While importing an existing resource-set to this module, if the SG had a different name, it will try to destroy the security group while attached to the cluster instances. The lifecycle optin will first create a new one, apply the change to the cluster and then destroy the unused SG.
references
AWS doesn't allow security group to be renamed, Terraform will try to destroy and re-create it, it won't catch the error but will timeout trying to destroy a security group with attached interfaces.
Gowiem
commented
2 years ago
what
Added a lifecycle to the security group.
why
While importing an existing resource-set to this module, if the SG had a different name, it will try to destroy the security group while attached to the cluster instances. The lifecycle optin will first create a new one, apply the change to the cluster and then destroy the unused SG.
references
AWS doesn't allow security group to be renamed, Terraform will try to destroy and re-create it, it won't catch the error but will timeout trying to destroy a security group with attached interfaces.