Super Kai - Kazuya Ito
Reputation: 1
Add a Security Group to the Inbound Rule of another Security Group as a Source with Terraform (AWS)
I couldn't add the security group "sg0" to the inbound rule of another security group "sg1" as a source with Terraform. (I use Terraform v0.15.4)
This is the code I tried:
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
security_groups = [aws_security_group.sg0]
protocol = "tcp"
}
..........
}
But I got the error below:
Error: Incorrect attribute value type
│
│ on main.tf line 235, in resource "aws_security_group" "sg1":
│ 235: security_groups = [aws_security_group.sg0]
│ ├────────────────
│ │ aws_security_group.sg0 is object with 13 attributes
│
│ Inappropriate value for attribute "security_groups": element 0: string required.
I want to get the same result as the below which I did manually without Terraform. How can I do this?
Upvotes: 0
Views: 3431
Answers (2)
Super Kai - Kazuya Ito
Reputation: 1
You need to add the security group id of "sg0" to the inbound rule of "sg1" as a source. So you need to add only .id after aws_security_group.sg0 like below.
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
security_groups = [aws_security_group.sg0.id] # Add .id here!!
protocol = "tcp"
}
..........
}
Upvotes: 2
Bunty
Reputation: 21
Update your security group sg1 configuration with either of below changes,
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
source_security_group_id = aws_security_group.sg0.id
protocol = "tcp"
}
..........
}
[OR]
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
type = ingress
from_port = 5432
to_port = 5432
source_security_group_id = aws_security_group.sg0.id
security_group_id = aws_security_group.sg01.id
protocol = "tcp"
..........
}
Upvotes: 0
Related Questions
- aws_security_group - conditional ingress
- Allow access to one AWS security group to another using terraform
- How to create security group ingress dynamically in terraform
- Add an aws_security_group_rule that contains self and a security group id to a security group
- Terraform: Allow all internal traffic inside aws security group
- Terraform: create resource(aws_security_group) successfully but it takes ingress/egress rules from all given security groups
- Use existing AWS security group in terraform
- Can you tag inbound Name on inbound rules on an AWS security group using terraform?
- How to append or delete the ingress/egress rule for a security group using Terraform?
- How to attach a security group to aws instance in terraform