There has been a long-standing issue with aws_security_group that dynamic inline rules could not be removed. This has been fixed in v5.8.0 of the AWS Terraform provider, but needs an implementation change in this module to be effective.
Although inline rules are deprecated in general, the implementation change is easy enough that we should do it.
Expected Behavior
When supplying inline rules in one deployment and then removing all the inline rules in the next deployment, the inline rules should be removed.
Use Case
Migrating inline rules to the newer, recommended separate security group rule resources, is only possible if the inline rules can be removed. Currently, as implemented in this module, the inline rules cannot be removed.
Describe the Feature
There has been a long-standing issue with
aws_security_groupthat dynamic inline rules could not be removed. This has been fixed in v5.8.0 of the AWS Terraform provider, but needs an implementation change in this module to be effective.Although inline rules are deprecated in general, the implementation change is easy enough that we should do it.
Expected Behavior
When supplying inline rules in one deployment and then removing all the inline rules in the next deployment, the inline rules should be removed.
Use Case
Migrating inline rules to the newer, recommended separate security group rule resources, is only possible if the inline rules can be removed. Currently, as implemented in this module, the inline rules cannot be removed.
Describe Ideal Solution
Use Arbitrary Expressions with Argument Syntax instead of dynamic blocks to manage the inline rules, so that providing an empty list removes the rules.
Alternatives Considered
No response
Additional Context
No response