Closed thongdong7 closed 4 years ago
Thank you for your contribution!
FYI @int128 this merge broke our use of this Terraform module; we were surprised by that too, given the nature of the change!
Error: Error revoking security group sg-<some code> rules: InvalidPermission.NotFound: The specified rule does not exist in this security group.
Manually editing the security group rules in the AWS console was not sufficient to fix it. After editing them to be for all protocols (not just TCP we saw this):
Error: [WARN] A duplicate Security Group rule was found on (sg-<some code>). This may be
a side effect of a now-fixed Terraform issue causing two security groups with
identical attributes but different source_security_group_ids to overwrite each
other in the state. See https://github.com/hashicorp/terraform/pull/2376 for more
information and instructions for recovery. Error message: the specified rule "peer: <some CIDR>, ALL, ALLOW" already exists
The fix for us was to delete the existing ingress rules, plan and apply. That's OK for us as our NAT is very low traffic, but this fix will not be palatable for all users!
@hcarver Thank you for pointing out the issue! I just released the fixed version. Sorry I didn't test this PR on my environment actually.
To fix issue https://github.com/int128/terraform-aws-nat-instance/issues/20