aws_vpn_gateway_route_propagation creates #977
Description
Description
First of all I'm not sure if it is a real bug or not :)
I faced with the behaviour which does not seem proper, so I have implemented some fix in my fork of the module, but I would like to discuss it here and could provide a pull request for that.
When we execute this module and provide there, let's say, 3 public and 3 private subnets, and after that pass the following parameters
- enable_nat_gateway = true
- single_nat_gateway = true
- enable_vpn_gateway = true
the module suggest to create multiple aws_vpn_gateway_route_propagation.private resources with route_table_id and vpn_gateway_id have exactly the same content.
This seems strange because then we have one resource in AWS managed by multiple terraform resources.
The workaround which I have implemented if just to use an additional bool parameter, like single_vgw_route_propagation_private and then use it like
locals {
vgw_route_propagation_private_count = var.single_vgw_route_propagation_private ? 1 : local.len_private_subnets
}
resource "aws_vpn_gateway_route_propagation" "private" {
count = local.create_vpc && var.propagate_private_route_tables_vgw && (var.enable_vpn_gateway || var.vpn_gateway_id != "") ? local.vgw_route_propagation_private_count : 0
route_table_id = element(aws_route_table.private[*].id, count.index)
vpn_gateway_id = element(
concat(
aws_vpn_gateway.this[*].id,
aws_vpn_gateway_attachment.this[*].vpn_gateway_id,
),
count.index,
)
}