Comments (9)
Ok I believe I've found the root cause of the problem.
In my scenario I'm trying to deploy a VPC with 3 public, 3 private and 3 database subnets, furthermore I opted for having a single NAT gateway by setting "enable_nat_gateway = true" and "single_nat_gateway = true".
Performing some tests I've noticed that the terraform plan is trying to create 3 different "aws_route.private_ipv6_egress" routes, but the problem is that since only a single NAT Gateway is created (hence a single Route Table as you can notice from this comment the 3 created routes won't of course fit in the single Route Table.
This line is where supposedly each egress_ipv6 route should be associated with a different Route Table, but of course the count of the block will be equal to three while the aws_route_table.private[] will only have index 0.
To confirm my ipothesis I've tried to re-deploy the module using the same configuration but deploying one NAT Gateway per subnet ("enable_nat_gateway = true", "one_nat_gateway_per_az = false" and "single_nat_gateway = false") instead of a single one... and it worked.
Let me know if in your opinion I got something wrong
from terraform-aws-vpc.
Ok I believe I've found the root cause of the problem.
In my scenario I'm trying to deploy a VPC with 3 public, 3 private and 3 database subnets, furthermore I opted for having a single NAT gateway by setting "enable_nat_gateway = true" and "single_nat_gateway = true".Performing some tests I've noticed that the terraform plan is trying to create 3 different "aws_route.private_ipv6_egress" routes, but the problem is that since only a single NAT Gateway is created (hence a single Route Table as you can notice from this comment the 3 created routes won't of course fit in the single Route Table.
This line is where supposedly each egress_ipv6 route should be associated with a different Route Table, but of course the count of the block will be equal to three while the aws_route_table.private[] will only have index 0.
To confirm my ipothesis I've tried to re-deploy the module using the same configuration but deploying one NAT Gateway per subnet ("enable_nat_gateway = true", "one_nat_gateway_per_az = false" and "single_nat_gateway = false") instead of a single one... and it worked.
Let me know if in your opinion I got something wrong
In my case I solved the problem by modifying the amount of ipv6 egress routes created (one per each NAT gateway). In this way I was able to deploy a single NAT Gateway for my 3 private subnets and associate to it a single ipv6 egress route.
To do so I've replaced local.len_private_subnets with local.nat_gateway_count
Here
from terraform-aws-vpc.
I just hit this issue, and this saved me hours since I probably wouldn't have noticed I kept "single_nat_gateway = true"
in there by accident 😅, thanks @RunCor399 !
from terraform-aws-vpc.
Thank you @antonbabenko.
from terraform-aws-vpc.
I'm actually having the same problem, although in my setup I have 3 public, 3 private and 3 database subnets spread in 3 AZs
from terraform-aws-vpc.
I also just starting getting this error this week. I am testing possible workarounds. I suspect it is related to a recent Terraform code change.
from terraform-aws-vpc.
This issue has been resolved in version 5.7.1 🎉
from terraform-aws-vpc.
@andrewleegoss1978 It is all @bryantbiggs who reviewed it and merged it :)
from terraform-aws-vpc.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
from terraform-aws-vpc.
Related Issues (20)
- Support mixed IPAM / manual allocation in VPC CIDRs HOT 3
- Unable to migrate from IPv4 to IPv6 (VPC with subnets) HOT 3
- Add support for aws_cloudwatch_log_group log_group_class HOT 1
- VPC endpoints are being replaced sporadically due to `service_name` being unknown at plan time HOT 5
- Allow allowed_principals for module vpc-endpoints HOT 3
- Enable the setup of fully private NAT Gateways HOT 3
- Error in function call for private_ipv6_egress in version 5.7.1 HOT 5
- Custom amount of NAT gateways HOT 5
- Error when creating VPC without any private subnets and has NAT gateways HOT 5
- Introduce aws_ec2_subnet_cidr_reservation in the module HOT 2
- The aws route public_internet_gateway of the route table getting deleted then recreated HOT 3
- Support Palestine Banner same as Ukraine 🇵🇸
- Tag private subnets separately, like first 3 as app subnets and last 3 as data subnets HOT 1
- DynamoDB - Cannot create both Interface and Gateway endpoints HOT 1
- Cannot define a default route table route with an IPv6 CIDR.
- deleting EC2 Subnet (subnet-xxxxxxx): DependencyViolation: The subnet 'subnet-xxxxxxx' has dependencies and cannot be deleted.
- Pass already created VPC id HOT 1
- Route table association issues
- Using `create_multiple_public_route_tables = true` only creates an internet gateway route on one route table.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-vpc.