Terraform AWS The security group does not exist when it does exists

Question

I have a security group with name "basic connectivity" on my AWS.

I wrote a Terraform script to create an AWS instance but it states that the Security group does not exists when it actually does exist in the same Default VPC and region.

The part where it fails is here:

resource "aws_default_vpc" "default" {

  tags = {
    Name = "Default VPC"
  }
}

resource "aws_subnet" "subnet_olympus" {
  vpc_id            = aws_default_vpc.default.id
  cidr_block        = "172.31.150.0/24"
}

resource "aws_network_interface" "nint_olympus" {

  subnet_id   = aws_subnet.subnet_olympus.id
  private_ips = ["172.31.150.100"]

  security_groups = ["sg-09ef716b3eb847691"]

}

Can someone please help me ?

Answer 1

In case someone finds this thread like I did, the only thing that worked for me was providing the name of the SG instead of the ID:

setting {
  namespace   = "aws:autoscaling:launchconfiguration"
  name        = "SecurityGroups"
  # value     = "sg-xxxxxxxxxxxxxxxxx" # <- kept claiming it didnt exist
  value       = "name-of-security-group" # <- worked immediately
}

The weird part is, which I still don't understand, is that even grabbing the SG via data claimed it didn't exist:

data "aws_security_groups" "custom_sg" {
  filter {
    name = "group-id"
    values = ["sg-xxxxxxxxxxxxx"]
  }
}

...

setting {
  namespace   = "aws:autoscaling:launchconfiguration"
  name        = "SecurityGroups"
  # STILL claimed it didn't exist, even though the value from "plan" was correct
  # proving that it had pulled it correctly
  value       = data.aws_security_groups.custom_sg.ids[0]
}

Answer 2

You can try pointing to the Security Group using the syntax below:

security_groups = [ "${aws_security_group.YOUR-SECURITY-GROUP-NAME.name}" ] or security_groups = [ "${aws_security_group.YOUR-SECURITY-GROUP-NAME.id}" ]

Answer 3

Can you try passing those sg ids via a data source Datasource SG