Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Known Only After Apply on Terraform Import #119

Open
RickArroues opened this issue May 11, 2023 · 1 comment
Open

Known Only After Apply on Terraform Import #119

RickArroues opened this issue May 11, 2023 · 1 comment
Labels
bug 🐛 An issue with the system

Comments

@RickArroues
Copy link

RickArroues commented May 11, 2023
edited

Describe the Bug

Only when trying to perform a terraform import I run into the following:

Error: Invalid for_each argument
│ 
│   on .terraform/modules/vpc_endpoints/modules/vpc-endpoints/main.tf line 72, in module "gateway_endpoint_label":
│   72:   for_each   = local.enabled ? data.aws_vpc_endpoint_service.gateway_endpoint_service : {}
│     ├────────────────
│     │ data.aws_vpc_endpoint_service.gateway_endpoint_service will be known only after apply
│     │ local.enabled is true
│ 
│ The "for_each" value depends on resource attributes that cannot be determined until apply, so Terraform cannot
│ predict how many instances will be created. To work around this, use the -target argument to first apply only the
│ resources that the for_each depends on.

My VPC endpoint does not contain a gateway_vpc_endpoints. I think this is because the module uses local.enabled for the existence of either a gateway or interface VPC endpoint rather than toggling them on individually. Or I'm doing it completely wrong. I'm doing:

module "vpc_endpoints" {
  source  = "cloudposse/vpc/aws//modules/vpc-endpoints"
  version = "2.0.0"

  context = module.vpc_endpoints_role_label.context

  vpc_id = data.aws_vpc.vpc.id

  gateway_vpc_endpoints = {}
  interface_vpc_endpoints = {
    "kinesis-streams" = {
      name                = "kinesis-streams"
      security_group_ids  = [module.dms_security_group.id]
      subnet_ids          = local.private_subnet_ids
      policy              = null
      private_dns_enabled = true
    }
  }
}

Expected Behavior

No error on import

Steps to Reproduce

Steps to reproduce the behavior:

  1. Add some resource to import. I added resource "aws_s3_bucket" "test_bucket" {bucket=test_name}. It doesn't even have to exist, you just need a resource to target
  2. terraform import aws_s3_bucket.test_bucket something-that-doesnt-exist-and-thats-ok

Environment (please complete the following information):

  • TF version 1.1.7
  • Module version 2.0.0
@RickArroues RickArroues added the bug 🐛 An issue with the system label May 11, 2023
@RickArroues
Copy link
Author

Accidentally found out this issue doesn't exist in later versions of tf. We're moving to 1.4.6. Leaving the issue open in case it compels any changes to the module. Otherwise feel free to close it or it can expire or whatever. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug 🐛 An issue with the system
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@RickArroues