transit gateway route tables not found from shared account when re-running after initial creation using multiple providers

[mrlogsd]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform v0.12.16

• provider.aws v2.39.0

Affected Resource(s)

aws_ec2_transit_gateway_vpc_attachment
data.aws_ec2_transit_gateway

Terraform Configuration Files

main.tf.txt
variables.tf.txt

Debug Output

Error: error updating EC2 Transit Gateway Attachment (tgw-attach-xxxxxxxxxxxxxx) Route Table (tgw-rtb-xxxxxxxxxxxxxx) propagation: error determining EC2 Transit Gateway Attachment (tgw-attach-xxxxxxxxxxxxxx) propagation to Route Table (tgw-rtb-xxxxxxxxxxxxxx): InvalidRouteTableID.NotFound: Transit Gateway Route Table tgw-rtb-xxxxxxxxxxxxxx was deleted or does not exist.
status code: 400, request id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx

on main.tf line 164, in resource "aws_ec2_transit_gateway_vpc_attachment" "masterTGWGeneral":
164: resource "aws_ec2_transit_gateway_vpc_attachment" "masterTGWGeneral" {

Panic Output

Expected Behavior

Terraform works as expected and creates a vpc with an associated transit gateway on the first run, but subsequent runs can not find the transit gateway route tables.

Transit gateway route table from external aws provider account should be found and used.

Actual Behavior

terraform looks in the wrong provider for the TG route table and cant find it. exits with error
Transit Gateway Route Table was deleted or does not exist, but the correct IDs are in the output and are verified to exist in the respective aws provider accounts

Steps to Reproduce

1. terraform apply
2. terraform apply

Important Factoids

References

• #0000

[mrlogsd]

anyone else come across this error, InvalidRouteTableID.NotFound, when running terraform on a second run?

[kinzar1]

I'm having this issue. Did you find out what was wrong?

[mrlogsd]

It seems to be an order of operations requirement. I defined a aws_ec2_transit_gateway_vpc_attachment resource before trying to define any aws_route or aws_route_table_association resources. This seemed to work reliably everytime. I never found this documented anywhere as a requirement.

[justinretzolk]

Hey y'all 👋 Thank you for taking the time to file this issue and for the additional discussion around it! Given that there's been a number of AWS provider releases since you initially filed it, can anyone confirm if you're still experiencing this behavior?

[mrlogsd]

I think the fix was to set the "propagate routes" to false.

…

On Thu, Nov 18, 2021 at 6:43 PM Justin Retzolk ***@***.***> wrote: Hey y'all 👋 Thank you for taking the time to file this issue and for the additional discussion around it! Given that there's been a number of AWS provider releases since you initially filed it, can anyone confirm if you're still experiencing this behavior? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#11029 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADJW63AZL5YBUP3FJ5KGR5LUMWFQHANCNFSM4JR6IYKA> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.

[niblORRRR]

I managed to get this working by setting the provider in the route resource. But would be good if that wasn't required.

[ewbankkit]

Relates #8383.
Relates #17398.