I’m trying to build a HA-VPN between two projects in GCP, and while this appears it should be possible by providing the URL of the HA-VPN Gateway, when I do so, the terraform shows it’s actually looking for the remote gateway within my local project
resource "google_compute_vpn_tunnel" "tunnel1_prod1" {
name = "gcp-vpn-gateway-1-tunnel-1"
project = var.project
region = var.region
vpn_gateway = google_compute_ha_vpn_gateway.ha_vpn_gateway1.id
peer_gcp_gateway = var.customer_gcp_peer_gateway
shared_secret = var.shared_secret
router = google_compute_router.router1.id
vpn_gateway_interface = 0
}
The plan shows correctly that it has the url of the remote gateway as 'peer_gcp_gateway = “https://www.googleapis.com/compute/v1/projects/destination-project/regions/europe-west2/routers/manual-test-ha-vpn”
yet, when I then apply the change, it actually is looking in my project, for ‘manual-test-ha-vpn’ as indicated by the error message:
│ Error: Error creating VpnTunnel: googleapi: Error 404: The resource 'projects/origin-project/regions/europe-west2/vpnGateways/manual-test-ha-vpn' was not found, notFound
│
│ with module.gcp_vpn_ha_gateway["prod1"].google_compute_vpn_tunnel.tunnel1_prod1,
│ on modules/terraform-gcp-vpn-cust-gcp/main.tf line 34, in resource "google_compute_vpn_tunnel" "tunnel1_prod1":
│ 34: resource "google_compute_vpn_tunnel" "tunnel1_prod1" {
│
You can see the URL either has been ignored, or changed to the point to the origin project, instead of the destination project when trying to find the gateway and I don’t understand why.
It maybe that I have the URL formatted incorrectly for the destination VPN Gateway, but I cannot find documentation to actually specify how this is meant to be formatted.
