Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

aws_security_group: ingress w/ security_groups or self=true doesn't work #1600

Closed
radeksimko opened this issue Apr 20, 2015 · 7 comments · Fixed by #1612
Closed

aws_security_group: ingress w/ security_groups or self=true doesn't work #1600

radeksimko opened this issue Apr 20, 2015 · 7 comments · Fixed by #1612

Comments

@radeksimko
Copy link
Member

How to replicate

Code

resource "aws_vpc" "default" {
  cidr_block = "10.10.0.0/16"
}

resource "aws_subnet" "public" {
  vpc_id = "${aws_vpc.default.id}"
  cidr_block = "10.10.1.0/24"
  availability_zone = "us-east-1c"
}

resource "aws_security_group" "etcd-self" {
  name = "etcd-self"
  description = "Yada yada"
  vpc_id = "${aws_vpc.default.id}"

  ingress {
    protocol = "tcp"
    from_port = 4001
    to_port = 4001
    self = true
  }
}

or replace the last resource with following two (same effect):

resource "aws_security_group" "etcd-self" {
  name = "etcd-self"
  description = "Yada yada"
  vpc_id = "${aws_vpc.default.id}"

  ingress {
    protocol = "tcp"
    from_port = 4001
    to_port = 4001
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_security_group" "compute" {
  name = "compute"
  description = "Yada yada"
  vpc_id = "${aws_vpc.default.id}"

  ingress {
    protocol = "tcp"
    from_port = 4001
    to_port = 4001
    security_groups = ["${aws_security_group.etcd-self.id}"]
  }
}

terraform apply

aws_security_group.etcd-self: Error: 1 error(s) occurred:

* Error authorizing security group ingress rules: InvalidParameterValue: exactly one of remote-security-group, remote-ip-range, or prefix-list-id must be present

Tested on a build from yesterday (1c0f2f1).

cc @catsby

@mikkoc
Copy link

mikkoc commented Apr 21, 2015

We're getting the same issue with 0.4.2. We can't create a SG that references another SG resources within the terraform stack.
Even hardcoding the SG ID (i.e.: ["sg-123abc"] ) results in the same error.

@nevins-b
Copy link
Contributor

Ran into this as well, not sure if it's an issue with terraform or an upstream issue with the AWS SDK

@catsby
Copy link
Contributor

catsby commented Apr 21, 2015

Thanks for the mention @radeksimko ; I'm taking a look now.

@catsby
Copy link
Contributor

catsby commented Apr 21, 2015

Should be fixed in #1612, which I just merged. Let me know if you still are hitting this

@radeksimko
Copy link
Member Author

This now works like a charm, thanks for the fix @catsby !

@catsby
Copy link
Contributor

catsby commented Apr 21, 2015

np, thanks for opening the issue

@ghost
Copy link

ghost commented May 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators May 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants