New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wide Open ipv6 Egress Being Created #130
Comments
I believe I may have found the issue. Line 525 of I cloned the repository, pointed at the module locally, commented out that line and tried again. All works fine now. I notice this defined at
I'm not sure it is possible to set a TF list to Hope some of that helps. |
I just ran into this exact problem. The main reason I'm looking at this plugin is to create server/client Security Group pairs, but if all my egress gets full IPv6 access, that's kind of frustrating. It seems like a simple fix. Any workarounds available? (Other than pulling down the source and using it locally, I mean.) |
I was going to fork, modify and run the code locally.. but it just seemed a messy solution. I ended up using the built-in resources in TF in place of this module. I define all ingress & egress rules via associated aws_security_group_rule resources (i.e. don't use the array approach in aws_security_group). That combined with some homegrown modules for repeatable patterns has worked just fine. Honestly, I'm not sure how much time/effort/lines of code this module saves versus just using the native resources. |
I'm having the same issue on the egress_with_source_security_group_id, the IPV6 range is always added with the needed SG on 2 separated lines |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Module:
v3.0.1
Terraform:0.12.3
I am creating a load balancer security group that does the following:
When I run the below, the ingress rules are fine. However, egress also creates a wide open IPv6 rule along with the proper one referencing a security group:
The above creates egress like:
I'm not sure where the
::/0
wide open rule comes from. If I delete it, it'll recreate.Thanks,
Tom
The text was updated successfully, but these errors were encountered: