ALB not in available state when trying to attach as target to NLB

I am using Terraform version 1.8.0 and creating resources in AWS. My parent module calls modules to create an application load balancer a network load balancer and the target groups. I am trying to attach the application load balancer as a target for the target group that is used by the network load balancer. The problem I am running into is that the application load balancer is not in an available state when the target group is tries to attach it as a target.

I need help to figure out how to delay the creation of the aws_lb_target_group_attachment resource until the application load balancer is in an available state. Is there a way to do this?

This is the module call from the parent module that creates the target group. I create the application load balancer in a separate module and pass the ARN of the application load balancer to this module.

module "nlb_target_group_443" {
  source  = "app.terraform.io/mkd019-tfc-setup/elb-target-group/aws"
  version = "0.0.2"

  health_check                  = var.nlb_tg_443.health_check
  load_balancing_algorithm_type = var.nlb_tg_443.lb_algorithm_type
  target_group_name             = var.nlb_tg_443.target_group_name
  target_group_port             = var.nlb_tg_443.port
  target_group_protocol         = var.nlb_tg_443.protocol
  attach_target                 = true
  target_id                     = module.application_load_balancer.lb_arn
  target_type                   = var.nlb_tg_443.target_type
  vpc_id                        = module.vpc.vpc_id
}

This is the attachment block from the module that creates the target group. I have the target_id set as the ARN of the application load balancer.

resource "aws_lb_target_group_attachment" "this" {
  count = var.attach_target == true ? 1 : 0

  target_group_arn = aws_lb_target_group.this.arn
  target_id        = var.target_id
  port             = var.target_group_port
}

When I apply the plan I get the following error:

image1142×112 14.9 KB

The ALB does have a listener configured that matches the target group port. I believe I receive this error because the ALB is not available yet. When I re-apply this configuration after the application load balancer becomes available and I do not receive an error.

In your nlb_target_group_443 module, target_id refers to module.application_load_balancer.lb_arn which is likely available as soon as the underlying aws_lb resource is created while the rest of the downstream resources are still being provisioned.

If the application_load_balancer module can expose its aws_lb_target_group_attachment resources as outputs, you can set an explicit dependency on them in the nlb_target_group_443 module to ensure that the ALB setup is fully ready.

I’ve not used it myself, but perhaps you can also use explicit output dependencies within the application_load_balancer module to ensure that application_load_balancer is available only after the entire ALB including targets are fully set up.

Hope this gives you some ideas.

Thanks for the response, @acwwat.

I figured out what I had done wrong but I was inspired by your response. The target group module is using the arn output from the load balancer module to provide the target id. I mistakenly thought that this would create a dependency on the load balancer being completed. Since the arn for the lb is created immediately that meant the target group module was free to begin. All I needed to do was add a depends_on = [ module.application_load_balancer ] to this module and it waited for the load balancer to finish creation before it began.

Thanks again for your help.

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.