-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A duplicate Security Group rule was found on... #1409
Comments
Is this rule already exists your previous states ? If yes, did you follow the breaking change notes which say you have to rename that resources in your state ? Did you change your CDR list during this upgrade ? |
@barryib Sorry for that, I did not understand properly the breaking changes. I did not change the state as you mention, I thought that it meant something else. I'll try to roll back and try again --- Edit: Still, cant figure out what the issue is. I tried to run this: before the update, and still. I see the same issue. Sorry if I am misunderstanding something |
Did you change your CDR list during this upgrade ? If yes, this probably related to #984 |
No, I did not change it |
Can you please share your plan output after your state manipulation ? |
16.2.0 after state change:
(I did not run apply here) Output after updating module to 17.0.2 and doing terraform init
Here is where it fails if I apply |
Do these conflict?
cidr_blocks = var.cluster_endpoint_private_access_cidrs Shouldn't second snippet be removed? |
You're absolutely right. This was introduced during the merge conflict resolution. |
@jaimehrubiks can you please review this #1412 ? |
All good now, completes without issue Feel free to merge. Thanks :) PD: I tested both with and without issuing the terraform mv command. Both ways work. Without the mv, the rule is deleted and re-created on a different state name, but for me it is not an issue (it may cause a millisecond downtime to the api ?) |
Yep, or sometime more. Thanks @jaimehrubiks for your help. |
v17.0.3 is released |
I am still having the same issue with EKS version 17.1.0.
|
Hi everyone, for those having the same issue, please check your state file. These problems are often created by infection of create_before_destroy resources. Check where your security group is referenced in your state file dependencies (it might surprise you). Something in your module stack has create_before_destroy to true. The create_before_destroy lifecycle override can have far-reaching "infection" on loosely-related resources, see: https://github.com/hashicorp/terraform/blob/main/docs/destroying.md#create-before-destroy |
hi @technotaff-nbs , can you elaborate more about how this can contribute to the issue? I'm using tf1.0 with EKS module 17. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Description
This commit is causing me the following issue:
Versions
module version 17.0.2
Terraform v0.14.11
Reproduction
Following config in a previous version (i.e. 16):
cluster_endpoint_public_access = false
cluster_endpoint_private_access = true
cluster_endpoint_private_access_cidrs = local.cluster_endpoint_private_access_cidrs
cluster_create_endpoint_private_access_sg_rule = true
the cidrs variable is a list of those 3 cidrs shown at the top of the issue.
Then, update to this module version 17
The text was updated successfully, but these errors were encountered: