1

How do you define multiple Ingress rules in an AWS Security Group with Terraform?

I've tried this:

resource "aws_security_group" "sg_allowall" {
  name = "${var.prefix}-allow"

  ingress {
    from_port   = "443"
    to_port     = "443"
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = "0"
    to_port     = "0"
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_security_group_rule" "ssh_from_office" {
  type            = "ingress"
  from_port       = 22
  to_port         = 22
  protocol        = "tcp"
  cidr_blocks     = ["192.202.168.66/32"]

  security_group_id = "${resource.sg_allowall.id}"
}

but I get the following error:

Error: resource 'aws_security_group_rule.ssh_from_office' config: unknown resource 'resource.sg_allowall' referenced in variable resource.sg_allowall.id
Improve this question

1 Answer 1

Reset to default
2

Two issues here. First, to reference the security group that you created you need to use the corrects syntax:

security_group_id = "${aws_security_group.sg_allowall.id}"

Take a good look at Terraform syntax docs.

Second, it's not recommended to mix inline blocks with standalone security group rules. There's a warning in the docs about that, so maybe take a look at that too.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .