Home > other >  Terraform ENI Mapping error - does not fall within the subnet's address range
Terraform ENI Mapping error - does not fall within the subnet's address range

Time:12-03

I am trying to map my ENI to my subnet and its throwing an error.

Because there is a for_each loop on the subnet the ENI pointing to it must also have a looped key/value added to it hence the problem

main.tf

# VPC
resource "aws_vpc" "main" {
  cidr_block = local.json.vpc.cidr

  tags = {
    Name = "vpc"
  }
}

# Subnet
resource "aws_subnet" "public" {
  for_each = local.api

  vpc_id            = aws_vpc.main.id
  cidr_block        = each.value.subnet_cidr
  availability_zone = each.value.subnet_az
}

# ENI
resource "aws_network_interface" "eni" {
  for_each = local.api

  subnet_id   = aws_subnet.public[each.key].id
  private_ips = ["172.16.10.100"] # Might need to add another IP

  tags = {
    Name = "primary_network_interface"
  }
}

my locals look like this

locals {
  json = jsondecode(file("API.json"))

  api = merge([
    for vpc in local.json : {
      for subnet in vpc.subnets :
      "${vpc.name}-${subnet.name}" => {
        vpc_name    = vpc.name
        vpc_cidr    = vpc.cidr
        subnet_name = subnet.name
        subnet_cidr = subnet.cidr
        subnet_az   = subnet.az
      }
    }
  ]...)
}

their output (local.api) from terraform console

{
  "vpc-subnet-one" = {
    "subnet_az" = "eu-central-1a"
    "subnet_cidr" = "192.168.1.0/24"
    "subnet_name" = "subnet-one"
    "vpc_cidr" = "192.168.0.0/16"
    "vpc_name" = "vpc"
  }
  "vpc-subnet-two" = {
    "subnet_az" = "eu-central-1b"
    "subnet_cidr" = "192.168.4.0/24"
    "subnet_name" = "subnet-two"
    "vpc_cidr" = "192.168.0.0/16"
    "vpc_name" = "vpc"
  }
}

error message

   status code: 400, request id: 64e031e5-11ea-4f6d-a03c-9a36a1ff56af

   with aws_network_interface.eni["vpc-subnet-one"],
   on main.tf line 20, in resource "aws_network_interface" "eni":
   20: resource "aws_network_interface" "eni" {



 Error: creating EC2 Network Interface: InvalidParameterValue: Address does not fall within the subnet's address range
       status code: 400, request id: 7842f089-08b4-4042-b928-7830a37ffe28

   with aws_network_interface.eni["vpc-subnet-two"],
   on main.tf line 20, in resource "aws_network_interface" "eni":
   20: resource "aws_network_interface" "eni" {

I've followed this documenation and validated everything else is correct. I still can't seem to figure out what value should be set on subnet_id

Bonus cheeky points - I am trying to configure 2 EC2's, Should i give our eni a secondary private_ips?

CodePudding user response:

The error means that your IP 172.16.10.100 is invalid for your subnet CIDR range 192.168.1.0/24 and 192.168.4.0/24. Obviously this is correct because your IP should be in the correct range. For example:

private_ips = ["192.168.1.100"] # for the first subnet
private_ips = ["192.168.4.100"] # for the second subnet

Page link:https//www.codepudding.com/other/630274.html

Prev:Terraform AWS: SQS destination for Lambda doesn't get added
Next:How to call another ECS Fargate container from nginx container?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding