@klagan wrote:

I can get the data resource of an application using:

data “azuread_application” “example” {
name = “my-app-registration-name”
}

But how can i edit the reply urls? Add, delete etc.

Posts: 1

Participants: 1

Read full topic

@bpinske wrote:

I have a list of subnets IDs and I want to get an array of the cidr_blocks associated to each subnet.

variable "aws_subnet_ids" {
  type = list(string)
  default = ["subnet-aaaaaaaa","subnet-bbbbbbbb"]
}

desired_output = ['10.0.1.0/24', '10.0.2.0/24']

I’ve been fiddling around with for loops and count data for a quite a while for what should be a really simple problem. But I’m having a hard time finding an appropriate way to actually do this.

This seemed like a decent example to work off of, but you can’t actually use a for_each in a data source off a list of strings. https://www.terraform.io/docs/providers/aws/d/subnet_ids.html

data "aws_subnet" "example" {
  for_each = var.aws_subnet_ids
  cidr_blocks       = each.cidr_block
}

output "subnet_cidr_blocks" {
  value = [for s in data.aws_subnet.example : s.cidr_block]
}

Posts: 2

Participants: 2

Read full topic

@johnjjung wrote:

I’m thinking of building a tool that is platform agnostic to AWS, GCP, Azure and looks like their web consoles where you can spawn instances, DBs, etc… but can generate terraform code/templates.

The target market will be for folks who are not senior infrastructure engineers, but more busy full stack devs, startup CTO’s, etc… I think this will accelerate the terraform adoption. Yes, everyone has a cloud console, but after you do it on the web, you don’t have code as infrastructure. So the idea is if there is a web interface that can mimic the AWS/GCP/Azure consoles, but generate code than it could be useful.

Would like feedback from the community, started working on a small MVP to get some feedback - will post it here soon.

Posts: 2

Participants: 2

Read full topic

@JohnDelisle wrote:

I’m working to create a mesh of Azure VNets using VNet Peering, meaning every VNet needs to be peered to every other VNet, but not to itself.

I thought I could take a set of VNets and “setproduct” it against itself, like this:

locals {
  vnets = ["vnet-1", "vnet-2", "vnet-3"]
  vnet_peers = setproduct(local.vnets, local.vnets)
}

But, this the result includes sets where both items are the same, as below:

local.vnet_peers
[
  [
    "vnet-1",
    "vnet-1",
  ],
  [
    "vnet-1",
    "vnet-2",
  ],
  [
    "vnet-1",
    "vnet-3",
  ],
  [
    "vnet-2",
    "vnet-1",
  ],
  [
    "vnet-2",
    "vnet-2",
  ],
  [
    "vnet-2",
    "vnet-3",
  ],
  [
    "vnet-3",
    "vnet-1",
  ],
  [
    "vnet-3",
    "vnet-2",
  ],
  [
    "vnet-3",
    "vnet-3",
  ],
]

My goal here is to get a result that doesn’t include sets where both items are the same. I need a result that doesn’t include items like the following:

BAD:

  [
    "vnet-1",
    "vnet-1",
  ]

GOOD:

  [
    "vnet-1",
    "vnet-2",
  ]

Any suggestions?

Posts: 1

Participants: 1

Read full topic

@derianpt wrote:

For example, I have a parent module that creates aws_db_instance resource,
with the tags argument:

tags = {
Name = “test”
Service = “service1”
Environment = “development”
}

Is there any way that I can append/modify this argument from a child module?

Use case is I want to add more tags to the RDS instance without modifying the parent module.

Posts: 1

Participants: 1

Read full topic

@adil505 wrote:

Hi,

I am new to terraform, not sure if this is bug with terraform, aws or I am missing something here.
My versions:
terraform v0.12.20
provider.aws v2.47.0
OS Ubuntu 18.04.3
I am using this piece of code to create aws_route_table resource:

resource “aws_route_table” “public” {
vpc_id = “{aws_vpc.main.id}" route = { cidr_block = "0.0.0.0/0" gateway_id = "{aws_internet_gateway.igw.id}”
}
}

Following the guidance from 0.12 version syntax, I had to change vpc_id and gateway_id without dollar sign, quotes and parenthesis. This worked fine not just with aws_route_table resource but with other resources too. The problem I see is for the route section of the code. I tried these variations of code but terraform plan gives me one or other error.

Code variations for route section:

route = {
cidr_block = “0.0.0.0/0”
gateway_id = aws_internet_gateway.igw.id
}

terraform plan result:

Error: Incorrect attribute value type
on mainvpc.tf line 91, in resource “aws_route_table” “public”:
91: route = {
92: cidr_block = “0.0.0.0/0”
93: gateway_id = aws_internet_gateway.igw.id
94: }
Inappropriate value for attribute “route”: set of object required.

route = [
cidr_block = “0.0.0.0/0”
gateway_id = aws_internet_gateway.igw.id
]

terraform plan result:

Error: Missing item separator
on mainvpc.tf line 92, in resource “aws_route_table” “public”:
91:
92: cidr_block = “0.0.0.0/0”
Expected a comma to mark the beginning of the next item.

route = [
cidr_block = “0.0.0.0/0”,
gateway_id = aws_internet_gateway.igw.id
]

terraform plan result:

Error: Missing item separator
on mainvpc.tf line 92, in resource “aws_route_table” “public”:
91:
92: cidr_block = “0.0.0.0/0”,
Expected a comma to mark the beginning of the next item.

route = [
cidr_block , “0.0.0.0/0”,
gateway_id = aws_internet_gateway.igw.id
]

terraform plan result:

Error: Missing item separator
on mainvpc.tf line 93, in resource “aws_route_table” “public”:
91:
92:
93: gateway_id = aws_internet_gateway.igw.id
Expected a comma to mark the beginning of the next item.

route = [
cidr_block , “0.0.0.0/0”,
gateway_id , aws_internet_gateway.igw.id
]

terraform plan result:
Error: Invalid reference

on mainvpc.tf line 93, in resource “aws_route_table” “public”:
93: gateway_id , aws_internet_gateway.igw.id

A reference to a resource type must be followed by at least one attribute

access, specifying the resource name.

Can you please have look at this to determine what would be the correct code/syntax in this case? To be honest, I wouldn’t qualify to call it a bug but ran out of online help for this issue so thought it may be one.
Thanks in advance.
Regards,
Adil

Posts: 1

Participants: 1

Read full topic

@manishingole-coder wrote:

Hey there,

I am trying to create vsphere_virtual_disk however stuck in one issue.

resource “vsphere_virtual_disk” “disk_2” {

vmdk_path = “sharedwal/walbackup.vmdk”

size = 10

datacenter = var.dcname

datastore = “var.datastorename”

type = “thin”

}

Here disk with name walbackup.vmdk creating in sharedwal but created with 0 Kb and terraform apply says still creating and going in the infinite mode of still creating. I waited for 1 hour still getting
module.edb-db-cluster.vsphere_virtual_disk.disk_2: Still creating… [1h10s elapsed]

I am using terraform version 0.12.20.

Can someone please help me with this?

Posts: 1

Participants: 1

Read full topic

@CarpathianUA wrote:

Hi,

I use a TF module to provision an EKS cluster with limited public access to k8s control plane. I want to whitelist a CIDR range of Terraform Cloud for EKS control plane to be able to apply changes.

What’s a CIDR of Terrafrom Cloud service?

Posts: 1

Participants: 1

Read full topic

@timtylin wrote:

One section of my config gathers a bunch of local variables in a module and puts them in a mapping, so that they can all be dumped to Parameter Store. At first thought I’ve tried to do:

locals {
    store_keys = ["aws_region", "ami", "sqs_arn", "vpc_id", "scheduler_subnet", "compute_subnets", "security_group", "ec2_access_key", "efs_dns_name", "efs_mount_ip"]
    store_params = { for attr in local.store_keys : attr => local[attr] }
}

However this did not pass validation, Terraform basically complained that local cannot be accessed like a map. In the end I’ve resorted to doing:

locals {
  store_params = {
    aws_region       = local.aws_region
    sqs_arn          = local.sqs_arn
    ami              = local.ami
    vpc_id           = local.vpc_id
    scheduler_subnet = local.scheduler_subnet
    compute_subnets  = local.compute_subnets
    security_group   = local.security_group
    ec2_access_key   = local.ec2_access_key
    efs_dns_name     = local.efs_dns_name
    efs_mount_ip     = local.efs_mount_ip
  }
}

This works, but I’m thinking that surely there must be a better way to gather a large number of local variables? Is there something obvious that I’m missing?

Posts: 2

Participants: 2

Read full topic

@mpenna wrote:

Hi there,

I have this aws_appautoscaling_policy resource that keeps fetching the wrong values for the upper and lower bounds of its various step_adjustments settings. At some point the configuration state and the corresponding resource have diverged and now everytime I do a plan, Terraform reports back that the configured values (copied from the actual resource) are different form those currently fetched during the planning operation and therefore an update must be performed.

This is the configuration:

resource "aws_appautoscaling_policy" "api_up" {
  name               = "${local.api_name}-scale-up-pol"
  service_namespace  = "ecs"
  resource_id        = "service/${aws_ecs_cluster.default.name}/${aws_ecs_service.api.name}"
  scalable_dimension = "ecs:service:DesiredCount"

  step_scaling_policy_configuration {
    adjustment_type         = "ChangeInCapacity"
    cooldown                = 60
    metric_aggregation_type = "Average"

    step_adjustment {
      metric_interval_lower_bound = 35.0
      metric_interval_upper_bound = 55.0
      scaling_adjustment          = 6
    }

    step_adjustment {
      metric_interval_lower_bound = 55.0
      metric_interval_upper_bound = 75.0
      scaling_adjustment          = 12
    }

    step_adjustment {
      metric_interval_lower_bound = 75.0
      scaling_adjustment          = 18
    }
  }

  depends_on = [aws_appautoscaling_target.api]
}

And this is a screen grab of the policy currently attached to an ECS Service:

SNAG-2020-02-06-19-23-07746×179 11.2 KB

Posts: 1

Participants: 1

Read full topic

@chipitsine wrote:

Hello, when I add object to tf files, after that app.terraform.io runs and add them. What is the scenario to delete some of created objects ?

Posts: 1

Participants: 1

Read full topic

@asubmani wrote:

I am trying to simply my variables/tfvars. I usually export out from other tools to a csv/json & have to edit the JSON similar to :

    app_list = [{
  name       = "app1"
  BC         = "001"
  "Group" = "IT"
  }, 
{
  name       = "app2"
  BC         = "001"
  "Group" = "IT"
  }]

in my Main.tf I use

for_each = { for n in var.app_list : n.name => n } 
  name     = upper(join("-", [var.prefix, each.value.name, var.env]))

the above works; however I would like to maintain my list/array as:

{"application1"="app1"}
{"owner"= "Arjuna the great"}

I am not sure how to reference these as I am unable to use each.key and each.value (i.e. each.key should contain “application1” && “owner”)

is this possible with the for_each or for loops in terraform/HCL?

Most machine exports will save date in the above format & it would be easy to just export machine output and use that as tfvars.

I am trying to bulk create secrets in Azure key vault using a table as reference.

secret_Name	Secret_value
vmpassword	somerandom
vmowner	Krishna
APIkey	somerandomstring

Posts: 1

Participants: 1

Read full topic

@hafan wrote:

Hi,

I am facing issue with transit gateway association. I tried everything, but really don’t understand why isn’t working. I need to create TGW association with private subnet.

Thank you

My variables:

variable “AWS_REGION” {
default = “eu-central-1”
}

variable “public-subnet-mapping” {
description = “Lists the public subnets to be created in their respective AZ.”

default = [
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-PUB_A”
az = “eu-central-1a”
cidr = “192.168.112.0/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-PUB_B”
az = “eu-central-1b”
cidr = “192.168.112.128/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-PUB_C”
az = “eu-central-1c”
cidr = “192.168.113.0/25”
},
]
}

variable “private-subnet-mapping” {
description = “Lists the private subnets to be created in their respective AZ.”

default = [
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-INT_A”
az = “eu-central-1a”
cidr = “192.168.113.128/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-INT_B”
az = “eu-central-1b”
cidr = “192.168.114.0/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-INT_C”
az = “eu-central-1c”
cidr = “192.168.114.128/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-EXT_A”
az = “eu-central-1a”
cidr = “192.168.115.0/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-EXT_B”
az = “eu-central-1b”
cidr = “192.168.115.128/25”
},
{
name = “SB_VPC_CZECH-APPSTREAM-ICS-DMZ-EXT_C”
az = “eu-central-1c”
cidr = “192.168.116.0/25”
},
]
}

---

in my code everything work instead resource "aws_ec2_transit_gateway_vpc_attachment"

resource “aws_vpc” “VPC_CZECH-ICS” {
cidr_block = “192.168.112.0/21”
enable_dns_support = “true” #gives you an internal domain name
enable_dns_hostnames = “true” #gives you an internal host name
enable_classiclink = “false”
instance_tenancy = “default”

tags = {
    Name = "VPC_CZECH-ICS"
}

}

/*
Public Subnet block
*/

resource “aws_subnet” “public” {
count = length(var.public-subnet-mapping)

cidr_block = lookup(var.public-subnet-mapping[count.index], “cidr”)
vpc_id = aws_vpc.VPC_CZECH-ICS.id
availability_zone = lookup(var.public-subnet-mapping[count.index], “az”)

tags = {
Name = lookup(var.public-subnet-mapping[count.index], “name”)
}
}

resource “aws_route_table” “RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB” {
vpc_id = aws_vpc.VPC_CZECH-ICS.id

route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.IGW_VPC_CZECH-ICS.id
}
tags = {
  Name = "RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB"
}

}

resource “aws_route_table_association” “RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB” {
count = length(var.public-subnet-mapping)
subnet_id = element(aws_subnet.public.*.id,count.index)
route_table_id = aws_route_table.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB.id
}

/*
NAT Gateway
*/

resource “aws_internet_gateway” “IGW_VPC_CZECH-ICS” {
vpc_id = aws_vpc.VPC_CZECH-ICS.id

tags = {
  Name = "IGW_VPC_CZECH-ICS"
}

}

/*
Private Subnet block
*/

resource “aws_subnet” “private” {
count = length(var.private-subnet-mapping)

cidr_block = lookup(var.private-subnet-mapping[count.index], “cidr”)
vpc_id = aws_vpc.VPC_CZECH-ICS.id
availability_zone = lookup(var.private-subnet-mapping[count.index], “az”)

tags = {
Name = lookup(var.private-subnet-mapping[count.index], “name”)
}
}

resource “aws_route_table” “RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI” {
vpc_id = aws_vpc.VPC_CZECH-ICS.id

tags = {
  Name = "RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI"
}

}

resource “aws_route_table_association” “RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI” {
count = length(var.private-subnet-mapping)
subnet_id = element(aws_subnet.private.*.id,count.index)
route_table_id = aws_route_table.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI.id
}

/*
Transit gateway attachment
*/

resource “aws_ec2_transit_gateway_vpc_attachment” “TGW-ICS” {
count = 3
vpc_id = aws_vpc.VPC_CZECH-ICS.id
subnet_ids = aws_subnet.private[count.index]
transit_gateway_id = “tgw-0bc59e0c54ae8a943”

}

the error which I got:

aws_vpc.VPC_CZECH-ICS: Refreshing state… [id=vpc-041f0f9915dfc8c75]

aws_internet_gateway.IGW_VPC_CZECH-ICS: Refreshing state… [id=igw-0ee081dae8b777428]

aws_route_table.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI: Refreshing state… [id=rtb-0bdc5cfdb20260032]

aws_subnet.public[1]: Refreshing state… [id=subnet-08bfcaa7a6a07785d]

aws_subnet.public[2]: Refreshing state… [id=subnet-0b252cd45cd909235]

aws_subnet.public[0]: Refreshing state… [id=subnet-0061248e1d2a80d30]

aws_subnet.private[0]: Refreshing state… [id=subnet-057347b1f4179a93f]

aws_subnet.private[5]: Refreshing state… [id=subnet-056ad631837c27847]

aws_subnet.private[4]: Refreshing state… [id=subnet-0e2d09ba6b7d0bd3d]

aws_subnet.private[3]: Refreshing state… [id=subnet-018f3b3458d4e4a7b]

aws_subnet.private[2]: Refreshing state… [id=subnet-067768a900607f1f4]

aws_subnet.private[1]: Refreshing state… [id=subnet-09d9d0a9eff86fd22]

aws_route_table.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB: Refreshing state… [id=rtb-0f72ad3241e796de7]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[5]: Refreshing state… [id=rtbassoc-085227cd115d0b081]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[0]: Refreshing state… [id=rtbassoc-031b5a6392cb494a1]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[1]: Refreshing state… [id=rtbassoc-02915627e2cd18f45]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[4]: Refreshing state… [id=rtbassoc-0a5a950569925aba2]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[2]: Refreshing state… [id=rtbassoc-0f1374463fdbc4472]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PRI[3]: Refreshing state… [id=rtbassoc-0cf10e7ab83538a67]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB[2]: Refreshing state… [id=rtbassoc-004cb4bdd7d8ea9fa]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB[1]: Refreshing state… [id=rtbassoc-0dc66fa1b8d87fd82]

aws_route_table_association.RTB_VPC_CZECH-APPSTREAM-ICS-DMZ_PUB[0]: Refreshing state… [id=rtbassoc-076968be0daaae356]

Error: Invalid index

on vpc_ics_prod.tf line 102, in resource “aws_ec2_transit_gateway_vpc_attachment” “TGW-ICS”:

102: subnet_ids = aws_subnet.private[count.index]

|----------------

| aws_subnet.private is empty tuple

| count.index is 0

The given key does not identify an element in this collection value.

Error: Invalid index

on vpc_ics_prod.tf line 102, in resource “aws_ec2_transit_gateway_vpc_attachment” “TGW-ICS”:

102: subnet_ids = aws_subnet.private[count.index]

|----------------

| aws_subnet.private is empty tuple

| count.index is 2

The given key does not identify an element in this collection value.

Error: Invalid index

on vpc_ics_prod.tf line 102, in resource “aws_ec2_transit_gateway_vpc_attachment” “TGW-ICS”:

102: subnet_ids = aws_subnet.private[count.index]

|----------------

| aws_subnet.private is empty tuple

| count.index is 1

The given key does not identify an element in this collection value.

Posts: 1

Participants: 1

Read full topic

@sergioteixeiraptc wrote:

Hello,

cant seem to add tags to the autoscaling group create by node_groups with the aws eks module, is there any way to do it?

Posts: 1

Participants: 1

Read full topic

@Gary-Armstrong wrote:

Working to upgrade 0.11 to 0.12 and I could use some help. I have an existing set of EC2 defined in 0.11 which have several non-TF-managed EBS. Converting to 0.12 and doing a plan, I find that TF would like to remove the unmanaged EBS. I have a working ignore_changes list as of 0.11 but seems like it’s not taking hold in 0.12 for some reason.

I am guessing it may be because I do not have any ebs_block_device attribute defined in the aws_instance resource, but if so I’m not sure how to add one while not disturbing the existing EBS setup.

The lifecycle block, just for fun:
lifecycle {
ignore_changes = [
associate_public_ip_address,
ebs_block_device,
tags.org-edr,
tags,
]

And the scary part of the plan:
- ebs_block_device {
- delete_on_termination = true -> null
- device_name = “/dev/xvdf” -> null
- encrypted = false -> null
- iops = 780 -> null
- volume_id = “vol-02adcbb2cb8edbb4b” -> null
- volume_size = 260 -> null
- volume_type = “gp2” -> null
}

Posts: 1

Participants: 1

Read full topic

@thiagodeandrade wrote:

Hi

Is possible create Windows Virtual Desktop Azure with terraform?

Posts: 1

Participants: 1

Read full topic

@SQLJames wrote:

I am getting an error when trying to import the terraform json output from the "terraform show -json " command. My steps to replicate are as follows:

• terraform plan -out .\plan.state.tfstate
• terraform show -json .\plan.state.tfstate > plan.state.show.json

then run the following code in a python script.

import json
#terraform plan -out .\plan.state.tfstate 
#terraform show -json .\plan.state.tfstate > plan.state.show.json
with open('plan.state.show.json', 'r') as jsonfile:
    jsonfile.seek(0)
    data = json.load(jsonfile)
print(json.dumps(data, indent=4))

This returns the following error

Traceback (most recent call last):
  File ".\terraform-validate.py", line 15, in <module>
    data = json.load(jsonfile)
  File "C:\Python38\lib\json\__init__.py", line 293, in load
    return loads(fp.read(),
  File "C:\Python38\lib\json\__init__.py", line 357, in loads
    return _default_decoder.decode(s)
  File "C:\Python38\lib\json\decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "C:\Python38\lib\json\decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

I am able to import this output into powershell without issue. But I was wondering if someone has run into this prior.

Terraform v0.12.20

• provider.aws v2.47.0

Posts: 1

Participants: 1

Read full topic

@dsantanu wrote:

Hi there,
I have two target_groups - one for port 80 and another for 443. Also have two instances as the members and I need to attach both of the target groups to each instance. So this is the code I’m using, to attach:

// Creates the target-group
resource "aws_lb_target_group" "nlb_target_groups" {
  for_each = {
    for lx in var.nlb_listeners : "${lx.protocol}:${lx.target_port}" => lx
  }
  name                 = "${var.vpc_names[var.idx]}-tgr-${each.value.target_port}"
  deregistration_delay = var.deregistration_delay
  port                 = each.value.target_port
  protocol             = each.value.protocol
  vpc_id               = var.vpc_ids[var.idx]
  proxy_protocol_v2    = true

  health_check {
    port                = each.value.health_port
    protocol            = each.value.protocol
    interval            = var.health_check_interval
    healthy_threshold   = var.healthy_threshold
    unhealthy_threshold = var.unhealthy_threshold
  }
}

// Attach the target groups to the instance(s)
resource "aws_lb_target_group_attachment" "tgr_attachment" {
  for_each = {
    for pair in setproduct(keys(aws_lb_target_group.nlb_target_groups), var.elb_members.ids) : "${pair[0]}:${pair[1]}" => {
      target_group = aws_lb_target_group.nlb_target_groups[pair[0]]
      instance_id  = pair[1]
    }
  }
  target_group_arn = each.value.target_group.arn
  target_id        = each.value.instance_id
  port             = each.value.target_group.port
  #target_id       = [for tid in range(var.inst_count) : data.aws_instances.nlb_insts.ids[tid]]
}

where var.nlb_listeners is like this:

nlb_listeners = [
  {
    protocol    = "TCP"
    target_port = "80"
    health_port = "1936"
  },
  {
    protocol    = "TCP"
    target_port = "443"
    health_port = "1936"
  }
]

and var.elb_members.ids is like this:

"ids" = [
    "i-015604f88xxxxxx42",
    "i-0e4defceexxxxxxe5",
  ]

but I’m getting Invalid for_each argument error:

Error: Invalid for_each argument

  on ../../modules/elb/balencer.tf line 46, in resource "aws_lb_target_group_attachment" "tgr_attachment":
  46:   for_each = {
  47:     for pair in setproduct(keys(aws_lb_target_group.nlb_target_groups), var.elb_members.ids) : "${pair[0]}:${pair[1]}" => {
  48:       target_group = aws_lb_target_group.nlb_target_groups[pair[0]]
  49:       instance_id  = pair[1]
  50:     }
  51:   }

The "for_each" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the for_each depends on.

I cannot figure out why it’s either invalid or how this for_each cannot determine the values. Any idea what’s am I doing wrong here? Seriously got stuck in the middle and would really appreciate any help to put me to the right direction.

-S

Posts: 1

Participants: 1

Read full topic

@RayOei wrote:

I have a fairly simple Terraform script for AWS, based on an example from the terraform site. Whenever I run this I get an error:

Error: error attaching EC2 Internet Gateway (igw-xxxxx): Error attaching internet gateway: InvalidVpcID.NotFound: The vpc ID 'aws_vpc.test.id' does not exist status code: 400, request id: xxxx

The Terraform console log before it, does show the creation of the vpc:

ws_internet_gateway.default: Creating…
aws_vpc.test: Creating…
aws_instance.dev: Creating…
aws_vpc.test: Creation complete after 2s [id=vpc-xxxx]
aws_instance.dev: Still creating… [10s elapsed]
aws_instance.dev: Still creating… [20s elapsed]
aws_instance.dev: Still creating… [30s elapsed]
aws_instance.dev: Creation complete after 32s [id=i-xxxx]

And when I check the state with terraform state show 'aws_vpc.test' it returns the proper segment with ID. In the AWS console I can see that the VPC has been created. So I am a bit at a loss what is wrong here?

Using:

• Terraform: v0.12.20
• AWS provider: v2.48.0
• On OSX 10.15.2

Script as used (region is set the eu-central-1, and stripped down so the created VPC & gateway are not used):

provider "aws" {
  profile    = "default"
  region     = var.region
}

# Create a VPC to launch our instances into
resource "aws_vpc" "test" {
  cidr_block = "10.0.0.0/16"
  assign_generated_ipv6_cidr_block = true

  tags = {
    Name = "test"
  }
}

# Create an internet gateway to give subnet access to the outside world
resource "aws_internet_gateway" "default" {
  vpc_id = "aws_vpc.test.id"
}

resource "aws_instance" "dev" {
  ami           = var.amis[var.region]
  instance_type = "t2.micro"
}

Posts: 1

Participants: 1

Read full topic

@dhineshbabuelango wrote:

Hi All, Is there a way I can automate the manual snapshots and the retention period using terraform

Posts: 2

Participants: 2

Read full topic