Allow empty route_table_ids list in aws_vpc_endpoint resources

[mrwacky42]

Without this change, TF submits a request with empty RouteTableIDs and AWS responds 400 bad request.
With this change, I can create a VPC Endpoint without a route table.

I am almost completely ignorant of Go, so let me know if there's a better to solve this.

[mrwacky42]

Of course, now I discovered #8225, so ...

[catsby]

This looks good to me, @mrwacky42 , what is your concern / question with regards to #8225?

[mrwacky42]

@catsby -- My concern is that this is only partially useful, since I can't actually add RouteTableID to the VPC endpoint after the fact. I had to create my VPC endpoint with non-empty route_table_ids, since there is currently no way to add them after the fact with Terraform.

I think Terraform will need a aws_vpc_endpoint_route_table_association resource to fully fix #8225.

[mrwacky42]

@catsby ping

[catsby]

I can't actually add RouteTableID to the VPC endpoint after the fact. I had to create my VPC endpoint with non-empty route_table_ids, since there is currently no way to add them after the fact with Terraform.

Sorry for my confusion; the resource allows you to add/modify the RouteTable IDs:

• https://www.terraform.io/docs/providers/aws/r/vpc_endpoint.html

What am I missing?

This PR as it stands seems useful and I'd like to pull it in, unless you object

[mrwacky42]

Yes, this is good to merge.

What you are missing is that I'm trying to create the vpc_endpoint resource without specifying route_table_ids, and associate it to route tables in another step. For better or worse, I don't have the route_table_ids available to me when I'm creating this endpoint (different modules essentially).

The original task I was trying to achieve is:

• Create vpc_endpoint resource with empty route_table_ids (fixed by this PR)
• Create route_tables, and add the vpc_endpoint prefix list as a route at a later time.

But... the aws_route_table resource requires CIDR blocks presently, and barfs if I give it pl-c0ffee1234 as a destination_cidr_block.

From AWS web console, the only way I am able to add the route is from the VPC endpoints page, and not on the route tables themselves. In this, the web console seems to have the same limitation as Terraform -- only accepting CIDR blocks.

So that's why I'm suggesting aws_vpc_endpoint_route_table_association as a complete fix for #8225.

Hopefully I'm being clear enough, and yes please merge!

[catsby]

Thank you for the explanation! I'll go ahead and merge this then

[coen-hyde]

@mrwacky42 Incase you didn't see #9244

[mrwacky42]

@coen-hyde - I hadn't. Thanks.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.