-
Notifications
You must be signed in to change notification settings - Fork 9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Route53 import private zone with multiple vpc #5317
Route53 import private zone with multiple vpc #5317
Conversation
Should we deprecate the |
The issue is that you need at least one vpc when you create a private zone. I have another branch where I tried to deprecate |
Ah, bummer! I was being optimistic that they would remove that restriction. 😖
|
Oh, I just saw that Terraform 0.12 will support iteration on blocks https://www.hashicorp.com/blog/hashicorp-terraform-0-12-preview-for-and-for-each. Here's what I would do then:
Like this:
Works? |
We'll also want to look at this in the context of this issue: #384 (PR #2005) -- we'll need to be sure that you can build a Terraform configuration with the proper ordering on a single apply to support cross-account authorizations. I think we'd still need to support a separate association resource in that case to get the [create zone] -> [cross-account authorize] -> [create association] ordering right, but we cannot suggest everyone to use It'd be so nice if the API was easier to work with! 😄 |
Argh, it might do more harm than good then. At least with this PR, we can change the vpc_id and vpc_region without recreating the zone entirely. |
Hi @julienduchesne 👋 Sorry for the long silence here, but good news is that in version 1.42.0 we will have support for this feature. We are opting to go with the following setup, similar to what you outlined above:
Hopefully sometime after Terraform 0.12 has settled we can start to think about better solutions for these problems more globally in Terraform core (configuration blocks as separate items for Terraform graph ordering). Thanks for your hard work as usual! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Fixes #892
Changes proposed in this pull request:
vpc_id
attribute without forcing a new resource. During import, the VPC ids can end up in the wrong resources (Ex: a vpc_id that you want in the main resource might go in the association resource and vice versa).Output from acceptance testing: