Default cidr blocks to empty list

cloudposse / terraform-aws-security-group

Terraform module to provision an AWS Security Group

https://cloudposse.com/accelerate

Apache License 2.0

36 stars 35 forks source link

Default cidr blocks to empty list #28

Closed nitrocode closed 2 years ago

nitrocode commented 2 years ago

what

Default cidr blocks to empty list

why

Otherwise on each plan, this is shown for each sg rule

  # module.msk_cluster.module.broker_security_group.aws_security_group_rule.keyed["_m[0]#tls#sg#0"] has been changed
  ~ resource "aws_security_group_rule" "keyed" {
      + cidr_blocks              = []
        id                       = "sgrule-snip"
      + ipv6_cidr_blocks         = []
        # (9 unchanged attributes hidden)
    }

references

N/A

nitrocode commented 2 years ago

/test all

mergify[bot] commented 2 years ago

This pull request is now in conflict. Could you fix it @nitrocode? 🙏

Nuru commented 2 years ago

Closing because this plan drift is a provider issue and is not possible to solve because you cannot supply both cidr_block and ipv6_cidr_block at the same time, even if either or both of them are empty lists.