Для меня это сюрприз, так как Terraform игнорирует создание ресурса. Я использую модули в terraform, и каждый другой ресурс создается за исключением vpc_peering_connection
. Это фактически игнорирует этот блок. Следовательно, для отладки я создал вывод для идентификатора пирингового соединения и затем получаю ошибку ниже:
$ terraform plan
Error: Reference to undeclared resource
on network/output.tf line 6, in output "peering-id":
6: value = "${aws_vpc_peering_connection.default.id}"
A managed resource "aws_vpc_peering_connection" "default" has not been
declared in network.
Это древовидная структура моей структуры кода.
├── module-network.tf
├── network
│ ├── data.tf
│ ├── igw.tf
│ ├── output.tf
│ ├── peering-conn
│ ├── rt-public.tf
│ ├── security_group.tf
│ ├── subnet.tf
│ ├── var.tf
│ └── vpc.tf
├── output.tf
├── provider-aws.tf
├── terraform.tfstate
├── terraform.tfstate.backup
├── var-static.tf
└── versions.tf
1 directory, 16 files
Код Terraform:
$ cat module-network.tf
module "network" {
source = "./network"
$ cat output.tf
output "vpc-id" {
value = module.network.vpc-id
output "peering-id" {
value =module.network.peering-id
variable "PRODUCT" {
default = "jjmdb"
variable "ENVIRONMENT" {
default = "prod"
variable "REGION" {
default = "us-east-1"
variable "VPC_CIDR" {
default = ""
variable "SUBNET_COUNT" {
default = "2"
variable "VPC_PEER_ID" {
default = "vpc-0724db2d24120ca8c"
$ cat data.tf
data "aws_vpc" "peer_vpc" {
id = "${var.VPC_PEER_ID}"
data "aws_subnet_ids" "private_nodes" {
vpc_id = "${data.aws_vpc.peer_vpc.id}"
tags = {
Tier = "node-private"
$ cat igw.tf
#Create internet gateway
resource "aws_internet_gateway" "igw" {
vpc_id = "${aws_vpc.vpc.id}"
tags = {
Name = "${format("%s-igw",var.PRODUCT)}"
Environment = "${var.ENVIRONMENT}"
$ cat output.tf
output "vpc-id" {
value = "${aws_vpc.vpc.id}"
output "peering-id" {
value = "${aws_vpc_peering_connection.default.id}"
$ cat peering-conn
#Create VPC Peering connection
resource "aws_vpc_peering_connection" "default" {
peer_vpc_id = "${data.aws_vpc.peer_vpc.id}"
vpc_id = "${aws_vpc.vpc.id}"
auto_accept = true
tags = {
Name = "${format("%s-peering",var.PRODUCT)}"
Environment = "${var.ENVIRONMENT}"
$ cat rt-public.tf
#Create a Public Route table
resource "aws_route_table" "rt-public" {
vpc_id = "${aws_vpc.vpc.id}"
tags = {
Name = "${format("%s-rt-public",var.PRODUCT)}"
Environment = "${var.ENVIRONMENT}"
resource "aws_route" "rt-public-route" {
route_table_id = "${aws_route_table.rt-public.id}"
destination_cidr_block = ""
gateway_id = "${aws_internet_gateway.igw.id}"
#Associate public Route Table to public Subnet
resource "aws_route_table_association" "rt-sub-public" {
count = "${var.SUBNET_COUNT}"
subnet_id = "${aws_subnet.sub_public.*.id[count.index]}"
route_table_id = "${aws_route_table.rt-public.id}"
$ cat security_group.tf
$ cat subnet.tf
resource "aws_subnet" "sub_public" {
count = "${var.SUBNET_COUNT}"
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${cidrsubnet(var.VPC_CIDR, 2, count.index + 2)}"
tags = {
Name = "${format("%s-sub-public-%d",var.PRODUCT,count.index)}"
Environment = "${var.ENVIRONMENT}"
$ cat var.tf
variable "AWS_REGION" {}
variable "ENVIRONMENT" {}
variable "PRODUCT" {}
variable "VPC_CIDR" {}
variable "SUBNET_COUNT" {}
variable "VPC_PEER_ID" {}
$ cat vpc.tf
# Create VPC
resource "aws_vpc" "vpc"{
cidr_block = "${var.VPC_CIDR}"
instance_tenancy = "default"
enable_dns_support = "true"
enable_dns_hostnames = "true"
enable_classiclink = "false"
tags = {
Name = "${format("%s-vpc",var.PRODUCT)}"
Environment = "${var.ENVIRONMENT}"
Если я удаляю выходные блоки, они игнорируются. План Terraform, как показано ниже:
**Terraform plan**
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
module.network.data.aws_vpc.peer_vpc: Refreshing state...
module.network.data.aws_subnet_ids.private_nodes: Refreshing state...
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.network.aws_internet_gateway.igw will be created
+ resource "aws_internet_gateway" "igw" {
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "Name" = "jjmdb-igw"
+ vpc_id = (known after apply)
# module.network.aws_route.rt-public-route will be created
+ resource "aws_route" "rt-public-route" {
+ destination_cidr_block = ""
+ destination_prefix_list_id = (known after apply)
+ egress_only_gateway_id = (known after apply)
+ gateway_id = (known after apply)
+ id = (known after apply)
+ instance_id = (known after apply)
+ instance_owner_id = (known after apply)
+ nat_gateway_id = (known after apply)
+ network_interface_id = (known after apply)
+ origin = (known after apply)
+ route_table_id = (known after apply)
+ state = (known after apply)
# module.network.aws_route_table.rt-public will be created
+ resource "aws_route_table" "rt-public" {
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "Name" = "jjmdb-rt-public"
+ vpc_id = (known after apply)
# module.network.aws_route_table_association.rt-sub-public[0] will be created
+ resource "aws_route_table_association" "rt-sub-public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
# module.network.aws_route_table_association.rt-sub-public[1] will be created
+ resource "aws_route_table_association" "rt-sub-public" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
# module.network.aws_subnet.sub_public[0] will be created
+ resource "aws_subnet" "sub_public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = ""
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "Name" = "jjmdb-sub-public-0"
+ vpc_id = (known after apply)
# module.network.aws_subnet.sub_public[1] will be created
+ resource "aws_subnet" "sub_public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = ""
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "Name" = "jjmdb-sub-public-1"
+ vpc_id = (known after apply)
# module.network.aws_vpc.vpc will be created
+ resource "aws_vpc" "vpc" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = false
+ cidr_block = ""
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_classiclink = false
+ enable_classiclink_dns_support = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "Name" = "jjmdb-vpc"
Plan: 8 to add, 0 to change, 0 to destroy.
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
Примечание. У меня возникла та же проблема с версией Terraform 0.11.1. Итак, я обновился до 0.12.3. Но не повезло.
Пожалуйста, сообщите.