Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Remove prefix_list_ids attribute from *_with_self resouces #324

Closed
wants to merge 1 commit into from
Closed

fix: Remove prefix_list_ids attribute from *_with_self resouces #324

wants to merge 1 commit into from

Commits on Jul 4, 2024

  1. Remove prefix_list_ids attribute from *_with_self resouces 

    `aws_security_group_rule` with both `self = true` and non-empty `prefix_list_ids` generates multiple (# of self + # of prefix_list_ids) rules for self and each prefix_list_ids, for example,

```terraform
resource "aws_security_group_rule" "ingress_with_self" {
  security_group_id = local.this_sg_id
  type              = "ingress"

  self            = true
  prefix_list_ids = ["id1", "id2"]
  description     = "sample"

  from_port = -1
  to_port   = -1
  protocol  = "-1"
}
```

then we get the rules **not only** allow all-all from self SG, **but also**  allow all-all from prefix-list `id1` and allow all-all from prefix-list `id2`.
I think this is unexpected result, `ingress_with_self` itself should only add rule to allow self SG, so remove `prefix_list_ids` attribute from `*_with_self` resouces.
    SSW-SCIENTIFIC committed Jul 4, 2024
    Configuration menu
    Copy the full SHA
    12117b0 View commit details
    Browse the repository at this point in the history