Terraform: vpc_security_group_ids doesn't work for update procedure

Created on 18 Nov 2016  ยท  7Comments  ยท  Source: hashicorp/terraform

Hey there,

We found the following issue: after updating vpc_security_group_ids for any existing EC2 instance, Terraform can't set all security groups, e.g. if we would like to attach 2 security groups to EC2 instance, only 1 will be attached and will change on each Terraform run. If we don't update security groups for any existing EC2 instance, then everything is provisioned correctly - Terraform correctly detects security groups assigned to EC2 instances. EC2 instances are set up in other than default VPC.

Terraform Version

Terraform v0.7.10

Affected Resource(s)

  • vpc_security_group_ids (provider/aws)

Steps to Reproduce

For us, the issue is reproducible on each EC2 instance, but please comment if you have any troubles with reproducing it.

Temporary hotfix

Setup correct security groups for EC2 instances by AWS console.

bug provideaws
Source
picture natalia-hw
👍1

Most helpful comment

Closed via #11025 - apologies to all for the issue! This will be released in Terraform 0.8.3

picture stack72 on 4 Jan 2017
👍3

All 7 comments

I've encountered the same buggy behaviour when updating the vpc_security_group_ids parameter of a aws_redshift_cluster resource.

The initial create is fine, but when I alter the vpc_security_group_idslist terraform plan sees the change (that it needs to add additional entries) correctly and terraform apply says it applied the change correctly, but looking at the result in the console, there's been no changes applied. If I run terraform plan again immediately after the apply, the proposed change from before is right back there.

I'm not sure about OP, but in my case I have a few seemingly-unrelated things set up for ignore_changes - final_snapshot_identifier and master_password. Maybe this is related to https://github.com/hashicorp/terraform/pull/9791?

I'm seeing this behaviour on Terraform v0.7.11.

dlanger picture dlanger on 22 Nov 2016
👍1

Having the same issue with v0.7.11 to v0.8

vic3lord picture vic3lord on 15 Dec 2016

Still valid on v0.8.2

vic3lord picture vic3lord on 26 Dec 2016

I've opened the PR https://github.com/hashicorp/terraform/pull/11025 to fix this issue

ddcprg picture ddcprg on 4 Jan 2017

Closed via #11025 - apologies to all for the issue! This will be released in Terraform 0.8.3

stack72 picture stack72 on 4 Jan 2017
👍3

Confirmed this is fixed for the aws_redshift_cluster case in TF 0.8.4

dlanger picture dlanger on 17 Jan 2017

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 18 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

FlorinAndrei picture FlorinAndrei  ยท  61Comments
felnne picture felnne  ยท  133Comments
oillio picture oillio  ยท  78Comments
lukehoersten picture lukehoersten  ยท  151Comments
glenjamin picture glenjamin  ยท  112Comments