Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Don't use var.(in|e)gress_ipv6_cidr_blocks on security group sourced (in|e)gress #148

Merged
merged 3 commits into from Apr 16, 2020
Merged

fix: Don't use var.(in|e)gress_ipv6_cidr_blocks on security group sourced (in|e)gress #148

merged 3 commits into from Apr 16, 2020

Conversation

michaelaw320
Copy link
Contributor

@michaelaw320 michaelaw320 commented Nov 26, 2019
edited

Description

Don't include var.ingress_ipv6_cidr_blocks or var.egress_ipv6_cidr_blocks for security group sourced ingress / egress rules.

Error such as:
Error message: the specified rule "peer: ::/0, TCP, from port: 3306, to port: 3306, ALLOW" already exists
is caused by multiple redefinition of the same IPv6 cidr from the variables mentioned above

Fixes #147

Also fix: #130 #79

@michaelaw320 michaelaw320 changed the title Don't use var.ingress_ipv6_cidr_blocks on security group sourced ingress Don't use var.(in|e)gress_ipv6_cidr_blocks on security group sourced (in|e)gress Nov 27, 2019
@michaelaw320
Copy link
Contributor Author

@antonbabenko can you take a look at this?
🙇

tcarrondo
tcarrondo approved these changes Dec 12, 2019
View reviewed changes
Copy link

@tcarrondo tcarrondo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ayk33
Copy link

ayk33 commented Dec 27, 2019

Can we get some traction on this? This is a big security issue.

@michaelaw320
Copy link
Contributor Author

can we get some traction on this?
I'd like to use this one pretty soon

@jdaMachado
Copy link

Could we merge this ASAP?

@michaelaw320 michaelaw320 mentioned this pull request Feb 17, 2020
Closed
@michaelaw320
Copy link
Contributor Author

Hello @antonbabenko @tcarrondo can we release this?

@michaelaw320 michaelaw320 mentioned this pull request Mar 2, 2020
Merged
haggistech
haggistech approved these changes Apr 16, 2020
View reviewed changes
Copy link

@haggistech haggistech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

@antonbabenko antonbabenko changed the title Don't use var.(in|e)gress_ipv6_cidr_blocks on security group sourced (in|e)gress fix: Don't use var.(in|e)gress_ipv6_cidr_blocks on security group sourced (in|e)gress Apr 16, 2020
@antonbabenko antonbabenko merged commit b172968 into terraform-aws-modules:master Apr 16, 2020
@antonbabenko
Copy link
Member

Thanks, @michaelaw320 and all of you who looked into this issue!

v3.6.0 has been just released.

@antonbabenko antonbabenko mentioned this pull request Apr 16, 2020
Closed
@bryantbiggs bryantbiggs mentioned this pull request Nov 21, 2021
Closed
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 16, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tcarrondo tcarrondo tcarrondo approved these changes

@haggistech haggistech haggistech approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
6 participants
@michaelaw320 @ayk33 @jdaMachado @antonbabenko @tcarrondo @haggistech