Hello, I’ve created a vpc peering and I would like to ask, is it possible to get vpc_id which is located in different region? I would like to avoid hardcoding in .tf file(s)
–
Scenario is simple:
eu-west-1
eu-west-2
Hi @unity-unity,
The design of the AWS provider is that each provider configuration belongs to one specific region. Because of that, working with more than one region in the same configuration typically (unless there’s a special allowance within a specific resource type) requires declaring multiple provider configurations.
In order to keep things simple in the typical single-region case, Terraform has a distinction between default provider configurations – the ones that resources can associate themselves with automatically – and alternate provider configurations, which require an explicit association between resource and provider configuration using the provider meta-argument.
In the situation where most of your resources belong to one region but you have one or two specific exceptions, which seems to be your case here, I’d typically keep the default provider configuration you already wrote and then add one alternate configuration alongside it which is only for your VPC lookup, like this:
provider "aws" {
region = "eu-west-1"
}
provider "aws" {
alias = "peer"
region = "us-west-2"
}
data "aws_vpc" "peer" {
# This particular resource uses the "peer"
# configuration, not the default one.
provider = aws.peer
# (and whatever filters you need to select the VPC)
}
resource "aws_vpc_peering_connection" "foo" {
# This resource doesn't set "provider", so it belongs
# to the default (unaliased) provider configuration.
peer_vpc_id = data.aws_vpc.peer.id
# ... etc ...
}
However, a risk with this approach of combining a default and an alternative configuration in a single configuration is that it can be easy to forget to set provider on a particular resource and thus end up associating it with the wrong region. Therefore if a particular contains a large number of resources that belong to another region then I’d recommend not declaring a default configuration at all and instead just using a pair of “alternative” (aliased) configurations, because then you’ll effectively force declaring an explicit provider argument on every resource and thus reduce the chance of mistakes.
(This multi-configuration approach is available for any provider that has a similar design where each provider configuration works with only a single region or single endpoint. Some providers have a different design where the provider configuration might provide a “default” region/endpoint but then each resource can potentially override that and select a different one, so if someone else finds this reply in future and is trying to apply it to something other than AWS VPC peering it might be worth first checking the documentation for the resource types you are working with to see if they provide a resource-specific way to override a region, which typically produces a simpler result than multiple provider configurations.)
Thank you, very much! It helps me a lot, I will keep in mind all mentioned risks, again big thanks