https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# aws
s
This message was deleted.
l
But that doesn’t seem to be happening because I get:
Copy code
View Live: <https://app.pulumi.com/xxxx/xxx-xxx-vpc/development/updates/49>

     Type                          Name                                 Status                  Info
     pulumi:pulumi:Stack           xxx-foundations-vpc-development  **failed**              1 error
 +   └─ aws:ec2:SecurityGroupRule  bastion-rule-2137                    **creating failed**     1 error
 
Diagnostics:
  aws:ec2:SecurityGroupRule (bastion-rule-2137):
    error: 1 error occurred:
    	* [WARN] A duplicate Security Group rule was found on (sg-059e66fdf2c37c5ac). This may be
    a side effect of a now-fixed Terraform issue causing two security groups with
    identical attributes but different source_security_group_ids to overwrite each
    other in the state. See <https://github.com/hashicorp/terraform/pull/2376> for more
    information and instructions for recovery. Error message: the specified rule "peer: sg-06987771897f711dd, ALL, ALLOW" already exists
So you can see it’s trying to create the rule before deleting it. Does 
deleteBeforeReplace
not work in some places?
b
are they both defined inside Pulumi?
l
I’m just changing the name of it via 
env
So the code is exactly the same, 
env
just changed
So it tries to create the rule, but it’s already there and crashes. I was hoping 
deleteBeforeReplace
would delete the rule first and then re-add it
b
it should, yes, but your error message indicates there might be a security group rule defined outside Pulumi?
l
There should not be, no
I’ll check though
Yeah no, it’s just that it’s trying to add the rule before it deletes the old one
The rules are the same, only the name of the resource is changing.
b
can you open an issue in pulumi-aws?
l
Yeah no problem, thanks!
Open in Slack
PreviousNext
Powered by