amazon-web-servicesterraformterragruntaws-vpc-peering

Terraform state conflict between vpc and vpc-peering modules


I am using terraform and terragrunt for my companies aws infrastructure, general structure is like this, i have two main folder, one for modules, other one for environments and sourcing modules to environment folder using terragrunt, one module is for general vpc infrastructure, i have separate module for vpc-peering, i created separated folders for vpc and vpc-peering in environment folder, so both of them has different terraform state on s3, the problem is that vpc-peering is creating route-tables also and when i want to apply some changes on vpc module it deletes records created from vpc-peering module, is there any way to inject route tables into vpc module? I know that i can move vpc-peering module into vpc and have one both module but it takes quite some time to rewrite all the stuff and i would love to know any other way.


Solution

  • They shouldn't both be creating route tables. The VPC module should be creating route tables, and the VPC Peering module should be adding routes to those route tables. The trick here is to not create any routes in the aws_route_table resources, but create them all as separate aws_route resources. Per the note in the aws_route documentation:

    Terraform currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite rules.

    So in order to define routes in multiple modules you will need to use the aws_route resource for all route definitions.