search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.6k stars 9.54k forks source link

Self-referencing aws_security_group causes Cycle #338

Closed pmoust closed 10 years ago

pmoust commented 10 years ago

I need to self-reference an aws_security_group in the ingress block like so:

resource "aws_security_group" "supertasker_mongo_staging" {
    name        = "supertasker_mongo_staging"
    description = "SuperTasker MongoDB (staging)"

    ingress {
        from_port   = 27017
        to_port     = 27017
        protocol    = "tcp"
        vpc_id      = "${var.supertasker_vpc.id}"
        security_groups = ["${aws_security_group.supertasker_mongo_staging.id}", "${aws_security_group.supertasker_helper.id}"]
    }
}

Result is :

Error configuring: The dependency graph is not valid:

* Cycle: aws_security_group.supertasker_mongo_staging

My expected result in the background would be to first create the aws_security_group, get its computed id internally, and use if needed.

I could bypass this issue by creating a second security group (accept_from_supertasker_mongo_staging) that accepts connections from supertasker_mongo_staging and appoint both security groups to my Mongos but I find it less elegant.

 ~/pph/pph-iac/supertasker ⮀ ⭠ master  ⮀ terraform -v
Terraform v0.2.3.dev (5152f05d0a4d0a7f21de175269945f79da54cc1d)
flozano commented 10 years ago

See https://github.com/hashicorp/terraform/issues/219 and https://github.com/hashicorp/terraform/issues/167#issuecomment-51740805

mitchellh commented 10 years ago

Dup of #219