How to Allow Custom-Routing-Traffic in AWS Global Accelerator with Terraform

By intelligently routing traffic, AWS Global Accelerator improves the availability and performance of applications. However, there is currently no Terraform AWS resource available to allow custom traffic routing to specific destinations in the subnet endpoint. I'll demonstrate a Terraform workaround in this post to enable this in AWS Custom Routing Global Accelerator.

Workaround Using Terraform

To allow custom routing traffic in AWS Global Accelerator, I'll leverage Terraform along with a null resource. Here's how you can do it:
1. Create a null resource in your Terraform code:

resource "null_resource" "allow_custom_routing_traffic" {

  triggers = {
    endpoint_group_arn = aws_globalaccelerator_custom_routing_endpoint_group.endpoint_group.id
    endpoint_id        = aws_subnet.Endpoint_Subnet.id
  }

  provisioner "local-exec" {
    command = "aws globalaccelerator allow-custom-routing-traffic --endpoint-group-arn ${self.triggers.endpoint_group_arn} --endpoint-id ${self.triggers.endpoint_id} --allow-all-traffic-to-endpoint --region us-west-2"
  }
}

2. Apply your configuration:
terraform apply -auto-approve

null_resource.allow_custom_routing_traffic: Creating...
null_resource.allow_custom_routing_traffic: Provisioning with 'local-exec'...
null_resource.allow_custom_routing_traffic (local-exec): Executing: ["cmd" "/C" "aws globalaccelerator --region us-west-2 allow-custom-routing-traffic --endpoint-group-arn arn:aws:globalaccelerator::1234:accelerator/1234/listener/f1234/endpoint-group/1234 --endpoint-id subnet-1234 --allow-all-traffic-to-endpoint"]
null_resource.allow_custom_routing_traffic: Creation complete after 8s [id=1234]

The null resource is used to apply the aws-cli config.
For the triggers, it's assumed you already have those resources defined in your code. Also, this trigger block ensures that the null_resource will be triggered and execute the provisioner whenever either the endpoint_group_arn or the endpoint_id changes.

Conclusion

While Terraform AWS Provider does not currently provide a direct Terraform AWS resource for allowing custom routing traffic, you can work around this limitation by using a Terraform null resource, as demonstrated in this blog post. This approach allows you to gain more control over how your traffic is routed in AWS Global Accelerator, enhancing the performance and availability of your applications.
s/o to Andres Montalban for assisting me in this.