I have a Terraform file that's supposed to create an AWS VPC remotely, but every time I run terraform apply I get the following errors:
│ Error: error waiting for EC2 NAT Gateway (nat-0ddd4f893ecbaa66b) create: unexpected state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated: Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[2],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
╵
╷
│ Error: error waiting for EC2 NAT Gateway (nat-0ea71e57475b449ec) create: unexpected
state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated:
Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[0],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
And this is the main.tf I'm trying to run:
terraform {
required_providers {
aws = {
version = "~> 3.0"
source = "hashicorp/aws"
}
}
}
//Creating VPC here
resource "aws_vpc" "Main" {
provider = aws.east
cidr_block = "IP_Address"
instance_tenancy = "default"
}
//Creating Internet Gateway
resource "aws_internet_gateway" "IGW" {
provider = aws.east
vpc_id = aws_vpc.Main.id
}
//Creating Public Subnets
resource "aws_subnet" "publicsubnets" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.public_subnets[count.index]}" //CIDR block of public subnets
}
//Creating Private Subnets
resource "aws_subnet" "privatesubnets" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.private_subnets[count.index]}" //CIDR block of private subnets
}
//Creating Route Table for Public Subnets
resource "aws_route_table" "PublicRT" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Public Subnet reaches Internet via Internet Gateway
gateway_id = aws_internet_gateway.IGW.id
}
}
//Creating Route Table for Private Subnet
resource "aws_route_table" "PrivateRT" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Private Subnet reaches Internet via NAT Gateway
nat_gateway_id = aws_nat_gateway.NATgw[count.index].id
}
}
resource "aws_route_table_association" "PublicRTassociation" {
provider = aws.east
count = "${length(var.public_subnets)}"
subnet_id = aws_subnet.publicsubnets[count.index].id
route_table_id = aws_route_table.PublicRT[count.index].id
}
resource "aws_route_table_association" "PrivateRTassociation" {
provider = aws.east
count = "${length(var.private_subnets)}"
subnet_id = aws_subnet.privatesubnets[count.index].id
route_table_id = aws_route_table.PrivateRT[count.index].id
}
resource "aws_eip" "nateIP" {
provider = aws.east
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP.id
subnet_id = aws_subnet.privatesubnets[count.index].id
}
I have the provider and variables for main provided in separate files. Also, I'm trying to create multiple public and private subnets with multiple IP Address blocks, which is the reason for the count variables and arguments.
Note: I've changed some names and variables for privacy/security.
What am I doing wrong?
CodePudding user response:
This happens because you create only one EIP, and try to use it in multiple NAT gateways. You have to create 1 EIP for each NAT. Thus it should be:
resource "aws_eip" "nateIP" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP[count.index].id
subnet_id = aws_subnet.privatesubnets[count.index].id
}