I'm trying to create multiple subnets from one resource block and I get the following error
Error: aws_subnet.private: cidr_block must be a single value, not a list
main.tf
resource "aws_subnet" "private" {
vpc_id = "${aws_vpc.vpcname.id}"
cidr_block = "${var.private_subnet}"
availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
map_public_ip_on_launch = false
tags {
Name = "${var.private}"
Environment = "${terraform.workspace}"
}
}
variable.tf
variable "private_subnet" {
type = "list"
default = []
}
dev.tfvars
private_subnet = ["10.0.2.0/24", "10.0.3.0/24"]
You have to create multiple aws_subnet resources by utilitizing the count argument to create one resource for each entry in your var.private_subnet list:
resource "aws_subnet" "private" {
count = "${length(var.private_subnet)}"
vpc_id = "${aws_vpc.vpcname.id}"
cidr_block = "${var.private_subnet[count.index]}"
availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
map_public_ip_on_launch = false
}
This expands the single aws_subnet resource into two, each with slightly different values based on the enumeration of count when each resource block is evaluated by terraform.
private_subnet is a list, so you should pick a single element, e.g.
cidr_block = "${element(var.private_subnet,count.index)}"
also add data module to get the availability zones for a region
data "aws_availability_zones" "available" {}
e.g.
availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
Related
I need to restrict the count az as per region available.
i have try by giving
data.aws_availability_zones.available.names[0]
but this create subnet in one AZ only.
sample code :
data "aws_availability_zones" "available" {}
//public subnet
resource "aws_subnet" "terraform_public_subnet" {
count = length(var.pub_subnet_cidr)
vpc_id = aws_vpc.terraform_vpc.id
cidr_block = var.pub_subnet_cidr[count.index]
map_public_ip_on_launch = true
availability_zone = data.aws_availability_zones.available.names[0]
tags = {
Name = "terraform-public-subnet"
}
lifecycle {
create_before_destroy = true
}
}
You need to use the count.index attribute [1] that is made available when using the count meta-argument:
availability_zone = data.aws_availability_zones.available.names[count.index]
[1] https://developer.hashicorp.com/terraform/language/meta-arguments/count#the-count-object
I have created subnet as map variable for availability zone and CIDR block and
variable "public_subnets_list" {
type = map(any)
description = "Public Subnets"
default = {
"ap-south-1a" = "10.0.1.0/24"
"ap-south-1b" = "10.0.2.0/24"
}
}
This works fine for creating subnets under my custom VPC with below code
resource "aws_subnet" "public_subnet" {
depends_on = [
aws_vpc.terraform_vpc
]
for_each = tomap(var.public_subnets_list)
availability_zone = each.key
cidr_block = each.value
vpc_id = aws_vpc.terraform_vpc.id
tags = {
Name = "Public_Subnet_${each.key}"
}
}
How do I retrieve and display the subnet id created for respective AZs from output which i get from aws_subnet.public_subnet[*]
From the Terraform documentation, splat expressions do not work with resources that use the for_each argument.
To retrieve a list of subnet IDs using your Terraform configuration, you can do the following:
output "subnet_ids" {
value = [for subnet in aws_subnet.public_subnet : subnet.id]
}
I am trying to create a subnet within the availability zones within a region using Terraform. I have the below code and am having some trouble getting my subnet to read into the availability zone for the region. Below is also my error.
data "aws_availability_zones" "azs" {
state = "available"
}
locals {
az_names = data.aws_availability_zones.azs.names
}
resource "aws_vpc" "main" {
for_each = var.environment
cidr_block = var.vpc_cidr
tags = {
Name = var.vpc_tags
}
}
resource "aws_subnet" "public" {
for_each = var.public_sub_cidr
vpc_id = aws_vpc.main[each.key].id
cidr_block = cidrsubnet(var.vpc_cidr, 0, each.value.public_subnet)
availability_zone = local.az_names[each.key]
map_public_ip_on_launch = true
tags = {
Name = "${var.vpc_tags}-PubSubnet"
}
}
Errors
Error: Unsupported attribute
on vpc.tf line 17, in resource "aws_subnet" "public":
17: cidr_block = cidrsubnet(var.vpc_cidr, 0, each.value.public_subnet)
|----------------
| each.value is ""
This value does not have any attributes.
Error: Invalid index
on vpc.tf line 18, in resource "aws_subnet" "public":
18: availability_zone = local.az_names[each.key]
|----------------
| each.key is ""
| local.az_names is list of string with 3 elements
The given key does not identify an element in this collection value: a number
is required.
Any advice on reading from availability zones and also assigning these public subnets would be appreciated.
UPDATE
I made some progress, updated my code to use for each with the "length" of my data resource. See code below and error:
resource "aws_subnet" "public" {
for_each = length(local.az_names)
vpc_id = aws_vpc.tableau[each.key].id
cidr_block = cidrsubnet(var.vpc_cidr, 8, each.value)
availability_zone = local.az_names[each.key]
map_public_ip_on_launch = true
tags = {
Name = "${var.vpc_tags}-PubSubnet"
}
}
Error: Invalid for_each argument
on vpc.tf line 15, in resource "aws_subnet" "public":
15: for_each = length(local.az_names)
The given "for_each" argument value is unsuitable: the "for_each" argument
must be a map, or set of strings, and you have provided a value of type
number.
make: *** [apply] Error 1
Not sure what are you trying to achieve, but this is incorrect:
for_each = length(local.az_names)
it should be:
for_each = toset(local.az_names)
Since local.az_names is set now, you can only use each.key (each.value will be same as each.key). For example:
availability_zone = each.key
The following code creates a subnet in each AZ:
provider "aws" {
# your details
}
data "aws_availability_zones" "azs" {
state = "available"
}
locals {
az_names = data.aws_availability_zones.azs.names
}
variable "vpc_cidr" {
default = "10.0.0.0/16"
}
resource "aws_vpc" "main" {
cidr_block = var.vpc_cidr
}
resource "aws_subnet" "public" {
for_each = {for idx, az_name in local.az_names: idx => az_name}
vpc_id = aws_vpc.main.id
cidr_block = cidrsubnet(var.vpc_cidr, 8, each.key)
availability_zone = local.az_names[each.key]
map_public_ip_on_launch = true
}
I have an object containing the list of subnets I want to create.
variable "subnet-map" {
default = {
ec2 = [
{
cidr_block = "10.0.1.0/24"
availability_zone = "eu-west-1a"
}
],
lambda = [
{
cidr_block = "10.0.5.0/24"
availability_zone = "eu-west-1a"
},
{
cidr_block = "10.0.6.0/24"
availability_zone = "eu-west-1b"
},
{
cidr_block = "10.0.7.0/24"
availability_zone = "eu-west-1c"
}
],
secrets = [
{
cidr_block = "10.0.8.0/24"
availability_zone = "eu-west-1a"
},
{
cidr_block = "10.0.9.0/24"
availability_zone = "eu-west-1b"
},
{
cidr_block = "10.0.10.0/24"
availability_zone = "eu-west-1c"
}
],
rds = [
{
cidr_block = "10.0.11.0/24"
availability_zone = "eu-west-1a"
},
{
cidr_block = "10.0.12.0/24"
availability_zone = "eu-west-1b"
},
{
cidr_block = "10.0.13.0/24"
availability_zone = "eu-west-1c"
}
]
}
}
Earlier I was using the count loop construct. So I used to flatten the above structure into a list of objects
locals {
subnets = flatten([
for resource in keys(var.subnet-map) : [
for subnet in var.subnet-map[resource] : {
resource = resource
cidr_block = subnet.cidr_block
availability_zone = subnet.availability_zone
}
]
])
}
And then I would create the resources by doing
resource "aws_subnet" "aws-subnets" {
count = length(local.subnets)
vpc_id = aws_vpc.aws-vpc.id
cidr_block = local.subnets[count.index].cidr_block
availability_zone = local.subnets[count.index].availability_zone
tags = {
Name = "subnet-${local.subnets[count.index].resource}-${local.subnets[count.index].availability_zone}"
}
}
Now I want to use the for_each loop. But I cannot figure out how to do it. This is what I've done so far.
resource "aws_subnet" "subnets-dev" {
for_each = var.subnet-map
vpc_id = aws_vpc.vpc-dev.id
cidr_block = each.value.cidr_block
availability_zone = each.value.availability_zone
tags = {
Name = "subnet-dev-${each.value.resource}-${each.value.availability_zone}"
environment = "dev"
}
}
But it keeps giving an error saying
Error: Unsupported attribute
on vpc/main.tf line 93, in resource "aws_subnet" "subnets-dev":
93: Name = "subnet-dev-${each.value.resource}-${each.value.availability_zone}"
|----------------
| each.value is tuple with 3 elements
This value does not have any attributes.
How could I fix this?
I'm not sure I fully follow all of what you tried here because your initial snippet of var.subnet-map shows it being a map of maps of lists of objects, but later on when you used for_each = var.subnet-map it seems to have treated it as a map of lists instead. Did you remove that extra level of maps (the "default" key) before trying for_each here?
Working with your original definition of variable "subnet-map", your first step with for_each will be similar to what you did with count: you need to flatten the structure, this time into a map of objects rather than a list of objects. The easiest way to get there is to derive a map from your existing flattened list:
locals {
subnets = flatten([
for resource in keys(var.subnet-map) : [
for subnet in var.subnet-map[resource] : {
resource = resource
cidr_block = subnet.cidr_block
availability_zone = subnet.availability_zone
}
]
])
subnets_map = {
for s in local.subnets: "${s.resource}:${s.availability_zone}" => s
}
}
Here I assumed that your "resource" string and your availability zone together are a suitable unique identifier for a subnet. If not, you can adjust the "${s.resource}:${s.availability_zone}" part to whatever unique key you want to use for these.
Now you can use the flattened map as the for_each map:
resource "aws_subnet" "subnets-dev" {
for_each = local.subnets_map
vpc_id = aws_vpc.vpc-dev.id
cidr_block = each.value.cidr_block
availability_zone = each.value.availability_zone
tags = {
Name = "subnet-dev-${each.value.resource}-${each.value.availability_zone}"
environment = "dev"
}
}
This will give you instances with addresses like aws_subnet.subnets-dev["ec2:eu-west-1a"].
Note that if you are migrating from count with existing subnets that you wish to retain, you'll need to also do a one-time migration step to tell Terraform which indexes from the existing state correspond to which keys in the new configuration.
For example, if (and only if) index 0 was previously the one for ec2 in eu-west-1a, the migration command for that one would be:
terraform state mv 'aws_subnet.subnets-dev[0]' 'aws_subnet.subnets-dev["ec2:eu-west-1a"]'
If you're not sure how they correlate, you can run terraform plan after adding for_each and look at the instances that Terraform is planning to destroy. If you work through each one of those in turn, taking the address Terraform currently knows along with the resource and availability zone names shown in the Name tag, you can migrate each of them to its new address so that Terraform will no longer think you're asking for it to destroy the numbered instances and replace them with named ones.
I have code to create VPC, with 2 private subnets, 2xec2 instances in private and bastion in public.
ec2 code uses outputs.tf of VPC module subnet_ids. as there are 2 private subnets there are 2 subnet_ids being generated. when these generated subnet_ids are fed into ec2 instances instead of one subnet_id, it is feeding 2 subnet_ids at once as a single value.
As a result terraform couldn't find that subnet_ids value, creation is being failed.
error:
The subnet ID 'subnet-0***********,subnet-0*************' does not exist
editing subnets*
vpc.tf
private_subnets = "10.10.20.#/#,10.10.20.#/#"
instanceec2.tf
subnet_id = "${module.vpc.private_subnets}"
below are modules:
vpc_main.tf
// Private subnet/s
resource "aws_subnet" "private" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${element(split(",", var.private_subnets), count.index)}"
availability_zone = "${element(split(",", var.azs), count.index)}"
count = "${length(split(",", var.private_subnets))}"
tags {
Name = "${var.name}-private-${element(split(",", var.azs), count.index)}"
Team = "${var.team}"
Environment = "${var.environment}"
Service = "${var.service}"
Product = "${var.product}"
Owner = "${var.owner}"
Description = "${var.description}"
managed_by = "terraform"
}
}
resource "aws_route_table" "private" {
vpc_id = "${aws_vpc.vpc.id}"
count = "${length(split(",", var.private_subnets))}"
tags {
Name = "${var.name}-private-${element(split(",", var.azs), count.index)}"
Team = "${var.team}"
Environment = "${var.environment}"
Service = "${var.service}"
Product = "${var.product}"
Owner = "${var.owner}"
Description = "${var.description}"
managed_by = "terraform"
}
}
resource "aws_route_table_association" "private" {
subnet_id = "${element(aws_subnet.private.*.id, count.index)}"
route_table_id = "${element(aws_route_table.private.*.id, count.index)}"
count = "${length(split(",", var.private_subnets))}"
}
``````
vpc_outputs.tf
```````
output "private_subnets" {
value = "${join(",", aws_subnet.private.*.id)}"
}
Expected value is only one subnet ID as value:
Error: supply 2 Subnet IDs as one value.
aws_instance.ec2-instance[0]: 1 error(s) occurred:
aws_instance.ec2-instance.0: Error launching source instance: InvalidSubnetID.NotFound: The subnet ID 'subnet-0**********,subnet-0***********' does not exist
you are joining the subnet IDs in your output variable:
output "private_subnets" {
value = "${join(",", aws_subnet.private.*.id)}"
}
When you access this output value from your instanceec2.tf you will only receive this joined string of IDs.
So, you again have to slipt the received value as you've done before and access the respective individual ID with your count index of the ec2 resource:
resource "aws_instance" "default" {
count = "${length(split(",", module.vpc.private_subnets))}"
subnet_id = "${element(split(",", module.vpc.private_subnets), count.index)}"
....
}
That should solve you're issue.
Alternatively, you can also output the subnet IDs directly as a list:
output "private_subnets" {
description = "The IDs of the private subnets as list"
value = ["${aws_subnet.private.*.id}"]
}
and then access them with:
subnet_id = "${element(module.vpc.private_subnets, count.index)}"
Since you have 'join'ed the result, you would have to split again if you require just one subnet value.
Something like:
element(split(",", var.private_subnets), 0)