Initial commit from @BSick7:

Implementing vpc_peering_connection_accept.

Additions from @ewbankkit:
Rename 'aws_vpc_peering_connection_accept' to 'aws_vpc_peering_connection_accepter'.
Get it working reusing functionality from 'aws_vpc_peering_connection' resource.
This commit is contained in:
Brad Sickles 2016-05-23 18:24:28 -04:00 committed by Kit Ewbank
parent dd6d025dbb
commit ea642dd1ee
6 changed files with 219 additions and 16 deletions

View File

@ -385,6 +385,7 @@ func Provider() terraform.ResourceProvider {
"aws_vpc_dhcp_options_association": resourceAwsVpcDhcpOptionsAssociation(), "aws_vpc_dhcp_options_association": resourceAwsVpcDhcpOptionsAssociation(),
"aws_vpc_dhcp_options": resourceAwsVpcDhcpOptions(), "aws_vpc_dhcp_options": resourceAwsVpcDhcpOptions(),
"aws_vpc_peering_connection": resourceAwsVpcPeeringConnection(), "aws_vpc_peering_connection": resourceAwsVpcPeeringConnection(),
"aws_vpc_peering_connection_accepter": resourceAwsVpcPeeringConnectionAccepter(),
"aws_vpc": resourceAwsVpc(), "aws_vpc": resourceAwsVpc(),
"aws_vpc_endpoint": resourceAwsVpcEndpoint(), "aws_vpc_endpoint": resourceAwsVpcEndpoint(),
"aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(), "aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(),

View File

@ -0,0 +1,69 @@
package aws
import (
func resourceAwsVpcPeeringConnectionAccepter() *schema.Resource {
return &schema.Resource{
Create: resourceAwsVPCPeeringAccepterCreate,
Read: resourceAwsVPCPeeringRead,
Update: resourceAwsVPCPeeringUpdate,
Delete: resourceAwsVPCPeeringAccepterDelete,
Schema: map[string]*schema.Schema{
"vpc_peering_connection_id": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
Computed: false,
"auto_accept": {
Type: schema.TypeBool,
Optional: true,
"accept_status": {
Type: schema.TypeString,
Computed: true,
"vpc_id": {
Type: schema.TypeString,
Computed: true,
"peer_vpc_id": {
Type: schema.TypeString,
Computed: true,
"peer_owner_id": {
Type: schema.TypeString,
Computed: true,
"accepter": vpcPeeringConnectionOptionsSchema(),
"requester": vpcPeeringConnectionOptionsSchema(),
"tags": tagsSchema(),
func resourceAwsVPCPeeringAccepterCreate(d *schema.ResourceData, meta interface{}) error {
if err := resourceAwsVPCPeeringUpdate(d, meta); err != nil {
return err
// Ensure that this IS as cross-account VPC peering connection.
if d.Get("peer_owner_id").(string) == meta.(*AWSClient).accountid {
return errors.New("aws_vpc_peering_connection_accepter can only adopt into management cross-account VPC peering connections")
return nil
func resourceAwsVPCPeeringAccepterDelete(d *schema.ResourceData, meta interface{}) error {
log.Printf("[WARN] Will not delete VPC peering connection. Terraform will remove this resource from the state file, however resources may remain.")
return nil

View File

@ -0,0 +1,33 @@
// make testacc TEST=./builtin/providers/aws/ TESTARGS='-run=TestAccAwsVPCPeeringConnectionAccepter_'
package aws
import (
func TestAccAwsVPCPeeringConnectionAccepter_basic(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
Config: testAccAwsVPCPeeringConnectionAccepterConfig,
Check: resource.ComposeTestCheckFunc(
func testAccAwsVPCPeeringConnectionAccepterCheckSomething(name string) resource.TestCheckFunc {
return func(s *terraform.State) error {
return nil
const testAccAwsVPCPeeringConnectionAccepterConfig = `

View File

@ -3,12 +3,12 @@ layout: "aws"
page_title: "AWS: aws_vpc_peering_connection" page_title: "AWS: aws_vpc_peering_connection"
sidebar_current: "docs-aws-resource-vpc-peering" sidebar_current: "docs-aws-resource-vpc-peering"
description: |- description: |-
Provides an VPC Peering Connection resource. Provides a VPC Peering Connection resource.
--- ---
# aws\_vpc\_peering\_connection # aws\_vpc\_peering\_connection
Provides an VPC Peering Connection resource. Provides a VPC Peering Connection resource.
## Example Usage ## Example Usage

View File

@ -0,0 +1,96 @@
layout: "aws"
page_title: "AWS: aws_vpc_peering_connection_accepter"
sidebar_current: "docs-aws-resource-vpc-peering-accepter"
description: |-
Manage the accepter's side of a cross-account VPC peering connection.
# aws\_vpc\_peering\_connection\_accepter
Provides a resource to manage the accepter's side of a cross-account VPC peering connection.
When a cross-account (requester's AWS account differs from the accepter's) VPC peering connection is created,
a VPC peering connection resource is automatically created in the accepter's account. The requester can use
the `aws_vpc_peering_connection` resource to manage its side of the connection and the accepter can use the
`aws_vpc_peering_connection_accepter` resource to "adopt" its side of the connection into management.
## Example Usage
provider "aws" {
// Requester's credentials.
provider "aws" {
alias = "peer"
// Accepter's credentials.
resource "aws_vpc" "main" {
cidr_block = ""
resource "aws_vpc" "peer" {
provider = "aws.peer"
cidr_block = ""
data "aws_caller_identity" "peer" {
provider = "aws.peer"
// Requester's side of the connection.
resource "aws_vpc_peering_connection" "peer" {
vpc_id = "${}"
peer_vpc_id = "${}"
peer_owner_id = "${data.aws_caller_identity.peer.account_id}"
auto_accept = false
tags {
Side = "Requester"
// Accepter's side of the connection.
resource "aws_vpc_peering_connection_accepter" "peer" {
provider = "aws.peer"
vpc_peering_connection_id = "${}"
auto_accept = true
tags {
Side = "Accepter"
## Argument Reference
The following arguments are supported:
* `vpc_peering_connection_id` - (Required) The VPC Peering Connection ID to manage.
* `auto_accept` - (Optional) Whether or not to accept the peering request. Defaults to `false`.
* `tags` - (Optional) A mapping of tags to assign to the resource.
## Attributes Reference
All of the argument attributes except `auto_accept` are also exported as result attributes.
* `id` - The ID of the VPC Peering Connection.
* `accept_status` - The status of the VPC Peering Connection request.
* `vpc_id` - The ID of the accepter VPC.
* `peer_vpc_id` - The ID of the requester VPC.
* `peer_owner_id` - The AWS account ID of the owner of the requester VPC.
* `accepter` - A configuration block that describes [VPC Peering Connection]
( options set for the accepter VPC.
* `requester` - A configuration block that describes [VPC Peering Connection]
( options set for the requester VPC.
#### Accepter and Requester Attributes Reference
* `allow_remote_vpc_dns_resolution` - Indicates whether a local VPC can resolve public DNS hostnames to
private IP addresses when queried from instances in a peer VPC.
* `allow_classic_link_to_remote_vpc` - Indicates whether a local ClassicLink connection can communicate
with the peer VPC over the VPC peering connection.
* `allow_vpc_to_remote_classic_link` - Indicates whether a local VPC can communicate with a ClassicLink
connection in the peer VPC over the VPC peering connection.

View File

@ -1172,6 +1172,10 @@
<a href="/docs/providers/aws/r/vpc_peering.html">aws_vpc_peering_connection</a> <a href="/docs/providers/aws/r/vpc_peering.html">aws_vpc_peering_connection</a>
</li> </li>
<li<%= sidebar_current("docs-aws-resource-vpc-peering-accepter") %>>
<a href="/docs/providers/aws/r/vpc_peering_accepter.html">aws_vpc_peering_connection_accepter</a>
<li<%= sidebar_current("docs-aws-resource-vpn-connection") %>> <li<%= sidebar_current("docs-aws-resource-vpn-connection") %>>
<a href="/docs/providers/aws/r/vpn_connection.html">aws_vpn_connection</a> <a href="/docs/providers/aws/r/vpn_connection.html">aws_vpn_connection</a>
</li> </li>