Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error authorizing security group rule type ingress: InvalidGroup.NotFound #23499

Closed
jeroen-nijssen opened this issue Nov 26, 2019 · 2 comments
Closed

Error authorizing security group rule type ingress: InvalidGroup.NotFound #23499

jeroen-nijssen opened this issue Nov 26, 2019 · 2 comments

Comments

@jeroen-nijssen
Copy link

Terraform Version

Terraform v0.12.3

Terraform Configuration Files

data "aws_security_group" "Bastions" {
name  = "random_name"
}

resource "aws_security_group" "SecurityGroup1" {
  vpc_id = "someVPC_ID"
}


resource "aws_security_group_rule" "Internal_RDP" {
  type            = "ingress"
  from_port       = 3389
  to_port         = 3389
  protocol        = "6"
  prefix_list_ids = ["${data.aws_security_group.Bastions.id}"]
  description     = "Internal RDP"

  security_group_id = "${aws_security_group.SecurityGroup1.id}"
}

Expected Behavior

Adding the sg as an ingress rule to the security group

Actual Behavior

Error: Error authorizing security group rule type ingress: InvalidGroup.NotFound: The security group 'sg-0d9f834XXXXXXX820' does not exist
status code: 400, request id: 35eb0f74-f0a8-47ed-ad79-3217f366b556

on ......\deploy-resource-module\securitygroupbastion\SecurityGroup.tf line 39, in resource "aws_security_group_rule" "Internal_RDP":
39: resource "aws_security_group_rule" "Internal_RDP" {

Steps to Reproduce

  1. terraform init
  2. terraform apply

Additional Context

When trying to execute it via API it is working:

aws ec2 authorize-security-group-ingress --group-id sg-xxxx--protocol all --port 0 --source-group sg-xxxx

References

#5464
#1261
@jeroen-nijssen
Copy link
Author

Just after opening this issue i found that i was using the wrong parameters:
fixed it by change prefix_list_ids to source_security_group_id.

Code

The updated code looks like:

data "aws_security_group" "Bastions" {
name  = "random_name"
}

resource "aws_security_group" "SecurityGroup1" {
  vpc_id = "someVPC_ID"
}


resource "aws_security_group_rule" "Internal_RDP" {
  type            = "ingress"
  from_port       = 3389
  to_port         = 3389
  protocol        = "6"
  source_security_group_id = "${data.aws_security_group.Bastions.id}"
  description     = "Internal RDP"

  security_group_id = "${aws_security_group.SecurityGroup1.id}"
}

@ghost
Copy link

ghost commented Mar 28, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Mar 28, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jeroen-nijssen