I'm currently carrying out a task where I need to connect two VPCs (lets call them VPC_1 and VPC_2) via a Transit Gateway. VPC_1's task is to forward any 0.0.0.0/0 traffic onto the TGW, to VPC_2, where it can then go through the appropriate NATs and IGWs to access the internet. VPC_2's task is to send any local (192.168.0.0/24) traffic hitting the subnet back to VPC_1.
However, I'm getting an error when running terraform apply, Error: creating Route in Route Table (vpc_2_subnet_route_table) with destination (192.168.0.0/24): InvalidParameterValue. Not sure if it's something to do with my configuration of both VPCs share the same cidr_block, but any help in the right direction would be apppreciated.
Error:
Error: creating Route in Route Table (rtb-0a9c85b8ae7bc2208) with destination (192.168.0.0/24): InvalidParameterValue: The destination CIDR block 192.168.0.0/24 is equal to or more specific than one of this VPC's CIDR blocks. This route can target only an interface or an instance.
Here's my routing tables currently configured:
VPC_1: (cidr_block 192.168.0.0/16) Private subnet (192.168.00.0/24)
resource "aws_route_table" "vpc_1_subnet_route_table" {
vpc_id = aws_vpc.user_vpc.id
# 0.0.0.0/0 -> TGWA
route {
cidr_block = "0.0.0.0/0"
transit_gateway_id = aws_ec2_transit_gateway.tgw.id
}
tags = {
Name = "user-route-table"
}
}
TGW routes attached to TGW-route-table: (Forwards 0.0.0.0/0 traffic coming from VPC_1 to VPC_2, and 192.168.0.0/24 traffic coming from VPC_2 to VPC_1)
resource "aws_ec2_transit_gateway_route" "tgw_egress_route" {
# 0.0.0.0/0 -> Internet VPC TGWA
destination_cidr_block = "0.0.0.0/0"
transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.vpc_2_tgwa.id
transit_gateway_route_table_id = aws_ec2_transit_gateway_route_table.tgw_route_table.id
}
resource "aws_ec2_transit_gateway_route" "tgw_ingress_route" {
# 192.168.0.0/24 --> User VPC TGWA
destination_cidr_block = "192.168.0.0/24"
transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.vpc_1_tgwa.id
transit_gateway_route_table_id = aws_ec2_transit_gateway_route_table.tgw_route_table.id
}
VPC_2: (cidr_block 192.168.0.0/16) Private subnet (192.168.100/24)
resource "aws_route_table" "vpc_2_subnet_route_table" {
vpc_id = aws_vpc.internet_vpc.id
# 0.0.0.0/0 -> NAT
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = aws_nat_gateway.nat_gateway.id
}
# 192.168.0.0/24 -> TGWA
route {
cidr_block = "192.168.0.0/24"
transit_gateway_id = aws_ec2_transit_gateway.tgw.id
}
tags = {
Name = "internet-private-route-table"
}
}
Here's a diagram of what I'm expected to build, all of the infrastructure is done besides this error with the routes.
Ah, there was a definitely issue with how I was declaring my VPC + Subnet blocks. Has been fixed by correctly assigning the cidr_blocks.