From 0a0d06d046ceeb456492b2ebee9e284b466a6928 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 16 Jun 2022 11:04:58 -0400
Subject: [PATCH] vpn: change use of vpn_gateway_id

---
 CHANGELOG.md      |  3 +++
 common/version.tf |  2 +-
 vpn/main.tf       | 14 +++++++-------
 3 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0272219..d6d5596 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -135,3 +135,6 @@
   - flowlogs
     - change template to use account_alias
 
+* 2.0.3 -- 2022-06-16
+  - vpn
+    - change use of vpn_gateway_id
diff --git a/common/version.tf b/common/version.tf
index 7a83d8d..654b9bc 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,5 +1,5 @@
 locals {
-  _module_version = "2.0.2"
+  _module_version = "2.0.3"
   _module_names = {
     "_main_" = "aws-vpc-setup"
 
diff --git a/vpn/main.tf b/vpn/main.tf
index d7a8c2a..5f504ef 100644
--- a/vpn/main.tf
+++ b/vpn/main.tf
@@ -57,7 +57,7 @@ locals {
     "boc:created_by"        = "terraform"
   }
 
-  vpn_gateway = element(concat(aws_vpn_gateway.vpn[*].id, []), 0)
+  #  vpn_gateway = element(concat(aws_vpn_gateway.vpn[*].id, []), 0)
 }
 
 
@@ -78,7 +78,7 @@ resource "aws_vpn_gateway" "vpn" {
 resource "aws_vpn_gateway_attachment" "vpn" {
   count          = var.create ? 1 : 0
   vpc_id         = var.vpc_id
-  vpn_gateway_id = local.vpn_gateway
+  vpn_gateway_id = var.create ? aws_vpn_gateway.vpn[0].id : null
 }
 
 #---
@@ -112,10 +112,10 @@ resource "random_string" "tunnel_preshared_key" {
 #  at this time, static routing is not an option.  We can re-code this later if needed
 #---
 resource "aws_vpn_connection" "vpn" {
-  for_each = var.create ? local.vpn_settings : {}
-  type     = "ipsec.1"
-  #  vpn_gateway_id        = aws_vpn_gateway.vpn.id
-  vpn_gateway_id        = local.vpn_gateway
+  for_each       = var.create ? local.vpn_settings : {}
+  type           = "ipsec.1"
+  vpn_gateway_id = var.create ? aws_vpn_gateway.vpn[0].id : null
+
   customer_gateway_id   = aws_customer_gateway.vpn[each.key].id
   tunnel1_preshared_key = length(var.custom_preshared_keys) == 0 ? random_string.tunnel_preshared_key[each.key].result : element(var.custom_preshared_keys, 0)
   tunnel2_preshared_key = length(var.custom_preshared_keys) == 0 ? random_string.tunnel_preshared_key[each.key].result : element(var.custom_preshared_keys, 1)
@@ -155,7 +155,7 @@ resource "aws_vpn_gateway_route_propagation" "vpn" {
   for_each = var.create ? { for v in local.vpn_route_table_ids : "${v.site}.${v.route_table_id}" => v } : {}
 
   #  vpn_gateway_id = aws_vpn_gateway.vpn.id
-  vpn_gateway_id = local.vpn_gateway
+  vpn_gateway_id = var.create ? aws_vpn_gateway.vpn[0].id : null
   route_table_id = each.value.route_table_id
 }