After updating to Pulumi AWS 0.18 I am still getting the "A duplicate Security Group rule was found on" when trying to assign a security group to an application load balancer. It looks like the load balancer creates its own security group and the one I am trying to get it to use just gets created along side it. However if I try and not assign any security groups to the load balancer it will not create it's own and gives me the "ValidationError: A security group must be specified". Am I doing something wrong or is this a bug?

If you have a repro case for this - definitely open an issue in the

pulumi-aws

repo so we can look into it. We have several test cases that test things very close to this scenario, so I’m interested in what specific conditions are triggering this in your case. Cc also @stocky-spoon-28903.

An you also include your security group definition in the issue @boundless-author-24618 ?

Here is my security group:

const anyCidr = ['0.0.0.0/0']

const albSecurityGroup = new aws.ec2.SecurityGroup('alb-sg', {
  description: 'Enables HTTP inbound and any outbound',
})

const ingressRule = new aws.ec2.SecurityGroupRule('alb-sg-ingress-rule', {
  type: 'ingress',
  protocol: 'tcp',
  fromPort: 80,
  toPort: 80,
  cidrBlocks: anyCidr,
  securityGroupId: albSecurityGroup.id,
})

const egressRule = new aws.ec2.SecurityGroupRule('alb-sg-egress-rule', {
  type: 'egress',
  protocol: '-1',
  fromPort: 0,
  toPort: 0,
  cidrBlocks: anyCidr,
  securityGroupId: albSecurityGroup.id,
})

And here's how I'm applying it to the load balancer:

const loadBalancer = new awsx.elasticloadbalancingv2.ApplicationLoadBalancer(
  'primary-alb',
  {
    external: true,
    securityGroups: [albSecurityGroup],
  }
)

If you would like to see the full code I will create a repo. Thanks