-
Notifications
You must be signed in to change notification settings - Fork 9.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform complains about invalid CIDR when both variables and resource references are used to define cidr_blocks of the aws_security_group rule #13079
Comments
Got the same problem here. |
Is it possible there's been a regression on this? Just ran into this exact problem in 0.10.2. TF is throwing an invalid CIDR error on a valid CIDR block. |
@joestump absolutely possible. What are you using for a CIDR block that's throwing the issue? And is the issue occurring during a plan or an apply? |
@grubernaut I'm also seeing this (or a related issue). I'm supplying a tfvars file in the command invocation. Planning executes without error:
Running
The CIDR |
Hey @duncanhall, If the error is thrown at I would either check with amazon's documentation for a subnet in the EU-West-1C region, or contact AWS support with that request ID as to why that error is being thrown from the AWS API. |
Thanks @grubernaut, you're right. I'm still figuring out why that CIDR block is invalid but it's definitely AWS and not TF. Changing the subnet to a |
@duncanhall ah nice, glad that worked. Yeah TF only validates that the provided CIDR is in the correct notation, not whether it's possible or not 😄 |
This is the page you're looking for: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing There are some wacky rules that specifically forbid things that technically on real networking gear WOULD work. |
Thanks @aking1012 for the aws doc link. However, based on that, if |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
terraform v0.9.1
I am using a variable and a reference to ip of the aws instance to define CIDR for ingress rule of the aws_security_group.
Terraform thinks the code above is invalid because
* aws_security_group.test: "ingress.0.cidr_blocks.1" must contain a valid CIDR, got error parsing: invalid CIDR address: ${var.test_ip}/32
But he is completely happy if I remove either of the CIDRs.
The following works:
And the following works as well:
I guess this happens because I mix different interpolations: a variable and a resource reference
The text was updated successfully, but these errors were encountered: