terraform-aws-vpc
terraform-aws-vpc copied to clipboard
Published
20 hours ago •
aws-ia
aws-ia
Is it possible to create a VPC without IPv6?
Hi thanks for opening this issue. can you please share your config and the output from your plan
Here we have: `module "vpc" { source = "aws-ia/vpc/aws" version = ">= 4.2.0"
name = "vpc-teste1" cidr_block = "192.168.0.0/16" az_count = 3 vpc_enable_dns_hostnames = true vpc_enable_dns_support = true
vpc_assign_generated_ipv6_cidr_block = false vpc_egress_only_internet_gateway = false
subnets = { # Dual-stack subnet public = { # name_prefix = "my_public" # omit to prefix with "public" netmask = 24 connect_to_igw = true # default assign_ipv6_cidr = false nat_gateway_configuration = "single_az" # options: "all_azs", "none" } # IPv4 only subnet private = { # omitting name_prefix defaults value to "private" # name_prefix = "private_with_egress" netmask = 24 assign_ipv6_cidr = false connect_to_public_natgw = true } # IPv6-only subnet # private_ipv6 = { # ipv6_native = false # assign_ipv6_cidr = false # connect_to_eigw = false # } }
tags = { Billing = "infrastructure" } }`
The plan ran fine: `module.vpc.data.aws_availability_zones.current: Reading... module.vpc.data.aws_availability_zones.current: Read complete after 0s [id=us-east-1]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- create
Terraform will perform the following actions:
module.vpc.aws_eip.nat["us-east-1a"] will be created
- resource "aws_eip" "nat" {
- allocation_id = (known after apply)
- association_id = (known after apply)
- carrier_ip = (known after apply)
- customer_owned_ip = (known after apply)
- domain = (known after apply)
- id = (known after apply)
- instance = (known after apply)
- network_border_group = (known after apply)
- network_interface = (known after apply)
- private_dns = (known after apply)
- private_ip = (known after apply)
- public_dns = (known after apply)
- public_ip = (known after apply)
- public_ipv4_pool = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "nat-public-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "nat-public-us-east-1a" }
- vpc = true }
module.vpc.aws_internet_gateway.main[0] will be created
- resource "aws_internet_gateway" "main" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "vpc-teste1" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "vpc-teste1" }
- vpc_id = (known after apply) }
module.vpc.aws_nat_gateway.main["us-east-1a"] will be created
- resource "aws_nat_gateway" "main" {
- allocation_id = (known after apply)
- association_id = (known after apply)
- connectivity_type = "public"
- id = (known after apply)
- network_interface_id = (known after apply)
- private_ip = (known after apply)
- public_ip = (known after apply)
- secondary_private_ip_address_count = (known after apply)
- secondary_private_ip_addresses = (known after apply)
- subnet_id = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "nat-public-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "nat-public-us-east-1a" } }
module.vpc.aws_route.private_to_nat["private/us-east-1a"] will be created
- resource "aws_route" "private_to_nat" {
- destination_cidr_block = "0.0.0.0/0"
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- nat_gateway_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.private_to_nat["private/us-east-1b"] will be created
- resource "aws_route" "private_to_nat" {
- destination_cidr_block = "0.0.0.0/0"
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- nat_gateway_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.private_to_nat["private/us-east-1c"] will be created
- resource "aws_route" "private_to_nat" {
- destination_cidr_block = "0.0.0.0/0"
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- nat_gateway_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"] will be created
- resource "aws_route" "public_ipv6_to_igw" {
- destination_ipv6_cidr_block = "::/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"] will be created
- resource "aws_route" "public_ipv6_to_igw" {
- destination_ipv6_cidr_block = "::/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"] will be created
- resource "aws_route" "public_ipv6_to_igw" {
- destination_ipv6_cidr_block = "::/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_to_igw["us-east-1a"] will be created
- resource "aws_route" "public_to_igw" {
- destination_cidr_block = "0.0.0.0/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_to_igw["us-east-1b"] will be created
- resource "aws_route" "public_to_igw" {
- destination_cidr_block = "0.0.0.0/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route.public_to_igw["us-east-1c"] will be created
- resource "aws_route" "public_to_igw" {
- destination_cidr_block = "0.0.0.0/0"
- gateway_id = (known after apply)
- id = (known after apply)
- instance_id = (known after apply)
- instance_owner_id = (known after apply)
- network_interface_id = (known after apply)
- origin = (known after apply)
- route_table_id = (known after apply)
- state = (known after apply) }
module.vpc.aws_route_table.private["private/us-east-1a"] will be created
- resource "aws_route_table" "private" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1a" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table.private["private/us-east-1b"] will be created
- resource "aws_route_table" "private" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1b" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1b" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table.private["private/us-east-1c"] will be created
- resource "aws_route_table" "private" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1c" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1c" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table.public["us-east-1a"] will be created
- resource "aws_route_table" "public" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1a" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table.public["us-east-1b"] will be created
- resource "aws_route_table" "public" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1b" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1b" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table.public["us-east-1c"] will be created
- resource "aws_route_table" "public" {
- arn = (known after apply)
- id = (known after apply)
- owner_id = (known after apply)
- propagating_vgws = (known after apply)
- route = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1c" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1c" }
- vpc_id = (known after apply) }
module.vpc.aws_route_table_association.private["private/us-east-1a"] will be created
- resource "aws_route_table_association" "private" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_route_table_association.private["private/us-east-1b"] will be created
- resource "aws_route_table_association" "private" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_route_table_association.private["private/us-east-1c"] will be created
- resource "aws_route_table_association" "private" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_route_table_association.public["us-east-1a"] will be created
- resource "aws_route_table_association" "public" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_route_table_association.public["us-east-1b"] will be created
- resource "aws_route_table_association" "public" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_route_table_association.public["us-east-1c"] will be created
- resource "aws_route_table_association" "public" {
- id = (known after apply)
- route_table_id = (known after apply)
- subnet_id = (known after apply) }
module.vpc.aws_subnet.private["private/us-east-1a"] will be created
- resource "aws_subnet" "private" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = false
- availability_zone = "us-east-1a"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.0.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = false
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = false
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1a" }
- vpc_id = (known after apply) }
module.vpc.aws_subnet.private["private/us-east-1b"] will be created
- resource "aws_subnet" "private" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = false
- availability_zone = "us-east-1b"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.1.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = false
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = false
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1b" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1b" }
- vpc_id = (known after apply) }
module.vpc.aws_subnet.private["private/us-east-1c"] will be created
- resource "aws_subnet" "private" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = false
- availability_zone = "us-east-1c"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.2.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = false
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = false
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1c" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "private-us-east-1c" }
- vpc_id = (known after apply) }
module.vpc.aws_subnet.public["us-east-1a"] will be created
- resource "aws_subnet" "public" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = true
- availability_zone = "us-east-1a"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.3.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = true
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = true
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1a" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1a" }
- vpc_id = (known after apply) }
module.vpc.aws_subnet.public["us-east-1b"] will be created
- resource "aws_subnet" "public" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = true
- availability_zone = "us-east-1b"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.4.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = true
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = true
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1b" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1b" }
- vpc_id = (known after apply) }
module.vpc.aws_subnet.public["us-east-1c"] will be created
- resource "aws_subnet" "public" {
- arn = (known after apply)
- assign_ipv6_address_on_creation = true
- availability_zone = "us-east-1c"
- availability_zone_id = (known after apply)
- cidr_block = "192.168.5.0/24"
- enable_dns64 = false
- enable_resource_name_dns_a_record_on_launch = false
- enable_resource_name_dns_aaaa_record_on_launch = true
- id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_association_id = (known after apply)
- ipv6_native = false
- map_public_ip_on_launch = true
- owner_id = (known after apply)
- private_dns_hostname_type_on_launch = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1c" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "public-us-east-1c" }
- vpc_id = (known after apply) }
module.vpc.aws_vpc.main[0] will be created
- resource "aws_vpc" "main" {
- arn = (known after apply)
- assign_generated_ipv6_cidr_block = false
- cidr_block = "192.168.0.0/16"
- default_network_acl_id = (known after apply)
- default_route_table_id = (known after apply)
- default_security_group_id = (known after apply)
- dhcp_options_id = (known after apply)
- enable_dns_hostnames = true
- enable_dns_support = true
- enable_network_address_usage_metrics = (known after apply)
- id = (known after apply)
- instance_tenancy = "default"
- ipv6_association_id = (known after apply)
- ipv6_cidr_block = (known after apply)
- ipv6_cidr_block_network_border_group = (known after apply)
- main_route_table_id = (known after apply)
- owner_id = (known after apply)
- tags = {
- "Billing" = "infrastructure"
- "Name" = "vpc-teste1" }
- tags_all = {
- "Billing" = "infrastructure"
- "Name" = "vpc-teste1" } }
Plan: 31 to add, 0 to change, 0 to destroy. ╷ │ Warning: Argument is deprecated │ │ with module.vpc.aws_eip.nat, │ on .terraform/modules/vpc/main.tf line 99, in resource "aws_eip" "nat": │ 99: vpc = true │ │ use domain attribute instead │ │ (and one more similar warning elsewhere) ╵
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.`
But apply has an function error:
module.vpc.aws_vpc.main[0]: Creating... module.vpc.aws_eip.nat["us-east-1a"]: Creating... module.vpc.aws_eip.nat["us-east-1a"]: Creation complete after 1s [id=eipalloc-0f6cef5cf98eaddbe] module.vpc.aws_vpc.main[0]: Still creating... [10s elapsed] module.vpc.aws_vpc.main[0]: Creation complete after 13s [id=vpc-0a7e85e01ae9cde31] module.vpc.aws_internet_gateway.main[0]: Creating... module.vpc.aws_route_table.public["us-east-1c"]: Creating... module.vpc.aws_route_table.private["private/us-east-1c"]: Creating... module.vpc.aws_route_table.public["us-east-1a"]: Creating... module.vpc.aws_route_table.public["us-east-1b"]: Creating... module.vpc.aws_route_table.private["private/us-east-1b"]: Creating... module.vpc.aws_route_table.private["private/us-east-1a"]: Creating... module.vpc.aws_internet_gateway.main[0]: Creation complete after 1s [id=igw-01aec2a9ceaa2a4fc] module.vpc.aws_route_table.public["us-east-1a"]: Creation complete after 1s [id=rtb-07d3c7685cd6100b4] module.vpc.aws_route_table.private["private/us-east-1c"]: Creation complete after 1s [id=rtb-01f60d1689d6756db] module.vpc.aws_route_table.public["us-east-1c"]: Creation complete after 1s [id=rtb-08361f47a7ed3064b] module.vpc.aws_route_table.public["us-east-1b"]: Creation complete after 1s [id=rtb-026728c3c6c904878] module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"]: Creating... module.vpc.aws_route.public_to_igw["us-east-1c"]: Creating... module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"]: Creating... module.vpc.aws_route.public_to_igw["us-east-1b"]: Creating... module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"]: Creating... module.vpc.aws_route.public_to_igw["us-east-1a"]: Creating... module.vpc.aws_route_table.private["private/us-east-1a"]: Creation complete after 2s [id=rtb-0a06202e2f269c37e] module.vpc.aws_route_table.private["private/us-east-1b"]: Creation complete after 2s [id=rtb-01edd09a5db1a7dc0] module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"]: Creation complete after 1s [id=r-rtb-07d3c7685cd6100b42750132062] module.vpc.aws_route.public_to_igw["us-east-1a"]: Creation complete after 1s [id=r-rtb-07d3c7685cd6100b41080289494] module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"]: Creation complete after 1s [id=r-rtb-08361f47a7ed3064b2750132062] module.vpc.aws_route.public_to_igw["us-east-1c"]: Creation complete after 1s [id=r-rtb-08361f47a7ed3064b1080289494] module.vpc.aws_route.public_to_igw["us-east-1b"]: Creation complete after 1s [id=r-rtb-026728c3c6c9048781080289494] module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"]: Creation complete after 2s [id=r-rtb-026728c3c6c9048782750132062] ╷ │ Warning: Argument is deprecated │ │ with module.vpc.aws_eip.nat, │ on .terraform/modules/vpc/main.tf line 99, in resource "aws_eip" "nat": │ 99: vpc = true │ │ use domain attribute instead │ │ (and 2 more similar warnings elsewhere) ╵ ╷ │ Error: Invalid index │ │ on .terraform/modules/vpc.calculate_subnets_ipv6.subnet_calculator/main.tf line 2, in locals: │ 2: cidr_netmask = tonumber(split("/", var.base_cidr_block)[1]) │ ├──────────────── │ │ var.base_cidr_block is "" │ │ The given key does not identify an element in this collection value: the given index is greater than or equal to the │ length of the collection.
Thank you for posting! i hate to be a bother... can you use triple back ticks?
looks like this
Sure! Thanks for help.
This is the config
module "vpc" {
source = "aws-ia/vpc/aws"
version = ">= 4.2.0"
name = "vpc-teste1"
cidr_block = "192.168.0.0/16"
az_count = 3
vpc_enable_dns_hostnames = true
vpc_enable_dns_support = true
vpc_assign_generated_ipv6_cidr_block = false
vpc_egress_only_internet_gateway = false
subnets = {
# Dual-stack subnet
public = {
# name_prefix = "my_public" # omit to prefix with "public"
netmask = 24
connect_to_igw = true # default
assign_ipv6_cidr = false
nat_gateway_configuration = "single_az" # options: "all_azs", "none"
}
# IPv4 only subnet
private = {
# omitting name_prefix defaults value to "private"
# name_prefix = "private_with_egress"
netmask = 24
assign_ipv6_cidr = false
connect_to_public_natgw = true
}
}
tags = {
Billing = "infrastructure"
}
}
This is execution output:
module.vpc.data.aws_availability_zones.current: Reading...
module.vpc.data.aws_availability_zones.current: Read complete after 1s [id=us-east-1]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
+ create
Terraform will perform the following actions:
# module.vpc.aws_eip.nat["us-east-1a"] will be created
+ resource "aws_eip" "nat" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "nat-public-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "nat-public-us-east-1a"
}
+ vpc = true
}
# module.vpc.aws_internet_gateway.main[0] will be created
+ resource "aws_internet_gateway" "main" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "vpc-teste1"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "vpc-teste1"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_nat_gateway.main["us-east-1a"] will be created
+ resource "aws_nat_gateway" "main" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ connectivity_type = "public"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ip_address_count = (known after apply)
+ secondary_private_ip_addresses = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "nat-public-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "nat-public-us-east-1a"
}
}
# module.vpc.aws_route.private_to_nat["private/us-east-1a"] will be created
+ resource "aws_route" "private_to_nat" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.private_to_nat["private/us-east-1b"] will be created
+ resource "aws_route" "private_to_nat" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.private_to_nat["private/us-east-1c"] will be created
+ resource "aws_route" "private_to_nat" {
+ destination_cidr_block = "0.0.0.0/0"
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"] will be created
+ resource "aws_route" "public_ipv6_to_igw" {
+ destination_ipv6_cidr_block = "::/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"] will be created
+ resource "aws_route" "public_ipv6_to_igw" {
+ destination_ipv6_cidr_block = "::/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"] will be created
+ resource "aws_route" "public_ipv6_to_igw" {
+ destination_ipv6_cidr_block = "::/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_to_igw["us-east-1a"] will be created
+ resource "aws_route" "public_to_igw" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_to_igw["us-east-1b"] will be created
+ resource "aws_route" "public_to_igw" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route.public_to_igw["us-east-1c"] will be created
+ resource "aws_route" "public_to_igw" {
+ destination_cidr_block = "0.0.0.0/0"
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
}
# module.vpc.aws_route_table.private["private/us-east-1a"] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1a"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.private["private/us-east-1b"] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1b"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1b"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.private["private/us-east-1c"] will be created
+ resource "aws_route_table" "private" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1c"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1c"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.public["us-east-1a"] will be created
+ resource "aws_route_table" "public" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1a"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.public["us-east-1b"] will be created
+ resource "aws_route_table" "public" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1b"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1b"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table.public["us-east-1c"] will be created
+ resource "aws_route_table" "public" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1c"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1c"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_route_table_association.private["private/us-east-1a"] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.private["private/us-east-1b"] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.private["private/us-east-1c"] will be created
+ resource "aws_route_table_association" "private" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public["us-east-1a"] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public["us-east-1b"] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_route_table_association.public["us-east-1c"] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc.aws_subnet.private["private/us-east-1a"] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.0.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1a"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.private["private/us-east-1b"] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.1.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1b"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1b"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.private["private/us-east-1c"] will be created
+ resource "aws_subnet" "private" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1c"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.2.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1c"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "private-us-east-1c"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public["us-east-1a"] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = true
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.3.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = true
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1a"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1a"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public["us-east-1b"] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = true
+ availability_zone = "us-east-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.4.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = true
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1b"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1b"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_subnet.public["us-east-1c"] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = true
+ availability_zone = "us-east-1c"
+ availability_zone_id = (known after apply)
+ cidr_block = "192.168.5.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = true
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1c"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "public-us-east-1c"
}
+ vpc_id = (known after apply)
}
# module.vpc.aws_vpc.main[0] will be created
+ resource "aws_vpc" "main" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = false
+ cidr_block = "192.168.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Billing" = "infrastructure"
+ "Name" = "vpc-teste1"
}
+ tags_all = {
+ "Billing" = "infrastructure"
+ "Name" = "vpc-teste1"
}
}
Plan: 31 to add, 0 to change, 0 to destroy.
module.vpc.aws_vpc.main[0]: Creating...
module.vpc.aws_eip.nat["us-east-1a"]: Creating...
module.vpc.aws_eip.nat["us-east-1a"]: Creation complete after 1s [id=eipalloc-0f6cef5cf98eaddbe]
module.vpc.aws_vpc.main[0]: Still creating... [10s elapsed]
module.vpc.aws_vpc.main[0]: Creation complete after 13s [id=vpc-0a7e85e01ae9cde31]
module.vpc.aws_internet_gateway.main[0]: Creating...
module.vpc.aws_route_table.public["us-east-1c"]: Creating...
module.vpc.aws_route_table.private["private/us-east-1c"]: Creating...
module.vpc.aws_route_table.public["us-east-1a"]: Creating...
module.vpc.aws_route_table.public["us-east-1b"]: Creating...
module.vpc.aws_route_table.private["private/us-east-1b"]: Creating...
module.vpc.aws_route_table.private["private/us-east-1a"]: Creating...
module.vpc.aws_internet_gateway.main[0]: Creation complete after 1s [id=igw-01aec2a9ceaa2a4fc]
module.vpc.aws_route_table.public["us-east-1a"]: Creation complete after 1s [id=rtb-07d3c7685cd6100b4]
module.vpc.aws_route_table.private["private/us-east-1c"]: Creation complete after 1s [id=rtb-01f60d1689d6756db]
module.vpc.aws_route_table.public["us-east-1c"]: Creation complete after 1s [id=rtb-08361f47a7ed3064b]
module.vpc.aws_route_table.public["us-east-1b"]: Creation complete after 1s [id=rtb-026728c3c6c904878]
module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"]: Creating...
module.vpc.aws_route.public_to_igw["us-east-1c"]: Creating...
module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"]: Creating...
module.vpc.aws_route.public_to_igw["us-east-1b"]: Creating...
module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"]: Creating...
module.vpc.aws_route.public_to_igw["us-east-1a"]: Creating...
module.vpc.aws_route_table.private["private/us-east-1a"]: Creation complete after 2s [id=rtb-0a06202e2f269c37e]
module.vpc.aws_route_table.private["private/us-east-1b"]: Creation complete after 2s [id=rtb-01edd09a5db1a7dc0]
module.vpc.aws_route.public_ipv6_to_igw["us-east-1a"]: Creation complete after 1s [id=r-rtb-07d3c7685cd6100b42750132062]
module.vpc.aws_route.public_to_igw["us-east-1a"]: Creation complete after 1s [id=r-rtb-07d3c7685cd6100b41080289494]
module.vpc.aws_route.public_ipv6_to_igw["us-east-1c"]: Creation complete after 1s [id=r-rtb-08361f47a7ed3064b2750132062]
module.vpc.aws_route.public_to_igw["us-east-1c"]: Creation complete after 1s [id=r-rtb-08361f47a7ed3064b1080289494]
module.vpc.aws_route.public_to_igw["us-east-1b"]: Creation complete after 1s [id=r-rtb-026728c3c6c9048781080289494]
module.vpc.aws_route.public_ipv6_to_igw["us-east-1b"]: Creation complete after 2s [id=r-rtb-026728c3c6c9048782750132062]
╷
│ Warning: Argument is deprecated
│
│ with module.vpc.aws_eip.nat,
│ on .terraform/modules/vpc/main.tf line 99, in resource "aws_eip" "nat":
│ 99: vpc = true
│
│ use domain attribute instead
│
│ (and 2 more similar warnings elsewhere)
╵
╷
│ Error: Invalid index
│
│ on .terraform/modules/vpc.calculate_subnets_ipv6.subnet_calculator/main.tf line 2, in locals:
│ 2: cidr_netmask = tonumber(split("/", var.base_cidr_block)[1])
│ ├────────────────
│ │ var.base_cidr_block is ""
│
│ The given key does not identify an element in this collection value: the given index is greater than or equal to the
│ length of the collection.
thank you! much easier to read :)
i believe these are unnecessary and may be causing the issue. Can you remove this parameter from your subnet definitions and try again pls?
also, by default the ipv6 param is null link. I wonder if that setting to false is causing an issue
module "vpc" {
source = "aws-ia/vpc/aws"
version = ">= 4.3.0"
name = "vpc-teste1"
cidr_block = "192.168.0.0/16"
az_count = 3
vpc_enable_dns_hostnames = true
vpc_enable_dns_support = true
subnets = {
# Dual-stack subnet
public = {
# name_prefix = "my_public" # omit to prefix with "public"
netmask = 24
connect_to_igw = true # default
nat_gateway_configuration = "single_az" # options: "all_azs", "none"
}
# IPv4 only subnet
private = {
# omitting name_prefix defaults value to "private"
# name_prefix = "private_with_egress"
netmask = 24
connect_to_public_natgw = true
}
}
tags = {
Billing = "infrastructure"
}
}
Perfect now!
Maybe because "false" is something to be evaluated in the conditional expression.
Thanks.
Can you confirm ... was it removing the assign_ipv6_cidr value from the subnet definition or removing these 2?
vpc_assign_generated_ipv6_cidr_block = false
vpc_egress_only_internet_gateway = false
Removing from top:
vpc_assign_generated_ipv6_cidr_block = false
vpc_egress_only_internet_gateway = false
and from inside public and private subnets:
assign_ipv6_cidr = false
@pablo19sc I wonder if we can improve logic or variable validation to prevent this in the future. I think its low priority but if there is a quick win might be good...
Since this issue regards several variables var validation will not work. However, a precondition probably will