0

I recently created some new resources with terraform .70 and right after running the apply I run terraform plan again and it says this needs to happen but I haven't made any changes to my main.tf file:

security_groups.#: "0" => "1" (forces new resource)
security_groups.2319596366: "" => "sg-8a7679ec" (forces new resource)

I ran terraform apply again (on a test instance) just to see what it would do and it terminates my original AWS ec2 instance server and creates a new one (good thing I didn't do this in production)...

Is this a bug or am I doing something wrong?

big tone
  • 31
  • 6
  • Terraform thinks you've attached a new security group to your instance in terraform. Did You? – James Woolfenden Aug 22 '16 at 18:32
  • Nope it has been like that for years. I believe aws changed how they did things which introduced a bug in terraform. If you read my post you can see I did a plan right after the apply without making changes... – big tone Aug 23 '16 at 14:44

2 Answers2

3

The behaviour of the security_groups attribute (intended for use with non-vpc, classic EC2 security groups) was changed in version 0.6.15, it no longer works properly when used with VPC security groups. You likely need to use the vpc_security_group_ids attribute instead.

Shorn
  • 19,077
  • 15
  • 90
  • 168
1

Looks like .70 fixed a bug with security groups and now I have to specify security groups with vpc_security_group_ids. I replaced security_groups with vpc_security_group_ids and it is not showing any changes are needed now.

big tone
  • 31
  • 6