Terraform-provider-aws: NAT gateway creation fails with error Error waiting for NAT Gateway to become available

Created on 13 Jun 2017  路  6Comments  路  Source: hashicorp/terraform-provider-aws

_This issue was originally opened by @ctippur as hashicorp/terraform#13836. It was migrated here as part of the provider split. The original body of the issue is below._

Hello,
Terraform version: v0.9.2

I am having trouble creating nat gateway. I am following the tf defined here
https://github.com/pk4media/terraform.aws_nat_gateway/blob/master/main.tf

The first time, the apply fails with

* aws_nat_gateway.nat.1: Error waiting for NAT Gateway (nat-0a6ac67cb96eaaaaa) to become available: unexpected state 'failed', wanted target 'available'. last error: %!s(<nil>) module.app_server.aws_nat_gateway.nat[0]: 1 error(s) occurred: aws_nat_gateway.nat.0: Error waiting for NAT Gateway (nat-0f57fc95740de49c4) to become available: unexpected state 'failed', wanted target 'available'. last error: %!s(<nil>)

In subsequent runs, the failure seem to be:

2017/04/20 20:29:49 [DEBUG] plugin: terraform: <natGatewaySet> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <item> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <subnetId>subnet-f6681555</subnetId> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <failureCode>Resource.AlreadyAssociated</failureCode> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <natGatewayAddressSet> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <item> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <networkInterfaceId>eni-3d332315</networkInterfaceId> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <allocationId>eipalloc-b43fa68e</allocationId> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <privateIp>10.0.1.10</privateIp> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: </item> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: </natGatewayAddressSet> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <deleteTime>2017-04-21T03:27:58.735Z</deleteTime> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <createTime>2017-04-21T03:26:05.416Z</createTime> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <vpcId>VPC</vpcId> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <natGatewayId>nat-fsfdsgfsfdgs</natGatewayId> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <state>failed</state> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: <failureMessage>Elastic IP address [eipalloc-a43fa58y] is already associated</failureMessage> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: </item> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: </natGatewaySet> 2017/04/20 20:29:49 [DEBUG] plugin: terraform: </DescribeNatGatewaysResponse>

Plan:

`-/+ module.app_server.aws_nat_gateway.nat.0 (deposed)
allocation_id: "old" => "new"
network_interface_id: "eni-5be4f273" => ""
private_ip: "redacred" => ""
public_ip: "redacted" => ""
subnet_id: "old" => "new" (forces new resource)

-/+ module.app_server.aws_nat_gateway.nat.1 (deposed)
allocation_id: "old" => "new"
network_interface_id: "old" => ""
private_ip: "redacted" => ""
public_ip: "redacted" => ""
subnet_id: "subnet-bf7be7f6" => "subnet-75db4c3c" (forces new resource)

  • module.app_server.aws_route_table.nat.0
    route.#: "1"
    route.~2781612442.cidr_block: "0.0.0.0/0"
    route.~2781612442.egress_only_gateway_id: ""
    route.~2781612442.gateway_id: ""
    route.~2781612442.instance_id: ""
    route.~2781612442.ipv6_cidr_block: ""
    route.~2781612442.nat_gateway_id: "${element(aws_nat_gateway.nat.*.id, count.index)}"
    route.~2781612442.network_interface_id: ""
    route.~2781612442.vpc_peering_connection_id: ""
    tags.%: "3"
    tags.Environment: "sbx"
    tags.Name: "sbxpubroute"
    tags.Service: "nat"
    vpc_id: "vpc-redacred"

~ module.app_server.aws_route_table.nat.1
route.3881485174.cidr_block: "0.0.0.0/0" => ""
route.3881485174.egress_only_gateway_id: "" => ""
route.3881485174.gateway_id: "" => ""
route.3881485174.instance_id: "" => ""
route.3881485174.ipv6_cidr_block: "" => ""
route.3881485174.nat_gateway_id: "nat-redaced" => ""
route.3881485174.network_interface_id: "" => ""
route.3881485174.vpc_peering_connection_id: "" => ""
route.~2781612442.cidr_block: "" => "0.0.0.0/0"
route.~2781612442.egress_only_gateway_id: "" => ""
route.~2781612442.gateway_id: "" => ""
route.~2781612442.instance_id: "" => ""
route.~2781612442.ipv6_cidr_block: "" => ""
route.~2781612442.nat_gateway_id: "" => "${element(aws_nat_gateway.nat.*.id, count.index)}"
2017/04/20 20:36:49 [DEBUG] plugin: /usr/local/Cellar/terraform/0.9.2/bin/terraform: plugin process exited
route.~2781612442.network_interface_id: "" => ""
route.~2781612442.vpc_peering_connection_id: "" => ""

`

bug servicec2
Source
picture hashibot
👍3

Most helpful comment

Same issue here. I think that this is a problem or limitations on aws, not on terraform.

If you create network_interface > eip > nat_gateway you got this error.
If you create eip without network_interface, you create nat_gateway fine.

On AWS console, you can't create eip with network interface and if you create eip with network interface on terraform, you cant associate on network gateway in console too.

For me this is a problem, because I want to tag network_interface and this is created on nat_gateway creation. This problem is related here https://github.com/terraform-providers/terraform-provider-aws/issues/849

picture joubertredrat on 13 Dec 2018
🎉2

All 6 comments

Hello,

Any workaround to make this work?

Thanks,

donotpush picture donotpush on 22 Aug 2017

I found a work around.... (In my case I was rebuilding the VPC changing all the subnets.)

  1. Delete all the VPC resouces first (terraform state show - to make sure) - comment the vpc code.
  2. Apply the again the VPC module/resources

It worked for me. Regarding the bug:

-it looks like there is a problem regarding eip/subnet change.

Thanks !

donotpush picture donotpush on 18 Sep 2017

Any other workaround than suggested by @julianalves ???

pawel-miszkurka-cko picture pawel-miszkurka-cko on 11 Jan 2018

When can we expect the fix for this?
My organisation really needs to get this done

Terraform v0.11.3

provider.aws v1.9.0

ritwik-singh-yash picture ritwik-singh-yash on 28 Feb 2018

Worked for me after adding an IGW to my VPC and a dependency on the NAT Gateways to the IGW.

See documentation here https://www.terraform.io/docs/providers/aws/r/nat_gateway.html#argument-reference

li0nel picture li0nel on 1 Mar 2018

Same issue here. I think that this is a problem or limitations on aws, not on terraform.

If you create network_interface > eip > nat_gateway you got this error.
If you create eip without network_interface, you create nat_gateway fine.

On AWS console, you can't create eip with network interface and if you create eip with network interface on terraform, you cant associate on network gateway in console too.

For me this is a problem, because I want to tag network_interface and this is created on nat_gateway creation. This problem is related here https://github.com/terraform-providers/terraform-provider-aws/issues/849

joubertredrat picture joubertredrat on 13 Dec 2018
🎉2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

gothrek22 picture gothrek22  路  3Comments
modax picture modax  路  3Comments
hashibot picture hashibot  路  3Comments
hashibot picture hashibot  路  3Comments
ghost picture ghost  路  3Comments