👀 Views: 84 💬 Answers: 1 📅 Created: 2025-06-11

terraform aws security-groups HCL

I'm trying to configure I'm trying to set up a Terraform configuration that creates multiple subnets within an AWS VPC, but I'm working with issues with the default security group that comes with the VPC... The goal is to allow incoming traffic on specific ports from different subnets, but every time I apply the configuration, I encounter the behavior `behavior: InvalidSecurityGroup: The security group 'sg-0123456789abcdef0' does not exist`. I've defined the subnets and the default security group like this: ```hcl resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "subnet_a" { vpc_id = aws_vpc.main.id cidr_block = "10.0.1.0/24" availability_zone = "us-west-2a" } resource "aws_subnet" "subnet_b" { vpc_id = aws_vpc.main.id cidr_block = "10.0.2.0/24" availability_zone = "us-west-2b" } resource "aws_security_group" "default" { vpc_id = aws_vpc.main.id } resource "aws_security_group_rule" "allow_http" { type = "ingress" from_port = 80 to_port = 80 protocol = "tcp" security_group_id = aws_security_group.default.id cidr_blocks = [aws_subnet.subnet_a.cidr_block, aws_subnet.subnet_b.cidr_block] } ``` When I run `terraform apply`, it seems like the security group is not being created or recognized correctly. I've checked the AWS console, and I can see the security group is indeed created, but somehow Terraform is unable to reference it. I've verified the AWS provider version in my configuration: ```hcl provider "aws" { region = "us-west-2" version = "~> 3.50" } ``` I've tried adding explicit dependencies using `depends_on` for the security group rule, but it hasn't resolved the scenario. Is there a recommended way to manage security groups in Terraform when creating resources that depend on those groups? Any advice would be greatly appreciated. For reference, this is a production CLI tool. Thanks, I really appreciate it!