having trouble getting EIP to associate

[vtknightmare]

Hey @jmhale

so, after many trials, I'm getting the following issue:

$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

module.wireguard.data.template_file.wg_client_data_json[0]: Refreshing state...
module.wireguard.data.aws_iam_policy_document.wireguard_policy_doc: Refreshing state...
module.wireguard.data.aws_ssm_parameter.wg_server_private_key: Refreshing state...
module.wireguard.data.aws_ami.ubuntu: Refreshing state...
module.wireguard.data.aws_iam_policy_document.ec2_assume_role: Refreshing state...

---

Error: Invalid count argument

on .terraform/modules/wireguard/wireguard-iam.tf line 28, in resource "aws_iam_policy" "wireguard_policy":
28: count = (var.eip_id != "disabled" ? 1 : 0) # only used for EIP mode

The "count" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the count depends on.

Error: Invalid count argument

on .terraform/modules/wireguard/wireguard-iam.tf line 36, in resource "aws_iam_role" "wireguard_role":
36: count = (var.eip_id != "disabled" ? 1 : 0) # only used for EIP mode

The "count" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the count depends on.

-0-0-0-0-0-0-0--0-00-0-0-0-0--00-0-0-0-0-0-0-

Now, if I manually provide the EIP id, it works but hilariously by creating it's OWN EIP that is WON'T associate with the EC2 instance it creates -_-

Any help here? What could I be missing?

[jmhale]

@vtknightmare Can you share your full module declaration block? This seems like its the same as #8, but I still can't reproduce on my end.

[vtknightmare]

hey @jmhale, here you go:

$ cat main.tf
resource "aws_eip" "wireguard" {
vpc = true
tags = {
Name = "wireguard"
}
}

module "wireguard" {
source = "[email protected]:vtknightmare/terraform-aws-wireguard.git"
ssh_key_id = "my-key"
vpc_id = "vpc-12345678"
subnet_ids = ["subnet-098765"]
eip_id = "${aws_eip.wireguard.id}"
wg_server_net = "192.168.2.1/24" # client IPs MUST exist in this net
wg_client_public_keys = [
{ "192.168.2.2/32" = "myAweSomeWGKeyhahahaheheh@#$@%2523" } # make sure these are correct
]
}

[vtknightmare]

per various googling, people are referring to the count variable not being correct maybe? As in perhaps we are referring to something wrong?

[kscherer]

My workaround was to set the eip_id to "disabled" first and do the apply. Once the eip is created then I added the wireguard.id back in and ran apply again. This solved the problem for me.

[vainkop]

Quick solution is to apply separately: #8 (comment)

Normal solution is to work on the code a little, like equalogic#2