Customer Gateway creation fails when ASN is 4-byte and in pvt range

[madhukar32]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

terraform -v
Terraform v0.12.28

Your version of Terraform is out of date! The latest version
is 0.13.1. You can update by downloading from https://www.terraform.io/downloads.html

provider.aws ~> 2.70.0

Affected Resource(s)

• aws_customer_gateway

Terraform Configuration Files

resource "aws_customer_gateway" "volterra_nodes" {
  bgp_asn     = 4293918725
  ip_address = 3.21.138.84
  type       = "ipsec.1"
  tags = merge(
    var.common_tags,
    {
      "hostname" = each.key
    }
  )
}

Debug Output

2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: 2020/09/01 12:57:26 [DEBUG] Creating customer gateway
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: 2020/09/01 12:57:26 [DEBUG] [aws-sdk-go] DEBUG: Request ec2/CreateCustomerGateway Details:
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: ---[ REQUEST POST-SIGN ]-----------------------------
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: POST / HTTP/1.1
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Host: ec2.us-east-2.amazonaws.com
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: User-Agent: aws-sdk-go/1.32.12 (go1.13.7; darwin; amd64) APN/1.0 HashiCorp/1.0 Terraform/0.12.28 (+https://www.terraform.io)
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Content-Length: 100
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Authorization: AWS4-HMAC-SHA256 Credential=AKIAWKKJE7RJFRFO6OJX/20200901/us-east-2/ec2/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=10b538851a83f5e982b9df2334c38ae74de91ce1227bb19374097c258c757bd3
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Content-Type: application/x-www-form-urlencoded; charset=utf-8
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: X-Amz-Date: 20200901T195726Z
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Accept-Encoding: gzip
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4:
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Action=CreateCustomerGateway&BgpAsn=4293918725&IpAddress=3.21.138.84&Type=ipsec.1&Version=2016-11-15
2020-09-01T12:57:26.225-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: -----------------------------------------------------
2020/09/01 12:57:28 [TRACE] dag/walk: vertex "root" is waiting for "meta.count-boundary (EachMode fixup)"
2020/09/01 12:57:28 [TRACE] dag/walk: vertex "provider.aws (close)" is waiting for "module.aws_tgw_infra.aws_customer_gateway.volterra_nodes[\"ves-node-id-8677b94ddd\"]"
2020/09/01 12:57:30 [TRACE] dag/walk: vertex "meta.count-boundary (EachMode fixup)" is waiting for "module.aws_tgw_infra.aws_customer_gateway.volterra_nodes[\"ves-node-id-8677b94ddd\"]"
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: 2020/09/01 12:57:31 [DEBUG] [aws-sdk-go] DEBUG: Response ec2/CreateCustomerGateway Details:
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: ---[ RESPONSE ]--------------------------------------
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: HTTP/1.1 400 Bad Request
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Connection: close
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Transfer-Encoding: chunked
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Date: Tue, 01 Sep 2020 19:57:30 GMT
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: Server: AmazonEC2
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4:
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4:
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: -----------------------------------------------------
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: 2020/09/01 12:57:31 [DEBUG] [aws-sdk-go] <?xml version="1.0" encoding="UTF-8"?>
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: <Response><Errors><Error><Code>InvalidParameterValue</Code><Message>Invalid integer value 4293918725</Message></Error></Errors><RequestID>092caa92-ed10-49d3-9ce1-7ffa144230c4</RequestID></Response>
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4: 2020/09/01 12:57:31 [DEBUG] [aws-sdk-go] DEBUG: Validate Response ec2/CreateCustomerGateway failed, attempt 0/25, error InvalidParameterValue: Invalid integer value 4293918725
2020-09-01T12:57:31.549-0700 [DEBUG] plugin.terraform-provider-aws_v2.70.0_x4:  status code: 400, request id: 092caa92-ed10-49d3-9ce1-7ffa144230c4

--->

Expected Behavior

As per the VPN FAQ's 4-byte private ASN is allowed, so it should allow to create CGW in range 4200000000 and 4294967294

[gdavison]

According to AWS documentation, the 4-byte ASN range supported by Customer Gateways is 1-2147483647.

[madhukar32]

@gdavison : can this info be added as part of customer_gateway terraform docs

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!