Closed lcc2207 closed 9 years ago
The cookbook should be idempotent, if you're experiencing issues with idempotency, please submit details about your setup.
I should restate, I can run the cookbook multiple time but, if additional rule are added manually to the security group, these new non-chef managed rules are not removed. Also if I add say a rule for http to 1.2.3.4 in the recipes, but then someone goes to AWS and changes it to 0.0.0.0/0 this rule is not updated it stays at 0.0.0.0/0
ok, so the first bit there is by design. Maybe as a feature enhancement an option could be added to destroy rules that aren't defined by chef. The second part sounds like a bug, I'll need to verify that I see the same behavior.
Confirmed this behavior.
I've created a feature request for the first part of your problem here https://github.com/SearchSpring/aws_security/issues/10
And a bug for the second part https://github.com/SearchSpring/aws_security/issues/9 which should be resolved now.
The security groups don't appear to be idempotent, will this be added in later?