[Enhancement] Export route table associations

[AdamTylerLynch]

Problem statement: I have a resource (RDS custom for Oracle) in a private subnet that needs to communicate with S3 via a Gateway endpoint. During the termination of the instance, the instance will pull scripts from S3 to execute on the instance prior to shutting down. When operating terraform destroy, the Terraform engine tears down the route table associations early in the lifecycle, and the RDS instance is not able to connect to the S3 Gateway endpoint.

To be able to explicitly add a depends_on to the route table association, I would like to request the route table associations be exported.

I also welcome other suggestions regarding the route table associations.

[AdamTylerLynch]

terraform state list
data.aws_kms_key.by_id
data.aws_rds_orderable_db_instance.custom-oracle
module.rds_custom_for_oracle.data.aws_caller_identity.current
module.rds_custom_for_oracle.data.aws_iam_policy.ssm_managed_default_policy
module.rds_custom_for_oracle.data.aws_kms_key.by_id
module.rds_custom_for_oracle.data.aws_region.current
module.rds_custom_for_oracle.aws_db_instance.primary
module.rds_custom_for_oracle.aws_db_subnet_group.rdscustom[0]
module.rds_custom_for_oracle.aws_iam_instance_profile.rdscustom[0]
module.rds_custom_for_oracle.aws_iam_role.rdscustom[0]
module.vpc.data.aws_availability_zones.current
module.vpc.aws_route_table.private["private/us-west-2a"]
module.vpc.aws_route_table.private["private/us-west-2b"]
module.vpc.aws_route_table.private["private/us-west-2c"]
module.vpc.aws_route_table_association.private["private/us-west-2a"]
module.vpc.aws_route_table_association.private["private/us-west-2b"]
module.vpc.aws_route_table_association.private["private/us-west-2c"]
module.vpc.aws_subnet.private["private/us-west-2a"]
module.vpc.aws_subnet.private["private/us-west-2b"]
module.vpc.aws_subnet.private["private/us-west-2c"]
module.vpc.aws_vpc.main[0]
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_region.current
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.ec2
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.ec2messages
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.events
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.logs
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.monitoring
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.secretsmanager
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.ssm
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_subnets.ssmmessages
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.ec2
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.ec2messages
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.events
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.logs
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.monitoring
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.secretsmanager
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.ssm
module.rds_custom_for_oracle.module.private_link_endpoints[0].data.aws_vpc_endpoint_service.ssmmessages
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_security_group.vpc_endpoint_sg[0]
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.ec2
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.ec2messages
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.events
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.logs
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.monitoring
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.s3
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.secretsmanager
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.ssm
module.rds_custom_for_oracle.module.private_link_endpoints[0].aws_vpc_endpoint.ssmmessages

When operating terraform destroy, the module.vpc.aws_route_table_association.private[*] resources are being deleted before the RDS instance/replicas. We need to be able to configure a dependency that allows the instances/replicas to be deleted prior to the module.vpc.aws_route_table_association.private[*].

[pablo19sc]

@AdamTylerLynch we don't need this, right?

[AdamTylerLynch]

Correct, I was able to explicitly add a depends_on for the module.