Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow_all_egress conflicts with source_security_group_id #75

Open
karaluh opened this issue Oct 28, 2024 · 0 comments
Open

allow_all_egress conflicts with source_security_group_id #75

karaluh opened this issue Oct 28, 2024 · 0 comments
Labels
bug 🐛 An issue with the system

Comments

@karaluh
Copy link

karaluh commented Oct 28, 2024

Describe the Bug

When setting allow_all_egress to true and using source_security_group_id in rules list, TF plan fails with

│ Error: Inconsistent conditional result types
│
│   on .terraform\modules\sg\main.tf line 197, in resource "aws_security_group_rule" "keyed":
│  197:   for_each = local.rule_create_before_destroy ? local.keyed_resource_rules : {}
│     ├────────────────
│     │ local.keyed_resource_rules is object with 2 attributes
│
│ The true result value has the wrong type: attribute types must all match for conversion to map.

That's because source_security_group_id in local.allow_egress_rule is set to null instead of []
https://github.com/cloudposse/terraform-aws-security-group/blob/main/normalize.tf#L73

Expected Behavior

TF plan finishes without an error when using both: allow_all_egress** to true and using source_security_group_id in rules list

Steps to Reproduce

TF plan the following code:

module "sg" {
  source  = "cloudposse/security-group/aws"
  version = "2.2.0"

  allow_all_egress = true

  rules = [{
    source_security_group_id = ["nevermind"]

    type      = "ingress"
    protocol  = "tcp"
    from_port = 0
    to_port   = 0
  }]

  vpc_id = "nevermind"
}

Screenshots

No response

Environment

No response

Additional Context

No response

@karaluh karaluh added the bug 🐛 An issue with the system label Oct 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug 🐛 An issue with the system
Projects
None yet
Development

No branches or pull requests

1 participant