search

grem11n / terraform-aws-vpc-peering

Terraform module to setup VPC peering connection
https://registry.terraform.io/modules/grem11n/vpc-peering/aws/latest
Apache License 2.0
126 stars 91 forks source link

[BUG] For_each cannot be determined until apply #117

Open sarasensible opened 4 months ago

sarasensible commented 4 months ago

Describe the bug Similar to https://github.com/grem11n/terraform-aws-vpc-peering/issues/102 , a plan using 7.0.0 of the module results in a for_each invalid argument error. I am using the single account multi-region module.

Terraform version: What Terraform version do you use? 1.7.5

Module version: What module version do you use? 7.0.0

Error message:

│ Error: Invalid for_each argument
│ 
│   on .terraform/modules/single_account_multi_region/data.tf line 61, in data "aws_route_tables" "this_associated_route_tables":
│   61:   for_each = { for subnet in data.aws_subnets.this.ids : subnet => subnet }
│     ├────────────────
│     │ data.aws_subnets.this.ids is a list of string, known only after apply
│ 
│ The "for_each" value depends on resource attributes that cannot be
│ determined until apply, so Terraform cannot predict how many instances will
│ be created. To work around this, use the -target argument to first apply
│ only the resources that the for_each depends on.
╵
╷
│ Error: Invalid for_each argument
│ 
│   on .terraform/modules/single_account_multi_region/data.tf line 94, in data "aws_route_tables" "peer_associated_route_tables":
│   94:   for_each = { for subnet in data.aws_subnets.peer.ids : subnet => subnet }
│     ├────────────────
│     │ data.aws_subnets.peer.ids is a list of string, known only after apply
│ 
│ The "for_each" value depends on resource attributes that cannot be
│ determined until apply, so Terraform cannot predict how many instances will
│ be created. To work around this, use the -target argument to first apply
│ only the resources that the for_each depends on.

Terraform code that produces the error:

module "single_account_multi_region" {
  source  = "grem11n/vpc-peering/aws"
  version = "7.0.0"

  depends_on = [module.vpc]

  providers = {
    aws.this = aws
    aws.peer = aws.us-east-2
  }

  this_vpc_id = module.vpc.vpc_id
  peer_vpc_id = data.aws_vpcs.main_us_east_2.ids[0]

  auto_accept_peering = true
  this_rts_ids = module.vpc.private_route_table_ids
  peer_rts_ids = data.aws_route_tables.private_rts.ids

Additional context Workaround is to downgrade to 6.0.0

yannverreault commented 2 months ago

I believe this bug has been introduced by #109 . We are facing the same issue where we try to initiate a new environment. My guess is the VPC and subnets aren't created yet so the values in the for_each can't be determined until apply.