Goal: to create a terraform module that will peer two existing vnet's across regions.
Issue: when I do terraform apply I receive this output error:
Error Output:
Error: network.VirtualNetworkPeeringsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="PeeringRemoteVnetIsSameAsParentVnet" Message="RemoteNetwork property of the peering /subscriptions/[REDACTED]/ cannot reference parent virtual network of the peering." Details=[]
on main.tf line 12, in resource "azurerm_virtual_network_peering" "source-to-destination":
12: resource "azurerm_virtual_network_peering" "source-to-destination" {
Error Output:
network.VirtualNetworkPeeringsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="PeeringRemoteVnetIsSameAsParentVnet" Message="RemoteNetwork property of the peering /subscriptions/[REDACTED]/ cannot reference parent virtual network of the peering." Details=[]
on main.tf line 25, in resource "azurerm_virtual_network_peering" "destination-to-source":
25: resource "azurerm_virtual_network_peering" "destination-to-source" {
Idea: the idea is to create a terraform module so when other members of our team need to peer two existing vnet's they can pass in the terraform.tfvars file and deploy a vnet peering.
Research: Below are the documentation references I have been following: https://www.terraform.io/docs/providers/azurerm/r/virtual_network_peering.html https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network_peering
Have not discovered examples of peering two existing vnets.
//see code below
my main.tf file
##
# This will Peer two existing VNets across regions
##
provider "azurerm" {
version = ">=2.0.0"
features {}
subscription_id = var.subscription_id
}
# initiates source to destination peering between to existing vnets
resource "azurerm_virtual_network_peering" "source-to-destination" {
name = "peering-to-${var.destination_peer.virtual_network_name}"
resource_group_name = data.azurerm_virtual_network.existing_source_vnet.resource_group_name
virtual_network_name = data.azurerm_virtual_network.existing_source_vnet.name
remote_virtual_network_id = data.azurerm_virtual_network.existing_source_vnet.id
allow_virtual_network_access = var.allow_virtual_network_access
allow_forwarded_traffic = var.allow_forwarded_traffic
allow_gateway_transit = var.allow_gateway_transit
use_remote_gateways = var.use_remote_gateways
depends_on = [data.azurerm_virtual_network.existing_source_vnet]
}
# initiates destination to source peering between to existing vnets
resource "azurerm_virtual_network_peering" "destination-to-source" {
name = "peering-from-${var.source_peer.virtual_network_name}"
resource_group_name = data.azurerm_virtual_network.existing_destination_vnet.resource_group_name
virtual_network_name = data.azurerm_virtual_network.existing_destination_vnet.name
remote_virtual_network_id = data.azurerm_virtual_network.existing_destination_vnet.id
allow_virtual_network_access = var.allow_virtual_network_access
allow_forwarded_traffic = var.allow_forwarded_traffic
allow_gateway_transit = var.allow_gateway_transit
use_remote_gateways = var.use_remote_gateways
depends_on = [data.azurerm_virtual_network.existing_destination_vnet]
}
my data.tf file
##
# Existing Vnet Data
##
data "azurerm_virtual_network" "existing_source_vnet" {
resource_group_name = lookup(var.source_peer, "resource_group_name")
name = lookup(var.source_peer, "virtual_network_name")
}
data "azurerm_subnet" "src_subnet" {
name = lookup(var.source_peer, "name")
virtual_network_name = lookup(var.source_peer, "virtual_network_name")
resource_group_name = lookup(var.source_peer, "resource_group_name")
}
data "azurerm_virtual_network" "existing_destination_vnet" {
resource_group_name = lookup(var.destination_peer, "resource_group_name")
name = lookup(var.destination_peer, "virtual_network_name")
}
data "azurerm_subnet" "dtn_subnet" {
name = lookup(var.destination_peer, "name")
virtual_network_name = lookup(var.destination_peer, "virtual_network_name")
resource_group_name = lookup(var.destination_peer, "resource_group_name")
}
my variables.tf file
# This will Peer two existing VNets across regions
##
# Account Inputs
##
variable "subscription_id" {
type = string
}
##
# Input
##
variable "allow_gateway_transit" {
type = string
default = false
}
variable "use_remote_gateways" {
type = string
default = false
}
variable "allow_forwarded_traffic" {
type = string
default = false
}
variable "allow_virtual_network_access" {
type = string
default = true
}
variable "source_peer" {
type = object({
resource_group_name = string
virtual_network_name = string
remote_virtual_network_id = string
name = string
})
}
variable "destination_peer" {
type = object({
resource_group_name = string
virtual_network_name = string
remote_virtual_network_id = string
name = string
})
}
my output.tf file
##
# Output Of Virtual Network ID
##
output "virtual_network_id_src" {
value = data.azurerm_virtual_network.existing_source_vnet.id
}
output "subnet_id_src" {
value = data.azurerm_subnet.src_subnet.id
}
output "virtual_network_id_dtn" {
value = data.azurerm_virtual_network.existing_destination_vnet.id
}
output "subnet_id_dtn" {
value = data.azurerm_subnet.dtn_subnet.id
}
