security_group :outbound_rule_count showing an additional rule

[glasswalk3r]

I used security_group resource type property :outbound_rule_count on a Security Group with a single egress rule and got a count of 2 instead of 1.

I did a test with the Ruby SDK and indeed the value returned is a single rule:

    ip_permissions_egress=
     [#<struct Aws::EC2::Types::IpPermission
       from_port=nil,
       ip_protocol="-1",
       ip_ranges=[#<struct Aws::EC2::Types::IpRange cidr_ip="0.0.0.0/0", description=nil>],
       ipv_6_ranges=[],
       prefix_list_ids=[],
       to_port=nil,
       user_id_group_pairs=
        [#<struct Aws::EC2::Types::UserIdGroupPair
          description=nil,
          group_id="sg-0b78dc8XXXXXXX",
          group_name=nil,
          peering_status=nil,
          user_id="123456789",
          vpc_id=nil,
          vpc_peering_connection_id=nil>]>],
    tags=
     [#<struct Aws::EC2::Types::Tag key="Created_by", value="terraform">,

I redacted the partial output, but that's it.

[carolinebeauchamp]

Because you've got both an ip_range and a user_id_group_pair in there, that counts as two rules - if you look on the AWS console, you'll see the egress rules listed on two separate lines.

[glasswalk3r]

Your right @carolinebeauchamp , shame on me for not noticing it earlier. Thanks!