I'm creating a Security group using terraform, and when I'm running terraform plan. It is giving me an error like some fields are required, and all those fields are optional.
Terraform Version: v1.0.5
AWS Provider version: v3.57.0
main.tf
resource "aws_security_group" "sg_oregon" {
name = "tf-sg"
description = "Allow web traffics"
vpc_id = aws_vpc.vpc_terraform.id
ingress = [
{
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
},
{
description = "HTTPS"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
},
{
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
]
egress = [
{
description = "for all outgoing traffics"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
]
tags = {
Name = "sg-for-subnet"
}
}
error in console
│ Inappropriate value for attribute "ingress": element 0: attributes "ipv6_cidr_blocks", "prefix_list_ids", "security_groups", and "self" are required.
│ Inappropriate value for attribute "egress": element 0: attributes "prefix_list_ids", "security_groups", and "self" are required.
I'm following this doc: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group
Any help would be appreciated.
Terraform currently provides both a standalone Security Group Rule resource (a single ingress or egress rule), and a Security Group resource with ingress and egress rules defined in-line. At this time you cannot use a Security Group with in-line rules in conjunction with any Security Group Rule resources. Doing so will cause a conflict of rule ...
Terraform 0.11 has a limitation which does not allow computed values inside count attribute on resources (issues: #16712, #18015, …) Computed values are values provided as outputs from module. Non-computed values are all others - static values, values referenced as variable and from data-sources.
This module aims to implement ALL combinations of arguments supported by AWS and latest stable version of Terraform: VPC endpoint prefix lists (use data source aws_prefix_list) Named groups of rules with ingress (inbound) and egress (outbound) ports open for common scenarios (eg, ssh, http-80, mysql, see the whole list here)
For Terraform 0.13 or later use any version from v4.5.0 of this module or newer. For Terraform 0.12 use any version from v3.* to v4.4.0. If you are using Terraform 0.11 you can use versions v2.*. There are two ways to create security groups using this module:
Since you are using Attributes as Blocks you have to provide values for all options:
resource "aws_security_group" "sg_oregon" {
name = "tf-sg"
description = "Allow web traffics"
vpc_id = aws_vpc.vpc_terraform.id
ingress = [
{
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = []
prefix_list_ids = []
security_groups = []
self = false
},
{
description = "HTTPS"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = []
prefix_list_ids = []
security_groups = []
self = false
},
{
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = []
prefix_list_ids = []
security_groups = []
self = false
}
]
egress = [
{
description = "for all outgoing traffics"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
prefix_list_ids = []
security_groups = []
self = false
}
]
tags = {
Name = "sg-for-subnet"
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With