Thread
#aws
    b

    breezy-laptop-42679

    1 month ago
    const allowPostgresSgRule =
          env === 'prod' &&
          tfCCCRdsPostgresSg &&
          new aws.ec2.SecurityGroupRule('ccc-postgres-access-rule', {
            type: 'ingress',
            fromPort: 5432,
            toPort: 5432,
            protocol: 'tcp',
            sourceSecurityGroupId: sg.id,
            securityGroupId: tfCCCRdsPostgresSg.id,
          });
       // NOTE: Sunguard GP VPN
       const allowLocalAccessGPSgRule = new aws.ec2.SecurityGroupRule('allow-gp-access-rule', {
        type: 'ingress',
        fromPort: 5432,
        toPort: 5432,
        protocol: 'tcp',
        cidrBlocks: ['XXX.XX.0.0/19'],
        securityGroupId: XXXXXRdsPostgresSg.id,
      });
      // NOTE: Bethpage GP VPN
      const allowLocalAccessGPBPSgRule = new aws.ec2.SecurityGroupRule('allow-gp-bp-access-rule', {
        type: 'ingress',
        fromPort: 5432,
        toPort: 5432,
        protocol: 'tcp',
        cidrBlocks: ['XXX.XX.X.0/24'],
        securityGroupId: XXXXRdsPostgresSg.id,
      });
    l

    little-cartoon-10569

    1 month ago
    Are you saying that when you use
    allowPostgresSgRule
    later, its value is possibly undefined? Because it is. You're conditionally creating it.
    If env isn't
    prod
    or tfCCCRdsPostgresSg is falsy, then allowPostgresSgRule will be undefined.
    Can I suggest changing that to use more traditional if-statements? Or maybe just not make it conditional? SGs are free, just make it no matter what.