search

GoogleCloudPlatform / terraformer

CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
Apache License 2.0
12.61k stars 1.65k forks source link

"aws aws_network_interface" "interface_type" expects "efa" "branch" or "trunk" not "load_balancer" "interface" or "nat_gateway" ? #973

Closed vainkop closed 3 years ago

vainkop commented 3 years ago

Hi. So I've parsed some AWS infra with Terraformer 0.8.14 (latest atm) using aws provider 3.47.0 (also latest atm) & got some ENIs but when I try to run terraform init + plan on them (0.13.7) I see 3 types of errors:

load_balancer, interface & nat_gateway instead of efa, branch or trunk expected by Terraform in aws_network_interface resource

Error: expected interface_type to be one of [efa branch trunk], got load_balancer

  on network_interface.tf line 27, in resource "aws_network_interface" "tfer--eni-002D-013edaa0":
  27:   interface_type     = "load_balancer"
Error: expected interface_type to be one of [efa branch trunk], got interface

  on network_interface.tf line 39, in resource "aws_network_interface" "tfer--eni-002D-01a6579e8afff14b4":
  39:   interface_type     = "interface"
Error: expected interface_type to be one of [efa branch trunk], got nat_gateway

  on network_interface.tf line 717, in resource "aws_network_interface" "tfer--eni-002D-9d18d28b":
 717:   interface_type     = "nat_gateway"

And then I check the AWS console & see that those types are real (see screenshots).

Is it a bug in Terraformer?

Should I pin the aws provider for it to different version (but I'm doing terraform init for terraformer first & for the resulting code & I can see same aws provider version 3.47.0 used so they match) ?

Am I missing something here?

image image image

github-actions[bot] commented 3 years ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] commented 3 years ago

This issue was closed because it has been stalled for 7 days with no activity.

paulegradie commented 2 years ago

Really? No guidence or on this?

sajithpvivi commented 1 year ago

This is what I found

EFA - I believe it's the normal interface https://awscli.amazonaws.com/v2/documentation/api/2.3.2/reference/ec2/create-network-interface.html

Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa . For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide . To create a trunk network interface, specify efa . For more information, see Network interface trunking in the Amazon Elastic Compute Cloud User Guide .

TRUNK is for ECS/Task Definitions https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-eni.html

Amazon ECS supports launching container instances with increased ENI density using supported Amazon EC2 instance types. When you use these instance types and opt in to the awsvpcTrunking account setting, additional ENIs are available on newly launched container instances. This configuration allows you to place more tasks using the awsvpc network mode on each container instance. Using this feature, a c5.large instance with awsvpcTrunking enabled has an increased ENI limit of twelve. The container instance will have the primary network interface and Amazon ECS creates and attaches a "trunk" network interface to the container instance. So this configuration allows you to launch ten tasks on the container instance instead of the current two tasks.

interfaceType https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_NetworkInterface.html

The type of network interface.

Type: String

Valid Values: interface | natGateway | efa | trunk | load_balancer | network_load_balancer | vpc_endpoint | branch | transit_gateway | lambda | quicksight | global_accelerator_managed | api_gateway_managed | gateway_load_balancer | gateway_load_balancer_endpoint | iot_rules_managed | aws_codestar_connections_managed

mnedelko commented 1 year ago

Agree this item should be reopened.

evbo commented 1 year ago

This is a bug with terraform itself, please +1 this issue to get more momentum in solving it: https://github.com/hashicorp/terraform-provider-aws/issues/33857

pcnova commented 1 year ago

Really? No guidence or on this?

TLDR: remove the attribute, but you might want to remove the interface altogether.

What I did at first was to remove the interface_type attribute to let the default apply (Elastic something or other). This got rid of the error and created the interface successfully.

Now, in my case, this interface was associated to an EIP (static IP) resource, which in turn was associated to a NAT resource. This whole setup was giving me issues (Terraform error Resource.AlreadyAssociated), so I ended up removing the interface altogether, since the docs never talk about creating an interface for the NAT.

It turns out that when you do that (leaving just the NAT and EIP, associated via the EIP's allocation_id), AWS automatically creates a network interface for the NAT, with the right attribute set: interface_type=nat_gateway

I suspect this is the case here. Terraformer's "fault" is in exporting this interface's configuration, but I don't know if it even has a way of knowing this was created automatically, not by the user.

So, if your case is similar to mine, just remove the interface and let AWS create and manage it. Then you don't need to worry about its attributes.