Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
l
limited-pager-46264
02/16/2021, 11:44 AMI created a SG rule as below, which was successful:
example = aws.ec2.SecurityGroupRule(
"example",
type="ingress",
from_port=443,
to_port=443,
protocol="tcp",
cidr_blocks=["1.1.1.1/32"],
security_group_id=allow_tls.id,
opts=pulumi.ResourceOptions(parent=allow_tls))example = aws.ec2.SecurityGroupRule(
"example",
type="ingress",
from_port=443,
to_port=443,
protocol="tcp",
cidr_blocks=["1.1.1.1/32","2.2.2.2/32"],
security_group_id=allow_tls.id,
opts=pulumi.ResourceOptions(parent=allow_tls))Previewing update (test):
~ pulumi:pulumi:Stack: (refresh)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
+-aws:ec2/securityGroupRule:SecurityGroupRule: (replace)
[id=sgrule-3919269017]
[urn=urn:pulumi:test::Experiment::aws:ec2/securityGroup:SecurityGroup$aws:ec2/securityGroupRule:SecurityGroupRule::example]
[provider=urn:pulumi:test::Experiment::pulumi:providers:aws::default_3_29_0::1d8ffca5-685c-4b69-8ddd-3883e405d97f]
~ cidrBlocks: [
[0]: <null>
+ [1]: "2.2.2.2/32"
]
Resources:
+-1 to replace
2 unchanged
Permalink: file:///Users/sibu/test/state/.pulumi/stacks/test.json
Do you want to perform this update? yes
Updating (test):
~ pulumi:pulumi:Stack: (refresh)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:test::Experiment::pulumi:pulumi:Stack::Experiment-test]
error: 1 error occurred:
* [WARN] A duplicate Security Group rule was found on (sg-0acf2e4ef3c4ab3ee). This may be
a side effect of a now-fixed Terraform issue causing two security groups with
identical attributes but different source_security_group_ids to overwrite each
other in the state. See <https://github.com/hashicorp/terraform/pull/2376> for more
information and instructions for recovery. Error message: the specified rule "peer: 1.1.1.1/32, TCP, from port: 443, to port: 443, ALLOW" already exists
error: update failedI worked around the issue by using the Resource option
delete_before_replace=True