Open williamsbdev opened 1 year ago
Hi there @williamsbdev thanks for taking the time to file the issue! We are trying to fix as many convert issues as possible.
The issue seems to happen because there is an iteration that doesn't typecheck correctly.
{root}/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number
It would be great if you could share a snippet of the code to help us debug the problem. The error above is referring to a file called main.pp
which contains PCL code that is our intermediate language. From PCL, we convert to the final target language.
You can get the full PCL program if you try converting to it:
pulumi convert --from terraform --language pcl --out tf-to-pulumi
If you can share the snippets from which the errors are appearing, we can try to figure out the underlying problem.
@Zaid-Ajaj - Thanks for the reply! Here is the output from the run as you suggested:
pulumi convert --from terraform --language pcl --out tf-to-pulumi
Converting from terraform...
warning: /$HOME/<path>/infrastructure/provider.tf:19,1-15: Failed to evaluate provider config; Could not evaluate expression for aws:region
warning: /$HOME/<path>/infrastructure/provider.tf:35,1-19: Failed to evaluate provider config; Could not evaluate expression for datadog:api_key
warning: /$HOME/<path>/infrastructure/provider.tf:35,1-19: Failed to evaluate provider config; Could not evaluate expression for datadog:app_key
Converting to pcl...
================================================================================
The Pulumi CLI encountered a code generation error. This is a bug!
We would appreciate a report: https://github.com/pulumi/pulumi/issues/
Please provide all of the below text in your report.
================================================================================
Pulumi Version: v3.72.1
error: main.pp:0,0-27,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/main.pp:34,1-44,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/project.pp:0,0-32,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s), and 2 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/project.pp:0,0-32,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s), and 2 other diagnostic(s), and 1 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/main.pp:34,1-44,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/project.pp:0,0-32,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s), and 2 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/project.pp:0,0-32,2: /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s); /var/folders/5g/cx7qqrgd601cmhcsxk7n0kdc0000gn/T/pulumi-convert1125193082/modules/vpc/vpc_5.0.0/main.pp:84,5-115: cannot iterate over a value of type number; , and 26 other diagnostic(s), and 2 other diagnostic(s), and 1 other diagnostic(s)
warning: A new version of Pulumi is available. To upgrade from version '3.72.1' to '3.72.2', run
$ brew update && brew upgrade pulumi
or visit https://pulumi.com/docs/install/ for manual instructions and release notes.
error: could not generate output program
pulumi convert --from terraform --language pcl --out tf-to-pulumi 63.48s user 5.33s system 106% cpu 1:04.48 total
The modules/vpc/vpc_5.0.0/main.pp
looks like this (which I believe is the terraform-aws-modules/vpc/aws
:
lenPublicSubnets = invoke("std:index:max", {
input = [length(publicSubnets), length(publicSubnetIpv6Prefixes)]
}).result
lenPrivateSubnets = invoke("std:index:max", {
input = [length(privateSubnets), length(privateSubnetIpv6Prefixes)]
}).result
lenDatabaseSubnets = invoke("std:index:max", {
input = [length(databaseSubnets), length(databaseSubnetIpv6Prefixes)]
}).result
lenElasticacheSubnets = invoke("std:index:max", {
input = [length(elasticacheSubnets), length(elasticacheSubnetIpv6Prefixes)]
}).result
lenRedshiftSubnets = invoke("std:index:max", {
input = [length(redshiftSubnets), length(redshiftSubnetIpv6Prefixes)]
}).result
lenIntraSubnets = invoke("std:index:max", {
input = [length(intraSubnets), length(intraSubnetIpv6Prefixes)]
}).result
lenOutpostSubnets = invoke("std:index:max", {
input = [length(outpostSubnets), length(outpostSubnetIpv6Prefixes)]
}).result
maxSubnetLength = invoke("std:index:max", {
input = [lenPrivateSubnets, lenPublicSubnets, lenIntraSubnets, lenElasticacheSubnets, lenDatabaseSubnets, lenRedshiftSubnets]
}).result
# Use `local.vpc_id` to give a hint to Terraform that subnets should be deleted before secondary CIDR blocks can be free!
vpcId = notImplemented("try(aws_vpc_ipv4_cidr_block_association.this[0].vpc_id,aws_vpc.this[0].id,\"\")")
mycreateVpc = createVpc && putinKhuylo
################################################################################
# VPC
################################################################################
resource "this" "aws:ec2/vpc:Vpc" {
options {
range = mycreateVpc ? 1 : 0
}
cidrBlock = useIpamPool ? null : cidr
ipv4IpamPoolId = ipv4IpamPoolId
ipv4NetmaskLength = ipv4NetmaskLength
assignGeneratedIpv6CidrBlock = enableIpv6 && !useIpamPool ? true : null
ipv6CidrBlock = ipv6Cidr
ipv6IpamPoolId = ipv6IpamPoolId
ipv6NetmaskLength = ipv6NetmaskLength
ipv6CidrBlockNetworkBorderGroup = ipv6CidrBlockNetworkBorderGroup
instanceTenancy = instanceTenancy
enableDnsHostnames = enableDnsHostnames
enableDnsSupport = enableDnsSupport
enableNetworkAddressUsageMetrics = enableNetworkAddressUsageMetrics
tags = notImplemented("merge(\n{\"Name\"=var.name},\nvar.tags,\nvar.vpc_tags,\n)")
}
resource "thisResource" "aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation" {
options {
range = mycreateVpc && length(secondaryCidrBlocks) > 0 ? length(secondaryCidrBlocks) : 0
}
vpcId = this[0].id
cidrBlock = notImplemented("element(var.secondary_cidr_blocks,count.index)")
}
################################################################################
# DHCP Options Set
################################################################################
resource "thisResource2" "aws:ec2/vpcDhcpOptions:VpcDhcpOptions" {
options {
range = mycreateVpc && enableDhcpOptions ? 1 : 0
}
domainName = dhcpOptionsDomainName
domainNameServers = dhcpOptionsDomainNameServers
ntpServers = dhcpOptionsNtpServers
netbiosNameServers = dhcpOptionsNetbiosNameServers
netbiosNodeType = dhcpOptionsNetbiosNodeType
tags = notImplemented("merge(\n{\"Name\"=var.name},\nvar.tags,\nvar.dhcp_options_tags,\n)")
}
resource "thisResource3" "aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation" {
options {
range = mycreateVpc && enableDhcpOptions ? 1 : 0
}
vpcId = vpcId
dhcpOptionsId = thisResource2[0].id
}
createPublicSubnets = mycreateVpc && lenPublicSubnets > 0
resource "public" "aws:ec2/subnet:Subnet" {
options {
range = createPublicSubnets && (!oneNatGatewayPerAz || lenPublicSubnets >= length(azs)) ? lenPublicSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && publicSubnetIpv6Native ? true : publicSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = publicSubnetIpv6Native ? null : notImplemented("element(concat(var.public_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && publicSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && publicSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !publicSubnetIpv6Native && publicSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(publicSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = publicSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && publicSubnetIpv6Native
mapPublicIpOnLaunch = mapPublicIpOnLaunch
privateDnsHostnameTypeOnLaunch = publicSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.public_subnet_names[count.index],\nformat(\"$${var.name}-$${var.public_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.public_subnet_tags,\nlookup(var.public_subnet_tags_per_az,element(var.azs,count.index),{})\n)")
}
resource "publicResource" "aws:ec2/routeTable:RouteTable" {
options {
range = createPublicSubnets ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.public_subnet_suffix}\"},\nvar.tags,\nvar.public_route_table_tags,\n)")
}
resource "publicResource2" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createPublicSubnets ? lenPublicSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.public[*].id,count.index)")
routeTableId = publicResource[0].id
}
resource "publicInternetGateway" "aws:ec2/route:Route" {
options {
range = createPublicSubnets && createIgw ? 1 : 0
}
routeTableId = publicResource[0].id
destinationCidrBlock = "0.0.0.0/0"
gatewayId = thisResource4[0].id
}
resource "publicInternetGatewayIpv6" "aws:ec2/route:Route" {
options {
range = createPublicSubnets && createIgw && enableIpv6 ? 1 : 0
}
routeTableId = publicResource[0].id
destinationIpv6CidrBlock = "::/0"
gatewayId = thisResource4[0].id
}
################################################################################
# Public Network ACLs
################################################################################
resource "publicResource3" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createPublicSubnets && publicDedicatedNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = public[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.public_subnet_suffix}\"},\nvar.tags,\nvar.public_acl_tags,\n)")
}
resource "publicInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createPublicSubnets && publicDedicatedNetworkAcl ? length(publicInboundAclRules) : 0
}
networkAclId = publicResource3[0].id
egress = false
ruleNumber = publicInboundAclRules[range.value]["rule_number"]
ruleAction = publicInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = publicInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.public_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "publicOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createPublicSubnets && publicDedicatedNetworkAcl ? length(publicOutboundAclRules) : 0
}
networkAclId = publicResource3[0].id
egress = true
ruleNumber = publicOutboundAclRules[range.value]["rule_number"]
ruleAction = publicOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = publicOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.public_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createPrivateSubnets = mycreateVpc && lenPrivateSubnets > 0
resource "private" "aws:ec2/subnet:Subnet" {
options {
range = createPrivateSubnets ? lenPrivateSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && privateSubnetIpv6Native ? true : privateSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = privateSubnetIpv6Native ? null : notImplemented("element(concat(var.private_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && privateSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && privateSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !privateSubnetIpv6Native && privateSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(privateSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = privateSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && privateSubnetIpv6Native
privateDnsHostnameTypeOnLaunch = privateSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.private_subnet_names[count.index],\nformat(\"$${var.name}-$${var.private_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.private_subnet_tags,\nlookup(var.private_subnet_tags_per_az,element(var.azs,count.index),{})\n)")
}
# There are as many routing tables as the number of NAT gateways
resource "privateResource" "aws:ec2/routeTable:RouteTable" {
options {
range = createPrivateSubnets && maxSubnetLength > 0 ? natGatewayCount : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\n\"Name\"=var.single_nat_gateway?\"$${var.name}-$${var.private_subnet_suffix}\":format(\n\"$${var.name}-$${var.private_subnet_suffix}-%s\",\nelement(var.azs,count.index),\n)\n},\nvar.tags,\nvar.private_route_table_tags,\n)")
}
resource "privateResource2" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createPrivateSubnets ? lenPrivateSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.private[*].id,count.index)")
routeTableId = notImplemented("element(\naws_route_table.private[*].id,\nvar.single_nat_gateway?0:count.index,\n)")
}
createPrivateNetworkAcl = createPrivateSubnets && privateDedicatedNetworkAcl
resource "privateResource3" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createPrivateNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = private[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.private_subnet_suffix}\"},\nvar.tags,\nvar.private_acl_tags,\n)")
}
resource "privateInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createPrivateNetworkAcl ? length(privateInboundAclRules) : 0
}
networkAclId = privateResource3[0].id
egress = false
ruleNumber = privateInboundAclRules[range.value]["rule_number"]
ruleAction = privateInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = privateInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.private_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "privateOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createPrivateNetworkAcl ? length(privateOutboundAclRules) : 0
}
networkAclId = privateResource3[0].id
egress = true
ruleNumber = privateOutboundAclRules[range.value]["rule_number"]
ruleAction = privateOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = privateOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.private_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createDatabaseSubnets = mycreateVpc && lenDatabaseSubnets > 0
createDatabaseRouteTable = createDatabaseSubnets && createDatabaseSubnetRouteTable
resource "database" "aws:ec2/subnet:Subnet" {
options {
range = createDatabaseSubnets ? lenDatabaseSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && databaseSubnetIpv6Native ? true : databaseSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = databaseSubnetIpv6Native ? null : notImplemented("element(concat(var.database_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && databaseSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && databaseSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !databaseSubnetIpv6Native && databaseSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(databaseSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = databaseSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && databaseSubnetIpv6Native
privateDnsHostnameTypeOnLaunch = databaseSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.database_subnet_names[count.index],\nformat(\"$${var.name}-$${var.database_subnet_suffix}-%s\",element(var.azs,count.index),)\n)\n},\nvar.tags,\nvar.database_subnet_tags,\n)")
}
resource "databaseResource" "aws:rds/subnetGroup:SubnetGroup" {
options {
range = createDatabaseSubnets && createDatabaseSubnetGroup ? 1 : 0
}
name = invoke("std:index:lower", {
input = notImplemented("coalesce(var.database_subnet_group_name,var.name)")
}).result
description = "Database subnet group for ${name}"
subnetIds = database[*].id
tags = notImplemented("merge(\n{\n\"Name\"=lower(coalesce(var.database_subnet_group_name,var.name))\n},\nvar.tags,\nvar.database_subnet_group_tags,\n)")
}
resource "databaseResource2" "aws:ec2/routeTable:RouteTable" {
options {
range = createDatabaseRouteTable ? singleNatGateway || createDatabaseInternetGatewayRoute ? 1 : lenDatabaseSubnets : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\n\"Name\"=var.single_nat_gateway||var.create_database_internet_gateway_route?\"$${var.name}-$${var.database_subnet_suffix}\":format(\n\"$${var.name}-$${var.database_subnet_suffix}-%s\",\nelement(var.azs,count.index),\n)\n},\nvar.tags,\nvar.database_route_table_tags,\n)")
}
resource "databaseResource3" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createDatabaseSubnets ? lenDatabaseSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.database[*].id,count.index)")
routeTableId = notImplemented("element(\ncoalescelist(aws_route_table.database[*].id,aws_route_table.private[*].id),\nvar.create_database_subnet_route_table?var.single_nat_gateway||var.create_database_internet_gateway_route?0:count.index:count.index,\n)")
}
resource "databaseInternetGateway" "aws:ec2/route:Route" {
options {
range = createDatabaseRouteTable && createIgw && createDatabaseInternetGatewayRoute && !createDatabaseNatGatewayRoute ? 1 : 0
}
routeTableId = databaseResource2[0].id
destinationCidrBlock = "0.0.0.0/0"
gatewayId = thisResource4[0].id
}
resource "databaseNatGateway" "aws:ec2/route:Route" {
options {
range = createDatabaseRouteTable && !createDatabaseInternetGatewayRoute && createDatabaseNatGatewayRoute && enableNatGateway ? singleNatGateway ? 1 : lenDatabaseSubnets : 0
}
routeTableId = notImplemented("element(aws_route_table.database[*].id,count.index)")
destinationCidrBlock = "0.0.0.0/0"
natGatewayId = notImplemented("element(aws_nat_gateway.this[*].id,count.index)")
}
resource "databaseDns64NatGateway" "aws:ec2/route:Route" {
options {
range = createDatabaseRouteTable && !createDatabaseInternetGatewayRoute && createDatabaseNatGatewayRoute && enableNatGateway && enableIpv6 && privateSubnetEnableDns64 ? singleNatGateway ? 1 : lenDatabaseSubnets : 0
}
routeTableId = notImplemented("element(aws_route_table.database[*].id,count.index)")
destinationIpv6CidrBlock = "64:ff9b::/96"
natGatewayId = notImplemented("element(aws_nat_gateway.this[*].id,count.index)")
}
resource "databaseIpv6Egress" "aws:ec2/route:Route" {
options {
range = createDatabaseRouteTable && createEgressOnlyIgw && enableIpv6 && createDatabaseInternetGatewayRoute ? 1 : 0
}
routeTableId = databaseResource2[0].id
destinationIpv6CidrBlock = "::/0"
egressOnlyGatewayId = thisResource5[0].id
}
createDatabaseNetworkAcl = createDatabaseSubnets && databaseDedicatedNetworkAcl
resource "databaseResource4" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createDatabaseNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = database[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.database_subnet_suffix}\"},\nvar.tags,\nvar.database_acl_tags,\n)")
}
resource "databaseInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createDatabaseNetworkAcl ? length(databaseInboundAclRules) : 0
}
networkAclId = databaseResource4[0].id
egress = false
ruleNumber = databaseInboundAclRules[range.value]["rule_number"]
ruleAction = databaseInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = databaseInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.database_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "databaseOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createDatabaseNetworkAcl ? length(databaseOutboundAclRules) : 0
}
networkAclId = databaseResource4[0].id
egress = true
ruleNumber = databaseOutboundAclRules[range.value]["rule_number"]
ruleAction = databaseOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = databaseOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.database_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createRedshiftSubnets = mycreateVpc && lenRedshiftSubnets > 0
createRedshiftRouteTable = createRedshiftSubnets && createRedshiftSubnetRouteTable
resource "redshift" "aws:ec2/subnet:Subnet" {
options {
range = createRedshiftSubnets ? lenRedshiftSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && redshiftSubnetIpv6Native ? true : redshiftSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = redshiftSubnetIpv6Native ? null : notImplemented("element(concat(var.redshift_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && redshiftSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && redshiftSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !redshiftSubnetIpv6Native && redshiftSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(redshiftSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = redshiftSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && redshiftSubnetIpv6Native
privateDnsHostnameTypeOnLaunch = redshiftSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.redshift_subnet_names[count.index],\nformat(\"$${var.name}-$${var.redshift_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.redshift_subnet_tags,\n)")
}
resource "redshiftResource" "aws:redshift/subnetGroup:SubnetGroup" {
options {
range = createRedshiftSubnets && createRedshiftSubnetGroup ? 1 : 0
}
name = invoke("std:index:lower", {
input = notImplemented("coalesce(var.redshift_subnet_group_name,var.name)")
}).result
description = "Redshift subnet group for ${name}"
subnetIds = redshift[*].id
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.redshift_subnet_group_name,var.name)},\nvar.tags,\nvar.redshift_subnet_group_tags,\n)")
}
resource "redshiftResource2" "aws:ec2/routeTable:RouteTable" {
options {
range = createRedshiftRouteTable ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.redshift_subnet_suffix}\"},\nvar.tags,\nvar.redshift_route_table_tags,\n)")
}
resource "redshiftResource3" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createRedshiftSubnets && !enablePublicRedshift ? lenRedshiftSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.redshift[*].id,count.index)")
routeTableId = notImplemented("element(\ncoalescelist(aws_route_table.redshift[*].id,aws_route_table.private[*].id),\nvar.single_nat_gateway||var.create_redshift_subnet_route_table?0:count.index,\n)")
}
resource "redshiftPublic" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createRedshiftSubnets && enablePublicRedshift ? lenRedshiftSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.redshift[*].id,count.index)")
routeTableId = notImplemented("element(\ncoalescelist(aws_route_table.redshift[*].id,aws_route_table.public[*].id),\nvar.single_nat_gateway||var.create_redshift_subnet_route_table?0:count.index,\n)")
}
createRedshiftNetworkAcl = createRedshiftSubnets && redshiftDedicatedNetworkAcl
resource "redshiftResource4" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createRedshiftNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = redshift[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.redshift_subnet_suffix}\"},\nvar.tags,\nvar.redshift_acl_tags,\n)")
}
resource "redshiftInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createRedshiftNetworkAcl ? length(redshiftInboundAclRules) : 0
}
networkAclId = redshiftResource4[0].id
egress = false
ruleNumber = redshiftInboundAclRules[range.value]["rule_number"]
ruleAction = redshiftInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = redshiftInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.redshift_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "redshiftOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createRedshiftNetworkAcl ? length(redshiftOutboundAclRules) : 0
}
networkAclId = redshiftResource4[0].id
egress = true
ruleNumber = redshiftOutboundAclRules[range.value]["rule_number"]
ruleAction = redshiftOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = redshiftOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.redshift_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createElasticacheSubnets = mycreateVpc && lenElasticacheSubnets > 0
createElasticacheRouteTable = createElasticacheSubnets && createElasticacheSubnetRouteTable
resource "elasticache" "aws:ec2/subnet:Subnet" {
options {
range = createElasticacheSubnets ? lenElasticacheSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && elasticacheSubnetIpv6Native ? true : elasticacheSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = elasticacheSubnetIpv6Native ? null : notImplemented("element(concat(var.elasticache_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && elasticacheSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && elasticacheSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !elasticacheSubnetIpv6Native && elasticacheSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(elasticacheSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = elasticacheSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && elasticacheSubnetIpv6Native
privateDnsHostnameTypeOnLaunch = elasticacheSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.elasticache_subnet_names[count.index],\nformat(\"$${var.name}-$${var.elasticache_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.elasticache_subnet_tags,\n)")
}
resource "elasticacheResource" "aws:elasticache/subnetGroup:SubnetGroup" {
options {
range = createElasticacheSubnets && createElasticacheSubnetGroup ? 1 : 0
}
name = notImplemented("coalesce(var.elasticache_subnet_group_name,var.name)")
description = "ElastiCache subnet group for ${name}"
subnetIds = elasticache[*].id
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.elasticache_subnet_group_name,var.name)},\nvar.tags,\nvar.elasticache_subnet_group_tags,\n)")
}
resource "elasticacheResource2" "aws:ec2/routeTable:RouteTable" {
options {
range = createElasticacheRouteTable ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.elasticache_subnet_suffix}\"},\nvar.tags,\nvar.elasticache_route_table_tags,\n)")
}
resource "elasticacheResource3" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createElasticacheSubnets ? lenElasticacheSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.elasticache[*].id,count.index)")
routeTableId = notImplemented("element(\ncoalescelist(\naws_route_table.elasticache[*].id,\naws_route_table.private[*].id,\n),\nvar.single_nat_gateway||var.create_elasticache_subnet_route_table?0:count.index,\n)")
}
createElasticacheNetworkAcl = createElasticacheSubnets && elasticacheDedicatedNetworkAcl
resource "elasticacheResource4" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createElasticacheNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = elasticache[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.elasticache_subnet_suffix}\"},\nvar.tags,\nvar.elasticache_acl_tags,\n)")
}
resource "elasticacheInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createElasticacheNetworkAcl ? length(elasticacheInboundAclRules) : 0
}
networkAclId = elasticacheResource4[0].id
egress = false
ruleNumber = elasticacheInboundAclRules[range.value]["rule_number"]
ruleAction = elasticacheInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = elasticacheInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.elasticache_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "elasticacheOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createElasticacheNetworkAcl ? length(elasticacheOutboundAclRules) : 0
}
networkAclId = elasticacheResource4[0].id
egress = true
ruleNumber = elasticacheOutboundAclRules[range.value]["rule_number"]
ruleAction = elasticacheOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = elasticacheOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.elasticache_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createIntraSubnets = mycreateVpc && lenIntraSubnets > 0
resource "intra" "aws:ec2/subnet:Subnet" {
options {
range = createIntraSubnets ? lenIntraSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && intraSubnetIpv6Native ? true : intraSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = intraSubnetIpv6Native ? null : notImplemented("element(concat(var.intra_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && intraSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && intraSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !intraSubnetIpv6Native && intraSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(intraSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = intraSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && intraSubnetIpv6Native
privateDnsHostnameTypeOnLaunch = intraSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.intra_subnet_names[count.index],\nformat(\"$${var.name}-$${var.intra_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.intra_subnet_tags,\n)")
}
resource "intraResource" "aws:ec2/routeTable:RouteTable" {
options {
range = createIntraSubnets ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.intra_subnet_suffix}\"},\nvar.tags,\nvar.intra_route_table_tags,\n)")
}
resource "intraResource2" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createIntraSubnets ? lenIntraSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.intra[*].id,count.index)")
routeTableId = notImplemented("element(aws_route_table.intra[*].id,0)")
}
createIntraNetworkAcl = createIntraSubnets && intraDedicatedNetworkAcl
resource "intraResource3" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createIntraNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = intra[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.intra_subnet_suffix}\"},\nvar.tags,\nvar.intra_acl_tags,\n)")
}
resource "intraInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createIntraNetworkAcl ? length(intraInboundAclRules) : 0
}
networkAclId = intraResource3[0].id
egress = false
ruleNumber = intraInboundAclRules[range.value]["rule_number"]
ruleAction = intraInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = intraInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.intra_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "intraOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createIntraNetworkAcl ? length(intraOutboundAclRules) : 0
}
networkAclId = intraResource3[0].id
egress = true
ruleNumber = intraOutboundAclRules[range.value]["rule_number"]
ruleAction = intraOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = intraOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.intra_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
createOutpostSubnets = mycreateVpc && lenOutpostSubnets > 0
resource "outpost" "aws:ec2/subnet:Subnet" {
options {
range = createOutpostSubnets ? lenOutpostSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && outpostSubnetIpv6Native ? true : outpostSubnetAssignIpv6AddressOnCreation
availabilityZone = outpostAz
cidrBlock = outpostSubnetIpv6Native ? null : notImplemented("element(concat(var.outpost_subnets,[\"\"]),count.index)")
customerOwnedIpv4Pool = customerOwnedIpv4Pool
enableDns64 = enableIpv6 && outpostSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && outpostSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !outpostSubnetIpv6Native && outpostSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(outpostSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = outpostSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && outpostSubnetIpv6Native
mapCustomerOwnedIpOnLaunch = mapCustomerOwnedIpOnLaunch
outpostArn = outpostArn
privateDnsHostnameTypeOnLaunch = outpostSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.outpost_subnet_names[count.index],\nformat(\"$${var.name}-$${var.outpost_subnet_suffix}-%s\",var.outpost_az)\n)\n},\nvar.tags,\nvar.outpost_subnet_tags,\n)")
}
resource "outpostResource" "aws:ec2/routeTableAssociation:RouteTableAssociation" {
options {
range = createOutpostSubnets ? lenOutpostSubnets : 0
}
subnetId = notImplemented("element(aws_subnet.outpost[*].id,count.index)")
routeTableId = notImplemented("element(\naws_route_table.private[*].id,\nvar.single_nat_gateway?0:count.index,\n)")
}
createOutpostNetworkAcl = createOutpostSubnets && outpostDedicatedNetworkAcl
resource "outpostResource2" "aws:ec2/networkAcl:NetworkAcl" {
options {
range = createOutpostNetworkAcl ? 1 : 0
}
vpcId = vpcId
subnetIds = outpost[*].id
tags = notImplemented("merge(\n{\"Name\"=\"$${var.name}-$${var.outpost_subnet_suffix}\"},\nvar.tags,\nvar.outpost_acl_tags,\n)")
}
resource "outpostInbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createOutpostNetworkAcl ? length(outpostInboundAclRules) : 0
}
networkAclId = outpostResource2[0].id
egress = false
ruleNumber = outpostInboundAclRules[range.value]["rule_number"]
ruleAction = outpostInboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = outpostInboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.outpost_inbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
resource "outpostOutbound" "aws:ec2/networkAclRule:NetworkAclRule" {
options {
range = createOutpostNetworkAcl ? length(outpostOutboundAclRules) : 0
}
networkAclId = outpostResource2[0].id
egress = true
ruleNumber = outpostOutboundAclRules[range.value]["rule_number"]
ruleAction = outpostOutboundAclRules[range.value]["rule_action"]
fromPort = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"from_port\",null)")
toPort = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"to_port\",null)")
icmpCode = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"icmp_code\",null)")
icmpType = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"icmp_type\",null)")
protocol = outpostOutboundAclRules[range.value]["protocol"]
cidrBlock = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"cidr_block\",null)")
ipv6CidrBlock = notImplemented("lookup(var.outpost_outbound_acl_rules[count.index],\"ipv6_cidr_block\",null)")
}
################################################################################
# Internet Gateway
################################################################################
resource "thisResource4" "aws:ec2/internetGateway:InternetGateway" {
options {
range = createPublicSubnets && createIgw ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=var.name},\nvar.tags,\nvar.igw_tags,\n)")
}
resource "thisResource5" "aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway" {
options {
range = mycreateVpc && createEgressOnlyIgw && enableIpv6 && maxSubnetLength > 0 ? 1 : 0
}
vpcId = vpcId
tags = notImplemented("merge(\n{\"Name\"=var.name},\nvar.tags,\nvar.igw_tags,\n)")
}
resource "privateIpv6Egress" "aws:ec2/route:Route" {
options {
range = mycreateVpc && createEgressOnlyIgw && enableIpv6 ? lenPrivateSubnets : 0
}
routeTableId = notImplemented("element(aws_route_table.private[*].id,count.index)")
destinationIpv6CidrBlock = "::/0"
egressOnlyGatewayId = notImplemented("element(aws_egress_only_internet_gateway.this[*].id,0)")
}
natGatewayCount = singleNatGateway ? 1 : oneNatGatewayPerAz ? length(azs) : maxSubnetLength
natGatewayIps = reuseNatIps ? externalNatIpIds : notImplemented("try(aws_eip.nat[*].id,[])")
resource "nat" "aws:ec2/eip:Eip" {
options {
range = mycreateVpc && enableNatGateway && !reuseNatIps ? natGatewayCount : 0
}
domain = "vpc"
tags = notImplemented("merge(\n{\n\"Name\"=format(\n\"$${var.name}-%s\",\nelement(var.azs,var.single_nat_gateway?0:count.index),\n)\n},\nvar.tags,\nvar.nat_eip_tags,\n)")
}
resource "thisResource6" "aws:ec2/natGateway:NatGateway" {
options {
range = mycreateVpc && enableNatGateway ? natGatewayCount : 0
}
allocationId = notImplemented("element(\nlocal.nat_gateway_ips,\nvar.single_nat_gateway?0:count.index,\n)")
subnetId = notImplemented("element(\naws_subnet.public[*].id,\nvar.single_nat_gateway?0:count.index,\n)")
tags = notImplemented("merge(\n{\n\"Name\"=format(\n\"$${var.name}-%s\",\nelement(var.azs,var.single_nat_gateway?0:count.index),\n)\n},\nvar.tags,\nvar.nat_gateway_tags,\n)")
}
resource "privateNatGateway" "aws:ec2/route:Route" {
options {
range = mycreateVpc && enableNatGateway ? natGatewayCount : 0
}
routeTableId = notImplemented("element(aws_route_table.private[*].id,count.index)")
destinationCidrBlock = natGatewayDestinationCidrBlock
natGatewayId = notImplemented("element(aws_nat_gateway.this[*].id,count.index)")
}
resource "privateDns64NatGateway" "aws:ec2/route:Route" {
options {
range = mycreateVpc && enableNatGateway && enableIpv6 && privateSubnetEnableDns64 ? natGatewayCount : 0
}
routeTableId = notImplemented("element(aws_route_table.private[*].id,count.index)")
destinationIpv6CidrBlock = "64:ff9b::/96"
natGatewayId = notImplemented("element(aws_nat_gateway.this[*].id,count.index)")
}
################################################################################
# Customer Gateways
################################################################################
resource "thisResource7" "aws:ec2/customerGateway:CustomerGateway" {
options {
range = customerGateways
}
bgpAsn = range.value["bgp_asn"]
ipAddress = range.value["ip_address"]
deviceName = notImplemented("lookup(each.value,\"device_name\",null)")
type = "ipsec.1"
tags = notImplemented("merge(\n{Name=\"$${var.name}-$${each.key}\"},\nvar.tags,\nvar.customer_gateway_tags,\n)")
}
################################################################################
# VPN Gateway
################################################################################
resource "thisResource8" "aws:ec2/vpnGateway:VpnGateway" {
options {
range = mycreateVpc && enableVpnGateway ? 1 : 0
}
vpcId = vpcId
amazonSideAsn = amazonSideAsn
availabilityZone = vpnGatewayAz
tags = notImplemented("merge(\n{\"Name\"=var.name},\nvar.tags,\nvar.vpn_gateway_tags,\n)")
}
resource "thisResource9" "aws:ec2/vpnGatewayAttachment:VpnGatewayAttachment" {
options {
range = vpnGatewayId != "" ? 1 : 0
}
vpcId = vpcId
vpnGatewayId = vpnGatewayId
}
resource "publicResource4" "aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation" {
options {
range = mycreateVpc && propagatePublicRouteTablesVgw && (enableVpnGateway || vpnGatewayId != "") ? 1 : 0
}
routeTableId = notImplemented("element(aws_route_table.public[*].id,count.index)")
vpnGatewayId = notImplemented("element(\nconcat(\naws_vpn_gateway.this[*].id,\naws_vpn_gateway_attachment.this[*].vpn_gateway_id,\n),\ncount.index,\n)")
}
resource "privateResource4" "aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation" {
options {
range = mycreateVpc && propagatePrivateRouteTablesVgw && (enableVpnGateway || vpnGatewayId != "") ? lenPrivateSubnets : 0
}
routeTableId = notImplemented("element(aws_route_table.private[*].id,count.index)")
vpnGatewayId = notImplemented("element(\nconcat(\naws_vpn_gateway.this[*].id,\naws_vpn_gateway_attachment.this[*].vpn_gateway_id,\n),\ncount.index,\n)")
}
resource "intraResource4" "aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation" {
options {
range = mycreateVpc && propagateIntraRouteTablesVgw && (enableVpnGateway || vpnGatewayId != "") ? lenIntraSubnets : 0
}
routeTableId = notImplemented("element(aws_route_table.intra[*].id,count.index)")
vpnGatewayId = notImplemented("element(\nconcat(\naws_vpn_gateway.this[*].id,\naws_vpn_gateway_attachment.this[*].vpn_gateway_id,\n),\ncount.index,\n)")
}
################################################################################
# Default VPC
################################################################################
resource "thisResource10" "aws:ec2/defaultVpc:DefaultVpc" {
options {
range = manageDefaultVpc ? 1 : 0
}
enableDnsSupport = defaultVpcEnableDnsSupport
enableDnsHostnames = defaultVpcEnableDnsHostnames
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.default_vpc_name,\"default\")},\nvar.tags,\nvar.default_vpc_tags,\n)")
}
resource "thisResource11" "aws:ec2/defaultSecurityGroup:DefaultSecurityGroup" {
options {
range = mycreateVpc && manageDefaultSecurityGroup ? 1 : 0
}
ingress = [for entry in entries(defaultSecurityGroupIngress) : {
self = notImplemented("lookup(ingress.value,\"self\",null)")
cidrBlocks = notImplemented("compact(split(\",\",lookup(ingress.value,\"cidr_blocks\",\"\")))")
ipv6CidrBlocks = notImplemented("compact(split(\",\",lookup(ingress.value,\"ipv6_cidr_blocks\",\"\")))")
prefixListIds = notImplemented("compact(split(\",\",lookup(ingress.value,\"prefix_list_ids\",\"\")))")
securityGroups = notImplemented("compact(split(\",\",lookup(ingress.value,\"security_groups\",\"\")))")
description = notImplemented("lookup(ingress.value,\"description\",null)")
fromPort = notImplemented("lookup(ingress.value,\"from_port\",0)")
toPort = notImplemented("lookup(ingress.value,\"to_port\",0)")
protocol = notImplemented("lookup(ingress.value,\"protocol\",\"-1\")")
}]
egress = [for entry in entries(defaultSecurityGroupEgress) : {
self = notImplemented("lookup(egress.value,\"self\",null)")
cidrBlocks = notImplemented("compact(split(\",\",lookup(egress.value,\"cidr_blocks\",\"\")))")
ipv6CidrBlocks = notImplemented("compact(split(\",\",lookup(egress.value,\"ipv6_cidr_blocks\",\"\")))")
prefixListIds = notImplemented("compact(split(\",\",lookup(egress.value,\"prefix_list_ids\",\"\")))")
securityGroups = notImplemented("compact(split(\",\",lookup(egress.value,\"security_groups\",\"\")))")
description = notImplemented("lookup(egress.value,\"description\",null)")
fromPort = notImplemented("lookup(egress.value,\"from_port\",0)")
toPort = notImplemented("lookup(egress.value,\"to_port\",0)")
protocol = notImplemented("lookup(egress.value,\"protocol\",\"-1\")")
}]
vpcId = this[0].id
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.default_security_group_name,\"$${var.name}-default\")},\nvar.tags,\nvar.default_security_group_tags,\n)")
}
################################################################################
# Default Network ACLs
################################################################################
resource "thisResource12" "aws:ec2/defaultNetworkAcl:DefaultNetworkAcl" {
options {
range = mycreateVpc && manageDefaultNetworkAcl ? 1 : 0
}
ingress = [for entry in entries(defaultNetworkAclIngress) : {
action = entry.value.action
cidrBlock = notImplemented("lookup(ingress.value,\"cidr_block\",null)")
fromPort = entry.value.fromPort
icmpCode = notImplemented("lookup(ingress.value,\"icmp_code\",null)")
icmpType = notImplemented("lookup(ingress.value,\"icmp_type\",null)")
ipv6CidrBlock = notImplemented("lookup(ingress.value,\"ipv6_cidr_block\",null)")
protocol = entry.value.protocol
ruleNo = entry.value.ruleNo
toPort = entry.value.toPort
}]
egress = [for entry in entries(defaultNetworkAclEgress) : {
action = entry.value.action
cidrBlock = notImplemented("lookup(egress.value,\"cidr_block\",null)")
fromPort = entry.value.fromPort
icmpCode = notImplemented("lookup(egress.value,\"icmp_code\",null)")
icmpType = notImplemented("lookup(egress.value,\"icmp_type\",null)")
ipv6CidrBlock = notImplemented("lookup(egress.value,\"ipv6_cidr_block\",null)")
protocol = entry.value.protocol
ruleNo = entry.value.ruleNo
toPort = entry.value.toPort
}]
defaultNetworkAclId = this[0].defaultNetworkAclId
subnetIds = null
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.default_network_acl_name,\"$${var.name}-default\")},\nvar.tags,\nvar.default_network_acl_tags,\n)")
}
################################################################################
# Default Route
################################################################################
resource "default" "aws:ec2/defaultRouteTable:DefaultRouteTable" {
options {
range = mycreateVpc && manageDefaultRouteTable ? 1 : 0
}
routes = [for entry in entries(defaultRouteTableRoutes) : {
# One of the following destinations must be provided
cidrBlock = entry.value.cidrBlock
ipv6CidrBlock = notImplemented("lookup(route.value,\"ipv6_cidr_block\",null)")
# One of the following targets must be provided
egressOnlyGatewayId = notImplemented("lookup(route.value,\"egress_only_gateway_id\",null)")
gatewayId = notImplemented("lookup(route.value,\"gateway_id\",null)")
instanceId = notImplemented("lookup(route.value,\"instance_id\",null)")
natGatewayId = notImplemented("lookup(route.value,\"nat_gateway_id\",null)")
networkInterfaceId = notImplemented("lookup(route.value,\"network_interface_id\",null)")
transitGatewayId = notImplemented("lookup(route.value,\"transit_gateway_id\",null)")
vpcEndpointId = notImplemented("lookup(route.value,\"vpc_endpoint_id\",null)")
vpcPeeringConnectionId = notImplemented("lookup(route.value,\"vpc_peering_connection_id\",null)")
}]
defaultRouteTableId = this[0].defaultRouteTableId
propagatingVgws = defaultRouteTablePropagatingVgws
tags = notImplemented("merge(\n{\"Name\"=coalesce(var.default_route_table_name,\"$${var.name}-default\")},\nvar.tags,\nvar.default_route_table_tags,\n)")
}
In case it helps, trying to convert
https://github.com/terraform-aws-modules/terraform-aws-vpc
throws the same sort of cannot iterate over a value of a type number
errors.
error: main.pp:84,5-115: cannot iterate over a value of type number;
error: main.pp:115,5-55: cannot iterate over a value of type number;
error: main.pp:184,5-57: cannot iterate over a value of type number;
error: main.pp:207,5-78: cannot iterate over a value of type number;
error: main.pp:215,5-57: cannot iterate over a value of type number;
error: main.pp:267,5-59: cannot iterate over a value of type number;
error: main.pp:301,5-123: cannot iterate over a value of type number;
error: main.pp:309,5-59: cannot iterate over a value of type number;
error: main.pp:325,5-177: cannot iterate over a value of type number;
error: main.pp:333,5-219: cannot iterate over a value of type number;
error: main.pp:393,5-59: cannot iterate over a value of type number;
error: main.pp:435,5-84: cannot iterate over a value of type number;
error: main.pp:443,5-83: cannot iterate over a value of type number;
error: main.pp:495,5-65: cannot iterate over a value of type number;
error: main.pp:535,5-65: cannot iterate over a value of type number;
error: main.pp:586,5-53: cannot iterate over a value of type number;
error: main.pp:616,5-53: cannot iterate over a value of type number;
error: main.pp:666,5-57: cannot iterate over a value of type number;
error: main.pp:690,5-57: cannot iterate over a value of type number;
error: main.pp:760,5-85: cannot iterate over a value of type number;
error: main.pp:770,5-82: cannot iterate over a value of type number;
warning: main.pp:772,3-9: unsupported attribute 'domain'; unsupported attribute 'domain'
error: main.pp:778,5-66: cannot iterate over a value of type number;
error: main.pp:789,5-66: cannot iterate over a value of type number;
error: main.pp:797,5-108: cannot iterate over a value of type number;
error: main.pp:849,5-126: cannot iterate over a value of type number;
error: main.pp:857,5-122: cannot iterate over a value of type number;
A couple of snippets of code from the lines identified in the error:
Fwiw, all the lines identfied in the error messages point to the options
line of the resource.
main.pp:84:
Line 84 is the options
line
resource "public" "aws:ec2/subnet:Subnet" {
options {
range = createPublicSubnets && (!oneNatGatewayPerAz || lenPublicSubnets >= length(azs)) ? lenPublicSubnets : 0
}
assignIpv6AddressOnCreation = enableIpv6 && publicSubnetIpv6Native ? true : publicSubnetAssignIpv6AddressOnCreation
availabilityZone = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) > 0 ? notImplemented("element(var.azs,count.index)") : null
availabilityZoneId = length(notImplemented("regexall(\"^[a-z]{2}-\",element(var.azs,count.index))")) == 0 ? notImplemented("element(var.azs,count.index)") : null
cidrBlock = publicSubnetIpv6Native ? null : notImplemented("element(concat(var.public_subnets,[\"\"]),count.index)")
enableDns64 = enableIpv6 && publicSubnetEnableDns64
enableResourceNameDnsAaaaRecordOnLaunch = enableIpv6 && publicSubnetEnableResourceNameDnsAaaaRecordOnLaunch
enableResourceNameDnsARecordOnLaunch = !publicSubnetIpv6Native && publicSubnetEnableResourceNameDnsARecordOnLaunch
ipv6CidrBlock = enableIpv6 && length(publicSubnetIpv6Prefixes) > 0 ? invoke("std:index:cidrsubnet", {
input = this[0].ipv6CidrBlock
newbits = 8
netnum = publicSubnetIpv6Prefixes[range.value]
}).result : null
ipv6Native = enableIpv6 && publicSubnetIpv6Native
mapPublicIpOnLaunch = mapPublicIpOnLaunch
privateDnsHostnameTypeOnLaunch = publicSubnetPrivateDnsHostnameTypeOnLaunch
vpcId = vpcId
tags = notImplemented("merge(\n{\nName=try(\nvar.public_subnet_names[count.index],\nformat(\"$${var.name}-$${var.public_subnet_suffix}-%s\",element(var.azs,count.index))\n)\n},\nvar.tags,\nvar.public_subnet_tags,\nlookup(var.public_subnet_tags_per_az,element(var.azs,count.index),{})\n)")
}
main.pp:770
line 770 is the options again (in fact all the errors point to the options
line)
resource "nat" "aws:ec2/eip:Eip" {
options {
range = mycreateVpc && enableNatGateway && !reuseNatIps ? natGatewayCount : 0
}
domain = "vpc"
tags = notImplemented("merge(\n{\n\"Name\"=format(\n\"$${var.name}-%s\",\nelement(var.azs,var.single_nat_gateway?0:count.index),\n)\n},\nvar.tags,\nvar.nat_eip_tags,\n)")
}
pulumi about:
CLI
Version 3.73.0
Go Version go1.20.5
Go Compiler gc
Host
OS darwin
Version 13.4.1
Arch x86_64
What happened?
I ran the command twice and got what I believe to be a network hiccup error the first time, and then some output requesting that I submit a bug report.
Expected Behavior
I expected
pulumi convert --from terraform --language typescript --out tf-to-pulumi
to generate Pulumi code given the terraform code I have.Steps to reproduce
First run (I believe this to be a network hiccup error):
Second run:
Output of
pulumi about
Additional context
I believe that I saw two other issues that closely relate: #13191 and #13173.
I saw in #13173 that the
pulumi plugin ls
output was requested. Here is that information:Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).