"Error in function call" when using neither private subnets nor NAT

[cm-dk]

Description

TF errors out when trying to create a VPC with database subnets but no private subnets and no NAT gateways: Call to function "coalescelist" failed: no non-null arguments.

It seems that the aws_route_table.private isn't created in this case (per count condition), but it is apparently meant to be referenced in aws_route_table_association.database.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

• Module version [Required]: 5.0.0

• Terraform version: 1.4.6

• Provider version(s): 5.0.1

Reproduction Code [Required]

module "vpc" {
  source = "github.com/terraform-aws-modules/terraform-aws-vpc?ref=v5.0.0"

  name = "foo"
  cidr = "10.0.0.0/16"
  azs  = ["eu-central-1a", "eu-central-1b"]

  enable_dns_hostnames = true
  enable_dns_support   = true
  enable_nat_gateway   = false
  enable_ipv6          = false

  public_subnets = [ "10.0.0.0/24", "10.0.1.0/24" ]
  database_subnets = [ "10.0.10.0/24", "10.0.11.0/24" ]
  #private_subnets = [ "10.0.20.0/24", "10.0.21.0/24" ]
}

Expected behavior

No error.

Actual behavior

Error in function call (see below).

Terminal Output Screenshot(s)

│ Error: Error in function call
│ 
│   on .terraform/modules/vpc/main.tf line 410, in resource "aws_route_table_association" "database":
│  410:     coalescelist(aws_route_table.database[*].id, aws_route_table.private[*].id),
│     ├────────────────
│     │ while calling coalescelist(vals...)
│     │ aws_route_table.database is empty tuple
│     │ aws_route_table.private is empty tuple
│ 
│ Call to function "coalescelist" failed: no non-null arguments.

Additional context

This configuration worked fine with old version v3.2.0.

When patching the module's main.tf like this ...

 # There are as many routing tables as the number of NAT gateways
 resource "aws_route_table" "private" {
-  count = local.create_private_subnets && local.max_subnet_length > 0 ? local.nat_gateway_count : 0
+  count = local.create_private_subnets || local.max_subnet_length > 0 ? local.nat_gateway_count : 0

... it works correctly. I would submit a PR, but I don't understand the logic / intention well enough to be certain that this is a proper fix for all valid configuration options.

[bkdjt]

I'm receiving the exact error as well albeit on version 4.0.2

[peikk0]

Same here with v5.0.0

[marcinswigon]

I had the same issue. Moreover it does not happen when you run apply with -target set to a resource that uses database subnet (a missing dependency in output variables?). Easiest way to deal with the issue in your own terraform code is to add following parameter to vpc module:

  create_database_subnet_route_table = True

[phene]

Easiest way to deal with the issue in your own terraform code is to add following parameter to vpc module:

I specifically don't want to enable create_database_subnet_route_table (temporarily, as part of a migration path) and I'm not creating private subnets yet.

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[cm-dk]

Remove stale label or comment or this issue will be closed in 10 days

Not fixed, as far as I know, so it may be stale but should not be closed IMHO.

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[arunsisodiya]

Why there are no fixes provided for this ticket? I am also facing this issue when migrating from v3 to v4 and further.

There should be mention of steps to take when migrating from v3 to v4. The problem with create_database_subnet_route_table option is that even after we make this true, Terraform is trying to delete the private route tables and routes.

So I have no idea how impactful this will be to delete the private route tables and use database route tables but in the end, I don't want to have anything like this being deleted during migration. :)

If anyone can provide a right fix for that, it will be awesome.

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[peikk0]

Not stale, still waiting for a fix.

[jaksonwkr]

I'm experiencing the same issue. I have create_database_subnet_route_table set to true but the problem persist.

[AsoTora]

+1 on this, tried to upgrade 3.19.0 -> 5.4.0, create_database_subnet_route_table = true was going to delete route tables, which was a no-go for me.

[MarioAhmad]

Is there any update on this? I'm trying to create a private subnet only but get the same issue.

[MathRdt]

Hello guys.

I encountered the same issue as you when migrating from 3.x to 4.x or 5.x version with no private subnets and a database subnet.

The solution I have for this is :

1. upgrade module version >= 4.0.0
2. add the create_database_subnet_route_table = true argument

As @AsoTora mentioned, in the current state it will delete your private route table and recreate another database route table (one for each database subnet you have).

So what you have to do, is manually move your terraform state to match the new version expectations via the terraform state mv command, like this :

terraform state mv "module.vpc.aws_route_table.private[0]" "module.vpc.aws_route_table.database[0]"
terraform state mv "module.vpc.aws_route_table.private[1]" "module.vpc.aws_route_table.database[1]"

Previous and new terraform state path may vary depending on your configuration (for instance my vpc module is nested in my own landing zone module), so I had to change the command to :

terraform state mv "module.landing_zone.module.vpc.aws_route_table.private[0]" "module.landing_zone.module.vpc.aws_route_table.database[0]"

After this you should be good. Be sure to enable/disable all new options provided by the 4.x or 5.x version of this module that you want or not