search

terraform-aws-modules / terraform-aws-vpc

Terraform module to create AWS VPC resources 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws
Apache License 2.0
2.99k stars 4.44k forks source link

Module v5.0.0 wants to append `-default` to the default SG name, even if a name is set. #945

Closed bfqrst closed 1 year ago

bfqrst commented 1 year ago

Description

In v5.0.0 the terraform plan wants to append a -default to the name, even if a name is set.

⚠️ Note

Before you submit an issue, please perform the following first:

  1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
  2. Re-initialize the project root to pull down modules: terraform init
  3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

Reproduction Code [Required]

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "5.0.0"

  name = upper(join("-", ["default", "vpc"]))

  enable_dns_hostnames = true
  enable_ipv6          = false

  enable_flow_log                      = true
  create_flow_log_cloudwatch_log_group = true
  create_flow_log_cloudwatch_iam_role  = true

  manage_default_security_group  = true
  manage_default_network_acl     = false
  manage_default_route_table     = false
  default_security_group_ingress = []
  default_security_group_egress  = []

  cidr            = var.cidr_block
  azs             = var.azs
  private_subnets = var.private_subnets
}

Steps to reproduce the behavior:

Expected behavior

I expect the given name to be respected. In the full example this is set via a locals var.

Actual behavior

The terraform plan wants to append -default to the name.

Terminal Output Screenshot(s)

# module.vpc.aws_default_security_group.this[0] will be updated in-place
  ~ resource "aws_default_security_group" "this" {
        id                     = "sg-0cf4b817082f91079"
        name                   = "default"
      ~ tags                   = {
          ~ "Name" = "DEFAULT-VPC" -> "DEFAULT-VPC-default"
        }
      ~ tags_all               = {
          ~ "Name"              = "DEFAULT-VPC" -> "DEFAULT-VPC-default"
            # (4 unchanged elements hidden)
        }
        # (7 unchanged attributes hidden)
    }

Additional context

bryantbiggs commented 1 year ago

if default_security_group_name is not provided, it uses the pattern "${var.name}-default" to signify that its the default SG of the var.name VPC

https://github.com/terraform-aws-modules/terraform-aws-vpc/blob/26c38a66f12e7c6c93b6a2ba127ad68981a48671/main.tf#LL1246C44-L1246C44

bfqrst commented 1 year ago

Ah, cheers @bryantbiggs , I overlooked default_security_group_name. Sorry for the noise.

bryantbiggs commented 1 year ago

No worries at all!

github-actions[bot] commented 1 year ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.