Search code examples
amazon-web-servicesterraformamazon-route53

Terraform got `Error: Computed attribute cannot be set` when I try to set dns_entry in endpoint definition

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.16.0

Description

I want to make an endpoint and want to set it into the Route53 record.
I will deploy a Kubernetes Cluster to the domain.

I got this error.

$ terraform plan

Error: Computed attribute cannot be set

  on route53.tf line 24, in resource "aws_vpc_endpoint" "endpoint":
  24:   dns_entry = [
  25:     {
  26:         "dns_name" = "vpce",
  27:         "hosted_zone_id" = "ap-northeast-1a"
  28:     },
  29:   ]


resource "aws_route53_zone" "primary" {
    name = local.cluster_name
}

resource "aws_route53_record" "cluster" {
    zone_id = aws_route53_zone.primary.zone_id
    name = local.cluster_name
    type = "CNAME"
    ttl = 30
    records = [aws_vpc_endpoint.endpoint.dns_entry[0]["dns_name"]]
}

resource "aws_vpc_endpoint" "endpoint" {
  vpc_id       = module.vpc.vpc_id
  service_name = "com.amazonaws.ap-northeast-1.ec2"
  vpc_endpoint_type = "Interface"
  security_group_ids = [
    module.vpc.default_security_group_id,
  ]
  subnet_ids = [
      module.vpc.public_subnets
  ]
  private_dns_enabled = false
  dns_entry = [
    {
        "dns_name" = "vpce",
        "hosted_zone_id" = "ap-northeast-1a"
    },
  ]
}

What I tried

If I delete the dns_entry block, I got this error.

Error: Invalid index

  on route53.tf line 10, in resource "aws_route53_record" "cluster":
  10:     records = [aws_vpc_endpoint.endpoint.dns_entry[0]["dns_name"]]
    |----------------
    | aws_vpc_endpoint.endpoint.dns_entry is empty list of object

The given key does not identify an element in this collection value.

What I want to know

In the case of creating an endpoint manually without terraform, I succeeded and got this DNS Name vpce-0814cfe7cf6dd0f57-t6i209re.ec2.ap-northeast-1.vpce.amazonaws.com

I want to set a DNS Name like that into the Route53 record with Terraform.

How to fix the error and set the DNS Name?

Solution

  • dns_entry is what is returned to you after aws_vpc_endpoint creation. It is not something you can set yourself.

    To get the dns_name and hosted_zone_id of the interface endpoint:

    aws_vpc_endpoint.endpoint.dns_entry[0].dns_name
aws_vpc_endpoint.endpoint.dns_entry[0].hosted_zone_id

    Usually you will have more then 1, so you either have to iterate over aws_vpc_endpoint.endpoint.dns_entry or get them as lists.