Terraform ELB in a custom VPC

[Daubichon Lionel]

Hello Guys, 

I am actually facing a problem : 

- I have my own VPC witch private and public subnet build with terraform.

I deploy launch configuration in this VPC, but i cant launch ELB to the VPC custom : 

 

Error applying plan:

```1 error(s) occurred:

* module.base.aws_elb.terraform-elb: 1 error(s) occurred:

* aws_elb.terraform-elb: InvalidConfigurationRequest: Security group "sg-95daf2ec" does not belong to VPC "vpc-d69b22b3"

status code: 409, request id: 15a745ff-3f8a-11e7-9325-cd3b2a462e89

Terraform does not automatically rollback in the face of errors.

Instead, your Terraform state file has been partially updated with

any resources that successfully completed. Please address the error

above and apply again to incrementally change your infrastructure.```

here is my elb configuration : resource "aws_elb" "terraform-elb" {

    name                = "${var.cluster_name}-elb"

    availability_zones  = ["${split(",", var.availability_zones)}"]

    security_groups     = ["${aws_security_group.terraform_sg.id}"]

   listener {

     lb_port           = 80

     lb_protocol       = "http"

     instance_port     = "${var.server_port}"

     instance_protocol = "http"

   }

   health_check {

     healthy_threshold   = 2

     unhealthy_threshold = 2

     timeout              = 3

     interval             = 30

     target               = "HTTP:${var.server_port}/"

   }

  }

it there any way to inform ELB of wich VPC he should get ? vpc_id is not working.

Thanks a lot for the help

[Lowe Schmidt]

The security_groups list needs to have SG ids that belong to a VPC. 

--

Lowe Schmidt | +46 723 867 157

[Daubichon Lionel]

What is strange is that my security group terraform_sg belongs to a VPC custom, i want to bring my ELB to this VPC (custom) :/

[David Adams]

You need to specify `subnets` in aws_elb with a list of your public subnets. That will create the ELB in the right VPC.

On Tue, May 23, 2017 at 8:57 AM, Daubichon Lionel <daubicho...@gmail.com> wrote:

What is strange is that my security group terraform_sg belongs to a VPC custom, i want to bring my ELB to this VPC (custom) :/

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/fad380d5-042a-42bb-93a5-95b46215dbc1%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Daubichon Lionel]

Thanks a lot for the help, i will try subnets !

[Bensam V]

Did trying subnets work??

[Bensam V]

resource "aws_elb" "load_balancer" {
  name = "terratest-elb"
  instances = ["<instance ID>"]
  subnets = ["${data.aws_subnet_ids.public.ids}"]


  security_groups = ["${aws_security_group.terraform_sg.id}"]
  //availability_zones = ["${data.aws_availability_zones.zones.names}"]

 
  "listener" {
    instance_port     = "${data.terraform_remote_state.data-from-modules.instance_port}"
    instance_protocol = "http"

    lb_port           = 80
    lb_protocol       = "http"
  }

  health_check {
    healthy_threshold   = 2
    unhealthy_threshold = 2

    interval            = 30
    timeout             = 3
    target              = "HTTP:$8080/"
  }
}

commenting out availability zones and providing the subnet group helped.