How to fix Error: Error creating Virtual Network: AddressSpaceOverlap in Terraform

TerraformINTERMEDIATEHIGH

The AddressSpaceOverlap error occurs when you attempt to create or peer Azure Virtual Networks (VNets) with overlapping CIDR address ranges. Azure requires all VNets and subnets to have non-overlapping IP address spaces.

What this error means

This error indicates that the CIDR block you specified for your Virtual Network conflicts with an existing VNet address space. Azure enforces strict IP address space isolation—two VNets cannot have overlapping address ranges if you intend to peer them or connect them via VPN. Each VNet must have a unique, non-overlapping address space (for example, 10.0.0.0/16 and 10.1.0.0/16, not 10.0.0.0/16 and 10.0.1.0/24).

How to fix "Error: Error creating Virtual Network: AddressSpaceOverlap"

1Identify the conflicting address space

Check which VNets currently exist in your Azure subscription and review their address spaces. Use the Azure portal or run:

bash

az network vnet list --output table

Look for any VNet with an address space that overlaps with the one you are trying to create. For example:
- Existing VNet: 10.0.0.0/16
- Your new VNet: 10.0.5.0/24 (overlaps—falls within 10.0.0.0/16)

2Verify your Terraform configuration

Ensure your azurerm_virtual_network resource has a non-overlapping address_space:

hcl

resource "azurerm_virtual_network" "example" {
  name                = "example-vnet"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  address_space       = ["10.1.0.0/16"]  # Must not overlap with existing VNets
}

Common private IP ranges follow RFC 1918:
- 10.0.0.0/8 (large networks)
- 172.16.0.0/12 (medium networks)
- 192.168.0.0/16 (small networks)

3Check for peered Virtual Networks

If you are peering VNets, confirm that all peered VNets have non-overlapping address spaces. View existing peerings:

bash

az network vnet peering list --resource-group <group-name> --vnet-name <vnet-name>

You cannot peer two VNets with overlapping address ranges. If necessary, update the address space of one of the VNets or use VPN Gateway with Network Address Translation (NAT) instead.

4Allocate a new non-overlapping address space

Plan your IP address space carefully. Create a spreadsheet or use an IPAM tool to document all VNets and their address ranges:

| VNet Name | Address Space | Region |
|-----------|---------------|--------|
| prod-vnet | 10.0.0.0/16 | eastus |
| dev-vnet | 10.1.0.0/16 | eastus |
| test-vnet | 10.2.0.0/16 | westus |

Update your Terraform configuration to use the new address space:

hcl

address_space = ["10.3.0.0/16"]

5Apply the Terraform configuration

Once you have a non-overlapping address space, run:

bash

terraform plan
terraform apply

The terraform plan output should show the new VNet being created without conflicts. If you still see the AddressSpaceOverlap error, double-check that no other subscription, region, or peered VNet uses the address space you selected.

6Update peering connections if necessary

If you modified an existing VNet's address space, update or recreate any peering connections:

bash

az network vnet peering delete --name <peering-name> --resource-group <group-name> --vnet-name <vnet-name>
az network vnet peering create --name <new-peering> --resource-group <group-name> --vnet-name <vnet-name> --remote-vnet <remote-vnet-id> --allow-vnet-access

Verify the peering is active and both VNets have non-overlapping address spaces.

How to fix Error: Error creating Virtual Network: AddressSpaceOverlap in Terraform

What this error means

Typical symptoms

Common causes

How to fix "Error: Error creating Virtual Network: AddressSpaceOverlap"

Advanced notes

Related errors

Official resources & further reading