Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Point to Point Security Group configuration results in circular dependency #1326

Closed
wazoo opened this issue Mar 27, 2015 · 4 comments
Closed

Point to Point Security Group configuration results in circular dependency #1326

wazoo opened this issue Mar 27, 2015 · 4 comments

Comments

@wazoo
Copy link

wazoo commented Mar 27, 2015

When configuring two SG as follows:

resource "aws_security_group" "sgr_test_lb" {
  name        = "sgr-test-lb"
  vpc_id      = "<vpc>"
  description = "SG For Test LB"
  ingress {
    from_port       = "80"
    to_port         = "80"
    protocol        = "http"
    security_groups = ["${aws_security_group.sgr_test_nodes.id}"]
  }
  egress {
    from_port       = "443"
    to_port         = "443"
    protocol        = "tcp"
    cidr_blocks     =  ["0.0.0.0/0"]
  }
}
resource "aws_security_group" "sgr_test_nodes" {
  name = "sgr-test-nodes"
  description = "SG For Test Nodes"
  vpc_id      = "<vpc>"
  ingress {
    from_port       = "80"
    to_port         = "80"
    protocol        = "http"
    security_groups = ["${aws_security_group.sgr_test_lb.id}"]
  }
  egress  {
    from_port       = "80"
    to_port         = "80"
    protocol        = "http"
    security_groups = ["${aws_security_group.sgr_test_lb.id}"]
  }
}

This results in a circular dependency in the graph:

Error configuring: The dependency graph is not valid:

* Cycle: aws_security_group.sgr_test_nodes -> aws_security_group.sgr_test_lb

I understand why this is happening from a graph perspective but this is a pretty common configuration and I would think that TF could figure out to create both groups first then adjust their rules. Thoughts?
@xcoderzach
Copy link

I think this is a dupe of #539.

I got around this by specifying the ingress and egress of one of my security groups as a cidr block to break the cycle, which is an unfortunate hack.

@mitchellh
Copy link
Contributor

Agreed, dup of #539.

@wazoo
Copy link
Author

wazoo commented Mar 30, 2015

Ah damn, I tried to search but I couldn't figure out what to call it. I like the solution in that bug, awesome work guys.

@wazoo wazoo mentioned this issue Apr 27, 2015
Closed
@ghost
Copy link

ghost commented May 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators May 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mitchellh @xcoderzach @wazoo