lemon-machine-35564
04/16/2021, 5:15 PMnew aws.ec2.SecurityGroupRule(
`bastion-rule-` + env,
{
type: 'ingress',
toPort: 0,
protocol: '-1',
fromPort: 0,
securityGroupId: vpc.vpc.defaultSecurityGroupId,
sourceSecurityGroupId: bastionSecGroup.id
},
{ deleteBeforeReplace: true }
);
View Live: <https://app.pulumi.com/xxxx/xxx-xxx-vpc/development/updates/49>
Type Name Status Info
pulumi:pulumi:Stack xxx-foundations-vpc-development **failed** 1 error
+ └─ aws:ec2:SecurityGroupRule bastion-rule-2137 **creating failed** 1 error
Diagnostics:
aws:ec2:SecurityGroupRule (bastion-rule-2137):
error: 1 error occurred:
* [WARN] A duplicate Security Group rule was found on (sg-059e66fdf2c37c5ac). This may be
a side effect of a now-fixed Terraform issue causing two security groups with
identical attributes but different source_security_group_ids to overwrite each
other in the state. See <https://github.com/hashicorp/terraform/pull/2376> for more
information and instructions for recovery. Error message: the specified rule "peer: sg-06987771897f711dd, ALL, ALLOW" already exists
deleteBeforeReplace
not work in some places?billowy-army-68599
04/16/2021, 5:21 PMlemon-machine-35564
04/16/2021, 5:23 PMenv
env
just changeddeleteBeforeReplace
would delete the rule first and then re-add itbillowy-army-68599
04/16/2021, 5:25 PMlemon-machine-35564
04/16/2021, 5:25 PMbillowy-army-68599
04/16/2021, 5:33 PMlemon-machine-35564
04/16/2021, 5:33 PM