From be9bfcac3242f659e17d4583dc832f7b120e2c07 Mon Sep 17 00:00:00 2001
From: Martin Nettling <mgledi@gmail.com>
Date: Wed, 29 Nov 2023 11:22:06 +0100
Subject: [PATCH] Fix terraform init

---
 modules/tgw/spoke/main.tf      | 6 ++++--
 modules/tgw/spoke/variables.tf | 4 ----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/modules/tgw/spoke/main.tf b/modules/tgw/spoke/main.tf
index 210e45940..570b9d8ff 100644
--- a/modules/tgw/spoke/main.tf
+++ b/modules/tgw/spoke/main.tf
@@ -8,6 +8,8 @@
 
 locals {
   spoke_account = module.this.tenant != null ? format("%s-%s-%s", module.this.tenant, module.this.environment, module.this.stage) : format("%s-%s", module.this.environment, module.this.stage)
+  // "When default routing via transit gateway is enabled, both nat gateway and nat instance must be disabled"
+  enabled       = local.enabled ? (length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 ? true : false) : true
 }
 
 module "tgw_hub_routes" {
@@ -53,7 +55,7 @@ module "tgw_spoke_vpc_attachment" {
 }
 
 resource "aws_route" "default_route" {
-  count = length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 && var.default_route_enabled ? length(module.vpc.outputs.private_route_table_ids) : 0
+  count = length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 && local.enabled ? length(module.vpc.outputs.private_route_table_ids) : 0
 
   route_table_id         = module.vpc.outputs.private_route_table_ids[count.index]
   destination_cidr_block = "0.0.0.0/0"
@@ -68,7 +70,7 @@ locals {
 resource "aws_route" "back_route" {
   provider = aws.tgw-hub
 
-  count = length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 && var.default_route_enabled ? length(local.default_route_vpc_public_route_table_ids) : 0
+  count = length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 && local.enabled ? length(local.default_route_vpc_public_route_table_ids) : 0
 
   route_table_id         = local.default_route_vpc_public_route_table_ids[count.index]
   destination_cidr_block = module.vpc.outputs.vpc_cidr
diff --git a/modules/tgw/spoke/variables.tf b/modules/tgw/spoke/variables.tf
index 1584ffcf4..3f739d692 100644
--- a/modules/tgw/spoke/variables.tf
+++ b/modules/tgw/spoke/variables.tf
@@ -82,10 +82,6 @@ variable "default_route_enabled" {
   type        = bool
   description = "Enable default routing via transit gateway, requires also nat gateway and instance to be disabled in vpc component. Default is disabled."
   default     = false
-  validation {
-    condition     = var.default_route_enabled ? (length(module.vpc.outputs.nat_gateway_ids) == 0 && length(module.vpc.outputs.nat_instance_ids) == 0 ? true : false) : true
-    error_message = "When default routing via transit gateway is enabled, both nat gateway and nat instance must be disabled"
-  }
 }
 
 variable "default_route_outgoing_account_name" {