Making VPC Attachments without creating TGW fails

[everops-kevin]

My simple use case is:

Account 1 (networking) hosts TGW

include {
  path = find_in_parent_folders()
}

terraform {
  source  = "git@github.com:TierMobility/terraform-aws-transit-gateway.git?ref=bb1a74673f26a807a195e5ea4648d8078db61ec1" # I'm using TierMobility's branch because of the default route addition.
}

inputs = {
  name = "my-tgw"
  ram_principals = [
    "arn:aws:organizations::1111222233334444:organization/o-organization_id"
  ]
}

Account 2 (shared services) hosts a VPC with resources that will be connected to TGW

VPC:

include {
  path = find_in_parent_folders()
}

terraform {
  source = "git@github.com:terraform-aws-modules/terraform-aws-vpc.git?ref=v2.33.0"
}

inputs = {
  name = "dev_databases"
  cidr = "10.135.0.0/16"

  azs = [
    "us-west-2a",
    "us-west-2b",
    "us-west-2c",
    "us-west-2d",
  ]

  database_subnets = [
    "10.135.0.0/22",
    "10.135.4.0/22",
    "10.135.8.0/22",
    "10.135.12.0/22",
  ]

  private_subnets = [
    "10.135.254.0/24",
    "10.135.255.0/24",
  ]
}

TGW:

include {
  path = find_in_parent_folders()
}

terraform {
  source  = "git@github.com:TierMobility/terraform-aws-transit-gateway.git?ref=bb1a74673f26a807a195e5ea4648d8078db61ec1"
}

dependency "vpc" {
  config_path = "../dev_databases/vpc"
}

dependency "root-tgw" {
  config_path = "../../networking-acc-1234/tgw"
}

inputs = {
  create_tgw = false
  vpc_attachments = {
    s = {
      tgw_id =  dependency.root-tgw.outputs.this_ec2_transit_gateway_id
      vpc_id = dependency.vpc.outputs.vpc_id
      subnet_ids = concat(
        dependency.vpc.outputs.database_subnets,
      )
    }
  }
  transit_gateway_route_table_id = dependency.root-tgw.outputs.this_ec2_transit_gateway_route_table_id
}

Error

Error: Invalid index

  on main.tf line 70, in resource "aws_ec2_transit_gateway_vpc_attachment" "this":
  70:   transit_gateway_id = lookup(each.value, "tgw_id", aws_ec2_transit_gateway.this[0].id)
    |----------------
    | aws_ec2_transit_gateway.this is empty tuple

The given key does not identify an element in this collection value.

Releasing state lock. This may take a few moments...
[terragrunt] 2020/04/21 17:21:31 Hit multiple errors:
exit status 1

My solution here was to simply change line 70 to transit_gateway_id = lookup(each.value, "tgw_id", try(aws_ec2_transit_gateway.this[0].id, null)), which I'm going to PR.

[thomasfinstad]

I am running into the same issue, the PR is closed with a very non descriptive message. Could you please elaborate?

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.