Terraform: Unable to create instance with VPC using vpc_security_group_ids

Created on 7 Mar 2016 · 6Comments · Source: hashicorp/terraform

Hi,

I created a new VPC in AWS (non-default) and used it:

resource "aws_instance" "prov-node" {
    ami = "ami-ad8894c1"
    key_name = "${var.aws_keypair}"
    vpc_security_group_ids = ["vpc-b0720bd9"]
    availability_zone = "eu-central-1a"
    instance_type = "m3.large"
    tags {
      Name = "Chef Provisioning Node"

      }
      provisioner "remote-exec" {
        inline = [
          "sudo apt-get -y update",
          "sudo apt-get -y install nginx",
          "sudo service nginx start"
        ]
      }
}

It always fails with:

* aws_instance.prov-node: Error launching instance, possible mismatch of Security Group IDs and Names. See AWS Instance docs here: https://terraform.io/docs/providers/aws/r/instance.html.

    AWS Error: Value () for parameter groupId is invalid. The value cannot be empty

I´m using Terraform v0.6.12 and the VPC is created in AWS:

chef
vpc-b0720bd9
available
172.16.0.0/20
dopt-e8e40a81
rtb-91155cf8
acl-e1e4a888
Default
No

Am I missing something?

provideaws question

Source

cjohannsen81

Most helpful comment

Also you'll need to specify the subnet_id and use subnet which is part of that VPC, otherwise default VPC is used.

radeksimko on 7 Mar 2016

❤1 👍1

All 6 comments

Hi @cjohannsen81
I think this is the causing the problem:

vpc_security_group_ids = ["vpc-b0720bd9"]

the field expects group IDs, not VPC IDs.

Feel free to reopen if you're still having issues.

radeksimko on 7 Mar 2016

Also you'll need to specify the subnet_id and use subnet which is part of that VPC, otherwise default VPC is used.

radeksimko on 7 Mar 2016

❤1 👍1

Urgh, my fault! Thanks!

cjohannsen81 on 7 Mar 2016

this is not working for me.

resource "aws_instance" "JumpBox" {
ami = "${data.aws_ami.jenkins.id}"
instance_type = "t2.micro"
subnet_id = "${aws_subnet.public_subnet.id}"
vpc_security_group_ids = ["${aws_security_group.public_ssh_sg.id}"]

}

when i run Terraform Plan, The vps_security_group_ids shows not show the sg id i am setting instead displays

aws_instance.JumpBox
ami: "ami-700f8913"
associate_public_ip_address: ""
availability_zone: ""
ebs_block_device.#: ""
ephemeral_block_device.#: ""
instance_state: ""
instance_type: "t2.micro"
ipv6_address_count: ""
ipv6_addresses.#: ""
key_name: ""
network_interface.#: ""
network_interface_id: ""
placement_group: ""
primary_network_interface_id: ""
private_dns: ""
private_ip: ""
public_dns: ""
public_ip: ""
root_block_device.#: ""
security_groups.#: ""
source_dest_check: "true"
subnet_id: "${aws_subnet.public_subnet.id}"
tenancy: ""
volume_tags.%: ""
vpc_security_group_ids.#: ""

manjunath6681 on 29 May 2017

Hi, I have come across the exact same issue. My error message after running terraform apply in the above context is:

aws_instance.mongo: Error launching source instance: InvalidGroup.NotFound: The security group 'my_security_group' does not exist in VPC 'vpc-7ef73604'
status code: 400, request id: df1b098a-2474-478f-a44e-9e0792582fa3

I though see on AWS console that my security group is associated with my VPC under the "security group" link.

Will appreciate any help.
Thanks.

Suj

sujoy-chatterjee on 23 Jul 2018

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.