByName({
outputs,
accountKey,
name: route['target-vpn'].name,
region: tgwConfig.region,
});
if (!vpnAttachments) {
console.warn(`Cannot find VPN "${route['target-vpn']}" in outputs`);
continue;
}
const tgwAttachmentId = vpnAttachments.attachments.find(
t => t.az === route['target-vpn']?.az && t.subnet === route['target-vpn'].subnet,
)?.id;
if (!tgwAttachmentId) {
continue;
}
CreateRoutes({
scope: accountStack,
cidr: route.destination,
routeName: tgwRoute.name,
transitGateway,
attachmentIds: [tgwAttachmentId],
blackhole: route['blackhole-route'],
});
} else if (route['blackhole-route']) {
CreateRoute({
scope: accountStack,
cidr: route.destination,
routeName: tgwRoute.name,
transitGateway,
blackhole: route['blackhole-route'],
});
}
}
}
const tgwAttachConfig = tgwConfig['tgw-attach'];
if (!tgwAttachConfig) {
continue;
}
if (!tgwPeeringAttachment) {
console.warn(
`No Peering Attachment found for "${accountKey}/${tgwConfig.name}". Skipping Create associations fot tgw-attach`,
);
continue;
}
CreateAssociations(
accountStacks,
tgwPeeringAttachment,
tgwConfig.region,
accountKey,
transitGateway,
tgwAttachConfig['tgw-rt-associate-local'],
);
const transitGatewayRemote = TransitGatewayOutputFinder.tryFindOneByName({
outputs,
accountKey: tgwAttachConfig.account,
name: tgwAttachConfig['associate-to-tgw'],
});
if (!transitGatewayRemote) {
continue;
}
CreateAssociations(
accountStacks,
tgwPeeringAttachment,
tgwAttachConfig.region,
tgwAttachConfig.account,
transitGatewayRemote,
tgwAttachConfig['tgw-rt-associate-remote'],
);
}
}
}