terraform-google-network Network peering needs to be unidirectional

Network peering needs to be unidirectional

Open lrh00000 opened this issue 3 years ago • 0 comments

TL;DR

When I try to create peering from gcp vpc to aiven vpc, I get this error:

Error adding network peering: googleapi: Error 403: Required 'compute.networks.addPeering' permission for 'projects/aiven-prod-idcn/global/networks/xxxxxxxxxx', forbidden

Peer network peering was already created from aiven side, gcp side peering to outside networks needs to be unidirectional.

Expected behavior

Only local peering should be created, there should not be any attempts to create peer network when peering is done to non-gpc networks.

Observed behavior

No response

Terraform Configuration

I use terragrunt.

module main.tf:

module "vpc-peering" {
  source = "terraform-google-modules/network/google//modules/network-peering"
  prefix        = var.prefix
  local_network = var.local_network
  peer_network  = var.peer_network
}


terragrunt.hcl:

inputs = {
  prefix        = "aiven-gcp"
  local_network = "projects/xxxxxxxx/global/networks/xxxxxxxx"
  peer_network  = "projects/aiven-prod-idcn/global/networks/xxxxxxxxxx"
}

Terraform Version

Terraform v1.2.8
on darwin_arm64
+ provider registry.terraform.io/hashicorp/google v4.34.0
+ provider registry.terraform.io/hashicorp/google-beta v4.34.0
+ provider registry.terraform.io/hashicorp/null v3.1.1
+ provider registry.terraform.io/hashicorp/random v3.4.2

Additional information

This appears to be the same issue as the data fusion module bug: https://github.com/terraform-google-modules/terraform-google-data-fusion/issues/35

Sep 06 '22 09:09 lrh00000

terraform-google-network terraform-google-network copied to clipboard

Network peering needs to be unidirectional

TL;DR

Expected behavior

Observed behavior

Terraform Configuration

Terraform Version

Additional information

terraform-google-network
terraform-google-network copied to clipboard