Hi team,
We are creating a vpc peering against two different AWS accounts, where only the requester account is under terraform, and the accepter account accepts the peering request manually.
The problem we are facing that after the peering request is accepted, when running again terraform on the requester side (state file) terraform is noting the VPC connection as:
is tainted, so must be replaced
And is trying to recreate the connection if applied. The expected behavior would be to properly “see” the vpc connection as valid at the state file and not consider as tained.
code used:
resource "aws_vpc_peering_connection" "vpc-peering-connection" {
count = var.enable_vpc_peering ? 1 : 0
peer_owner_id = var.vpc_account_id
peer_vpc_id = var.vpc_id
vpc_id = aws_vpc.cluster-vpc.id
accepter {
allow_remote_vpc_dns_resolution = true
}
requester {
allow_remote_vpc_dns_resolution = true
}
tags = {
Name = "VPC Peering between A and B VPC in different AWS accounts"
}
}
Terraform output after accepted, accepts the request and run again terraform plan
# module.vpc.aws_vpc_peering_connection.sbc-vpc-peering-connection[0] is tainted, so must be replaced
-/+ resource "aws_vpc_peering_connection" "vpc-peering-connection" {
~ accept_status = "active" -> (known after apply)
~ id = "pcx-******" -> (known after apply)
peer_owner_id = "****"
~ peer_region = "us-east-1" -> (known after apply)
peer_vpc_id = "vpc-****"
tags = {
"Name" = "VPC Peering between A and B VPC in different AWS accounts "
}
vpc_id = "vpc-*****"
+ accepter {
+ allow_classic_link_to_remote_vpc = false
+ allow_remote_vpc_dns_resolution = true
+ allow_vpc_to_remote_classic_link = false
}
~ requester {
allow_classic_link_to_remote_vpc = false
~ allow_remote_vpc_dns_resolution = false -> true
allow_vpc_to_remote_classic_link = false
}
}
The question is, that the specific use case is not supported? As terraform is expecting to use “aws_vpc_peering_connection_accepter”?
If that is the case, can you please propose any solution if available to solve the issue?
Thank you,
Lefteris.