I have AWS clientVPN which was created manually from AWS console and it has around 20 plus route table entry. Now, I want to terraform this so we can add any new route using terraform.
I have imported the ClientVPN information using terraform import. To import all the existing routes, I can import one route at a time also for each route Import I need to add resource entry in main.tf as shown below:
Command used to import the route table entry:
$ terraform import aws_ec2_client_vpn_route.example cvpn-endpoint-0e3e121d2,subnet-08acf2,<CIDR>
This command updates the .tfstate file and when I run terraform plan it gives me an error because I need to add resource section for this in main.tf file.
resource "aws_ec2_client_vpn_route" "example" {
client_vpn_endpoint_id = var.client_vpn_endpoint_id
destination_cidr_block = "CIDR"
target_vpc_subnet_id = var.target_vpc_subnet_id
}
resource "aws_ec2_client_vpn_route" "example1" {
client_vpn_endpoint_id = var.client_vpn_endpoint_id
destination_cidr_block = "CIDR"
target_vpc_subnet_id = var.target_vpc_subnet_id
}
Each time, I import the route, I need to add resource in main.tf. If I have 20 route table entry then I have to write 20 resource entry in main.tf file?
I just want to use one resource entry in main.tf, how is it possible?
After import, when I ran the terraform plan, check the output:
% terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
aws_ec2_client_vpn_route.example: Refreshing state... [id=cvpn-endpoint,subnet-02231,0.0.0.0/16]
aws_ec2_client_vpn_endpoint.example: Refreshing state... [id=cvpn-endpoint]
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
- destroy
Terraform will perform the following actions:
# aws_ec2_client_vpn_route.example will be destroyed
- resource "aws_ec2_client_vpn_route" "example" {
- client_vpn_endpoint_id = "cvpn-endpoint" -> null
- description = "Default Route" -> null
- destination_cidr_block = "0.0.0.0/16" -> null
- id = "cvpn-endpoint,subnet-02231308,0.0.0.0/16" -> null
- origin = "associate" -> null
- target_vpc_subnet_id = "subnet-022313" -> null
- type = "Nat" -> null
}
# aws_ec2_client_vpn_route.example["Default Route"] will be created
+ resource "aws_ec2_client_vpn_route" "example" {
+ client_vpn_endpoint_id = "cvpn-endpoint"
+ description = "Default Route"
+ destination_cidr_block = "0.0.0.0/16"
+ id = (known after apply)
+ origin = (known after apply)
+ target_vpc_subnet_id = "subnet-022313"
+ type = (known after apply)
}
Plan: 1 to add, 0 to change, 1 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
Resource name are not matching thats why it is destroying and creating again. But, when I do terraform apply, it fails because it first create the resource and it fails because of same CIDR.
You can use the for_each method that Terraform provides, which basically loops and creates the number of resources you have in the variable resource list.
In this example you will create 3 aws_ec2_client_vpn_route resources.