Import VPC Subnet (subnet associations)

Terraform
1

I am using terraform v1.10.4 and am having a lot of fun trying to import the subnets associated with a VPC.

I have a VPC resource that has been imported:

resource “aws_vpc” “NV_vod-library-vpc” {…}

The imported VPC has the first cidr_block defined properly (10.28.6.0/24".

I added the following resources in the tf file for the VPC:
resource “aws_vpc_ipv4_cidr_block_association” “NV_vod-library_vpc_cidr_2” {
vpc_id = aws_vpc.NV_vod-library-vpc.id
cidr_block = “10.28.7.0/24”
}

resource “aws_vpc_ipv4_cidr_block_association” “NV_vod-library_vpc_cidr_3” {
vpc_id = aws_vpc.NV_vod-library-vpc.id
cidr_block = “10.28.8.0/24”
}

When I try to import the associations using the following command:

terraform import aws_vpc_ipv4_cidr_block_association.NV_vod-library-vpc_cidr_2 vpc-0e49ae3ebc9d24f0a_10.28.7.0/24

I get the following error:

Error: Cannot import non-existent remote object

While attempting to import an existing object to “aws_vpc_ipv4_cidr_block_association.NV_vod-library-vpc_cidr_2”, the provider detected that no object exists with the given id. Only pre-existing objects can be imported; check that the id is correct and that it is associated with the provider’s configured region or endpoint, or use “terraform apply” to create a new remote object for this resource.

I have verified through the console that those subnets are associated with the VPC.

Any help would be appreciated!

2

Do you try terraform import aws_vpc_ipv4_cidr_block_association.NV_vod-library-vpc_cidr_2 vpc-cidr-assoc-10.28.7.0/24 ?

3

it was really strange. i did try that but it was giving me an error. I ended up using a python script to generate the resource stanzas and a bash script to import. Then I did a terraform state mv to move the generated resources to the the ones I was trying to use in the beginning.

PYTHON:
import subprocess
import json

vpc_id = “vpc-xxxxxxxxxxxxxxxxxx” #replace with your vpc id

result = subprocess.run([‘aws’, ‘ec2’, ‘describe-vpcs’, ‘–vpc-ids’, vpc_id], capture_output=True, text=True)
vpcs = json.loads(result.stdout)

for vpc in vpcs[‘Vpcs’]:
for association in vpc[‘CidrBlockAssociationSet’]:
if association[‘AssociationId’] != vpc[‘CidrBlockAssociationSet’][0][‘AssociationId’]: #skipping the primary cidr block.
association_id = association[‘AssociationId’]
cidr_block = association[‘CidrBlock’]
print(f’‘‘resource “aws_vpc_ipv4_cidr_block_association” “{association_id}” {{
vpc_id = “{vpc_id}”
cidr_block = “{cidr_block}”
}}’’')

BASH:
#!/bin/bash

vpc_id=“vpc-xxxxxxxxxxxxxx” #replace with your vpc id.
associations=$(aws ec2 describe-vpcs --vpc-ids “$vpc_id” --query “Vpcs[0].CidrBlockAssociationSet[*].AssociationId” --output text)

for association_id in associations; do #terraform import "aws_vpc_ipv4_cidr_block_association.{association_id}" “association_id" echo "terraform import \"aws_vpc_ipv4_cidr_block_association.{association_id}" "$association_id"”
echo “imported: $association_id”
done

I double/triple checked the original import syntax but could not get it work.
Anyway, thanks for your help!

4

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.