Open swilkinson-and opened 5 years ago
@swilkinson-and Are you creating the aws_ec2_transit_gateway_vpc_attachment
resource in the "accepter" account - the AWS account that does NOT own the Transit Gateway?
If so, the aws_ec2_transit_gateway_vpc_attachment_accepter
resource should be used in the accepting account instead.
@ewbankkit I'm seeing the same issue. I can confirm that the aws_ec2_transit_gateway_vpc_attachment_accepter is being created in the account that owns the transit gateway. Running it once i get the same error above, running it a second time applies without issue. I can confirm that depends_on has been set correctly too. Any thoughts as to what could be causing this?
can confirm. In the aws_route
resource, I had to add a depends_on for the aws_ec2_transit_gateway_vpc_attachment
resource.
@swilkinson-and For dealing with this limitation, one can introduce an explicit dependency like so: https://github.com/Flaconi/terraform-aws-transit-gateway-satellite/blob/master/main.tf#L13
It would be helpful if the attachment resource accepted a resource_share_id
argument as an optional, ForceNew, attribute, for these shared tgw use cases. Similar for shared resolver rules, and really anything else that relies on the RAM share being visible to the account.
I am also facing this issue. This seems to be intermittent since it works without changes in the following execution.
has anyone have workaround to resolve the issue ? -
Running into this today on version 3.11.0
Same on 3.22.0 for aws_route with shared TGW as a target. At first I thought something was messed up with RAM setup but after checking in the web console for visibility of TGW in an account where aws_route was throwing an error, I retried and it passed successfully in a jiffy.
For anyone hitting this issue, I found this related issue comment helpful:- https://github.com/hashicorp/terraform-provider-aws/issues/13830#issuecomment-713145404
Also adding an explicit depends_on
both the aws_ec2_transit_gateway
and aws_ec2_transit_gateway_vpc_attachment
resources helped.
Hey y'all :wave: Thank you for taking the time to file this issue and for the additional discussion! Given the workarounds mentioned thus far and that there's been a number of AWS provider releases since this was initially filed, can anyone confirm whether you're still experiencing this behavior?
I am still facing this issue with provider 3.75.2. I have also added an explicit depends_on
for the shared resouce [ aws_ram_resource_association]
Caught this once on hashicorp/aws v5.16.1
currently troubleshooting this using hashicorp/aws v5.62.0, which led me to this "issue".
Hi,
I am having issues with attaching a Transit Gateway to a VPC as it is being provisioned. The first time I run an apply I get the error message for each route table.
Within the AWS Console the attachments show as a blackhole. If I run the Apply again it is successful.
resource "aws_ec2_transit_gateway_vpc_attachment" "tgw_attachment" { count = "${var.attach_tgw_to_vpc ? 1 : 0}" subnet_ids = ["${split(",",module.vpc.private_subnet_ids)}"] transit_gateway_id = "${data.terraform_remote_state.gateway.transit_gateway_id}" vpc_id = "${module.vpc.vpc_id}"
tags { Name = "${var.environment}-${var.account_type}" Environment = "${var.environment}" Service = "${var.account_type}" Type = "TGW_attachment" } }
This was working fine when ran earlier this year.
I am running the AWS Provider 2.27.0
Thanks in advance
Simon