cgrbyk commented 1 year ago

Terraform Core Version

1.3.9,1.3.7

AWS Provider Version

4.55.0,4.52.0

Affected Resource(s)

aws_ec2_transit_gateway_route

Expected Behavior

Transit Gateway route should be added to state file after terraform import command.

Actual Behavior

throws error and fails

Relevant Error/Panic Output Snippet

Error: Cannot import non-existent remote object
While attempting to import an existing object to "module.gateway.aws_ec2_transit_gateway_route.private-vpc-route", the provider detected that no object exists with the given id. Only pre-existing objects can be imported; check that the id is correct and that it is associated with the provider's configured region or
endpoint, or use "terraform apply" to create a new remote object for this resource.

Terraform Configuration Files

gateway module:

  resource "aws_ec2_transit_gateway" "tgw" {
      description = "gateway for vpn"

      tags = {
        "Name" = "openvpn-gateway"
        "managed_by_terraform" = "true"
      }
    }

    resource "aws_ec2_transit_gateway_vpc_attachment" "tgw-attachments-private-vpc" {
      transit_gateway_id = aws_ec2_transit_gateway.tgw.id
      vpc_id = var.private-vpc-id

      subnet_ids = var.private-vpc-subnets

      tags = {
        "Name" = "private-vpc-gateway-attachment"
        "managed_by_terraform" = "true"
      }
    }

    resource "aws_ec2_transit_gateway_route_table" "tgw-route-table" {
      transit_gateway_id = aws_ec2_transit_gateway.tgw.id

      tags = {
        "Name" = "openvpn-gateawy-route-table"
        "managed_by_terraform" = "true"
      }
    }

   resource "aws_ec2_transit_gateway_route" "private-vpc-route" {
      destination_cidr_block = var.private-vpc-cidr
      transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.tgw-attachments-private-vpc.id
      transit_gateway_route_table_id = aws_ec2_transit_gateway_route_table.tgw-route-table.id
    }

main.tf file:

module "vpc" {
  source      = "../modules/vpc"
  public-subnets-name = var.public-subnets-name
  public-subnets-cidr = var.public-subnets-cidr
  private-cidr = var.private-cidr
  private-subnets-name = var.private-subnets-name
  private-subnets-cidr = var.private-subnets-cidr
  igw-id = module.gateway.igw-id
  private-igw-id = module.gateway.private-igw-id
  tg-id = module.gateway.tgw-id
  pcx-id = var.pcx-id
  nat-id = module.gateway.nat-id
  development-private-vpc-cidr = var.development-private-vpc-cidr
}

module "gateway" {
  source = "../modules/gateway"
  public-vpc-id = module.vpc.public-vpc-id
  public-vpc-cidr = var.public-cidr
  private-vpc-id = module.vpc.private-vpc-id
  private-vpc-cidr = var.private-cidr
  nat-subnet = module.vpc.private-vpcs_public-subnet-id
  nat-allocation = var.nat-allocation
  private-vpc-subnets = module.vpc.private-vpc-subnet_ids
  public-vpc-subnets = module.vpc.public-vpc-subnet_ids
}

import command :

terraform import 'module.gateway.aws_ec2_transit_gateway_route.private-vpc-route' 'tgw-rtb-xxx_10.0.0.0/16'

Steps to Reproduce

Create a transit gateway and attach it to two vpc then try import transit gateway route to terraform state

Debug Output

No response

Panic Output

No response

Important Factoids

i am using an s3 backend and there is no problem with importing other resources. I also double checked route table id and destination cidr.

References

import command resource: documantation

Would you like to implement a fix?

None

github-actions[bot] commented 1 year ago

Community Note

Voting for Prioritization

Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
Please see our prioritization guide for information on how we prioritize.
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

If you are interested in working on this issue, please leave a comment.
If this would be your first contribution, please review the contribution guide.

rpattcorner commented 1 year ago

Also occurs using tf 1.5.4 when attempting to import and generate configuration for tgw attachments. Perhaps the TGW resources are not quite right regarding import?

matthenry87 commented 1 year ago

I am also running into this. It may have something to do with the fact that the TGW and it's route table are actually owned by another account. Because of that, Terraform will not find it.

My TGW is listed under TGWs (with the owner accountId listed), but the route table is not listed under TGW Route Tables.

mobious999 commented 8 months ago

I am also running into this as well for a peered account.

iredko-procore commented 5 months ago

Hi all. If this issue is still relevant to anyone try importing the route by its destination_cidr_block. Like: terraform import module.gateway.aws_ec2_transit_gateway_route.private-vpc-route <route table ID>_0.0.0.0/0

rafaelmedeiros1994 commented 4 months ago

For those who are still having this issue, I also could not import the resource, then I ran terraform apply anyway to see what would happen, and it didn't throw any errors, just make sure you create with the correct destination CIDR block and attachment ID.

Terraform plan now shows "No Infrastructure Changes" and the resource is still there with no changes.

hashicorp / terraform-provider-aws

[Bug]: Unable to import transit gateway route #29545