Error in function call for private_ipv6_egress in version 5.7.1

[martin-pronestor]

Description

Please provide a clear and concise description of the issue you are encountering, and a reproduction of your configuration (see the examples/* directory for references that you can copy+paste and tailor to match your configs if you are unable to copy your exact configuration). The reproduction MUST be executable by running terraform init && terraform apply without any further changes.

If your request is for a new feature, please use the Feature request template.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]: 5.7.1

• Terraform version: 1.7.5

• Provider version(s): provider registry.terraform.io/hashicorp/aws v5.44.0

Reproduction Code [Required]

module "dev_vpc" {
  source = "terraform-aws-modules/vpc/aws"

  name = "dev"
  cidr = "172.30.0.0/16"
  azs  = formatlist("${data.aws_region.current.name}%s", ["a", "b", "c"])

  enable_dns_hostnames = true
  create_igw           = true
  enable_ipv6          = true

  map_public_ip_on_launch                       = true
  public_subnet_assign_ipv6_address_on_creation = true

  public_subnet_enable_dns64  = false
  public_subnet_ipv6_prefixes = [0, 1, 2]
  public_subnets = [
    "172.30.0.0/20",
    "172.30.16.0/20",
    "172.30.32.0/20"
  ]
}

Steps to reproduce the behavior:

• Are you using workspaces? No.
• Have you cleared the local cache (see Notice section above)? Yes.
• List steps in order that led up to the issue you encountered: Updated the module version to the latest available.

Expected behavior

Expected that the example above would work as it has in previous versions.

Actual behavior

The following error is logged when using the above set up with the latest version of the module:

│ Error: Error in function call
│ 
│   on .terraform/modules/dev_vpc/main.tf line 1026, in resource "aws_route" "private_ipv6_egress":
│ 1026:   route_table_id              = element(aws_route_table.private[*].id, count.index)
│     ├────────────────
│     │ while calling element(list, index)
│     │ aws_route_table.private is empty tuple
│     │ count.index is 0
│ 
│ Call to function "element" failed: cannot use element function with an
│ empty list.

Additional context

The VPC in this example is used for public services only. There is no need for a private subnet, and running a NAT gateway is not necessary for this type of service.

[bryantbiggs]

this is most likely related to #1059 - @wiseelf / @RunCor399

[RunCor399]

I believe that the problem is solvable by adding an additional constraint on how the "count" variable for the "private_ipv6_egress" resource is determined. (For instance by verifying that number of private subnets is greater than 0)

[RunCor399]

I've submitted a PR that for me solved the problem @bryantbiggs

[antonbabenko]

This issue has been resolved in version 5.7.2 :tada:

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.