Unable to create instance with VPC using vpc_security_group_ids

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

https://www.terraform.io/

Other

42.6k stars 9.54k forks source link

Unable to create instance with VPC using vpc_security_group_ids #5486

Closed cjohannsen81 closed 8 years ago

cjohannsen81 commented 8 years ago

Hi,

I created a new VPC in AWS (non-default) and used it:

resource "aws_instance" "prov-node" {
    ami = "ami-ad8894c1"
    key_name = "${var.aws_keypair}"
    vpc_security_group_ids = ["vpc-b0720bd9"]
    availability_zone = "eu-central-1a"
    instance_type = "m3.large"
    tags {
      Name = "Chef Provisioning Node"

      }
      provisioner "remote-exec" {
        inline = [
          "sudo apt-get -y update",
          "sudo apt-get -y install nginx",
          "sudo service nginx start"
        ]
      }
}

It always fails with:

* aws_instance.prov-node: Error launching instance, possible mismatch of Security Group IDs and Names. See AWS Instance docs here: https://terraform.io/docs/providers/aws/r/instance.html.

    AWS Error: Value () for parameter groupId is invalid. The value cannot be empty

I´m using Terraform v0.6.12 and the VPC is created in AWS:

chef vpc-b0720bd9 available 172.16.0.0/20 dopt-e8e40a81 rtb-91155cf8 acl-e1e4a888 Default No

Am I missing something?

radeksimko commented 8 years ago

Hi @cjohannsen81 I think this is the causing the problem:

vpc_security_group_ids = ["vpc-b0720bd9"]

the field expects group IDs, not VPC IDs.

Feel free to reopen if you're still having issues.

radeksimko commented 8 years ago

Also you'll need to specify the subnet_id and use subnet which is part of that VPC, otherwise default VPC is used.

cjohannsen81 commented 8 years ago

Urgh, my fault! Thanks!

manjunath6681 commented 7 years ago

this is not working for me.

resource "aws_instance" "JumpBox" { ami = "${data.aws_ami.jenkins.id}" instance_type = "t2.micro" subnet_id = "${aws_subnet.public_subnet.id}" vpc_security_group_ids = ["${aws_security_group.public_ssh_sg.id}"]

}

when i run Terraform Plan, The vps_security_group_ids shows not show the sg id i am setting instead displays

aws_instance.JumpBox ami: "ami-700f8913" associate_public_ip_address: "" availability_zone: "" ebs_block_device.#: "" ephemeral_block_device.#: "" instance_state: "" instance_type: "t2.micro" ipv6_address_count: "" ipv6_addresses.#: "" key_name: "" network_interface.#: "" network_interface_id: "" placement_group: "" primary_network_interface_id: "" private_dns: "" private_ip: "" public_dns: "" public_ip: "" root_block_device.#: "" security_groups.#: "" source_dest_check: "true" subnet_id: "${aws_subnet.public_subnet.id}" tenancy: "" volume_tags.%: "" vpc_security_group_ids.#: ""

sujoy-chatterjee commented 6 years ago

Hi, I have come across the exact same issue. My error message after running terraform apply in the above context is:

aws_instance.mongo: Error launching source instance: InvalidGroup.NotFound: The security group 'my_security_group' does not exist in VPC 'vpc-7ef73604' status code: 400, request id: df1b098a-2474-478f-a44e-9e0792582fa3

I though see on AWS console that my security group is associated with my VPC under the "security group" link.

Will appreciate any help. Thanks.

Suj

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.