From 43b301aa0837801a2cc715392196d6040fccdc19 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 20 Nov 2025 08:11:24 -0500 Subject: [PATCH 1/3] * 2.9.0 -- 2025-11-20 - custom - change the data resources for ingress and egress SG list to not try to look them up to get names if they include a /, like for ACCOUNT/SGID for a referenced SG - use the actual passed value in the name if it is a referenced SG --- CHANGELOG.md | 6 ++++++ common/version.tf | 2 +- custom/custom.tf | 6 ++++-- custom/data.vpc.tf | 19 ++++++++++++++++++- 4 files changed, 29 insertions(+), 4 deletions(-) mode change 120000 => 100644 custom/data.vpc.tf diff --git a/CHANGELOG.md b/CHANGELOG.md index 18e40b8..a242ad8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -91,3 +91,9 @@ * 2.8.1 -- 2025-10-02 - https: add module + +* 2.9.0 -- 2025-11-20 + - custom + - change the data resources for ingress and egress SG list to not try to look them up to get names if they + include a /, like for ACCOUNT/SGID for a referenced SG + - use the actual passed value in the name if it is a referenced SG diff --git a/common/version.tf b/common/version.tf index bf2205b..345aa6e 100644 --- a/common/version.tf +++ b/common/version.tf @@ -1,3 +1,3 @@ locals { - _module_version = "2.8.1" + _module_version = "2.9.0" } diff --git a/custom/custom.tf b/custom/custom.tf index b99e90d..4f20628 100644 --- a/custom/custom.tf +++ b/custom/custom.tf @@ -1,8 +1,10 @@ locals { vpc_networks = var.use_vpc_cidr ? [data.aws_vpc.this_vpc[0].cidr_block] : [] external_ingress_networks = compact(concat(local.vpc_networks, local.ingress_networks)) - ingress_sg_names = zipmap(var.ingress_security_groups, data.aws_security_group.ingress_security_groups[*].name) - egress_sg_names = zipmap(var.egress_security_groups, data.aws_security_group.egress_security_groups[*].name) + # ingress_sg_names = zipmap(var.ingress_security_groups, data.aws_security_group.ingress_security_groups[*].name) + # egress_sg_names = zipmap(var.egress_security_groups, data.aws_security_group.egress_security_groups[*].name) + ingress_sg_names = { for sg in var.ingress_security_groups : sg => lookup(data.aws_security_group.ingress_security_groups, sg, { name = sg })["name"] } + egress_sg_names = { for sg in var.egress_security_groups : sg => lookup(data.aws_security_group.egress_security_groups, sg, { name = sg })["name"] } # self = var.enable_self ? local.self_ports : [] } diff --git a/custom/data.vpc.tf b/custom/data.vpc.tf deleted file mode 120000 index 197ea98..0000000 --- a/custom/data.vpc.tf +++ /dev/null @@ -1 +0,0 @@ -../common/data.vpc.tf \ No newline at end of file diff --git a/custom/data.vpc.tf b/custom/data.vpc.tf new file mode 100644 index 0000000..1859dd5 --- /dev/null +++ b/custom/data.vpc.tf @@ -0,0 +1,18 @@ +data "aws_vpc" "this_vpc" { + count = var.use_vpc_cidr ? 1 : 0 + id = var.vpc_id +} + +data "aws_security_group" "ingress_security_groups" { + # count = length(var.ingress_security_groups) + # id = element(var.ingress_security_groups, count.index) + for_each = [for sg in var.ingress_security_groups : sg if !stringcontains(sg, "/")] + id = each.key +} + +data "aws_security_group" "egress_security_groups" { + # count = length(var.egress_security_groups) + # id = element(var.egress_security_groups, count.index) + for_each = [for sg in var.egress_security_groups : sg if !stringcontains(sg, "/")] + id = each.key +} From 87ba3ad005339ccb6af5a1d35f46387434316968 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 20 Nov 2025 08:15:11 -0500 Subject: [PATCH 2/3] fix --- custom/data.vpc.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/custom/data.vpc.tf b/custom/data.vpc.tf index 1859dd5..f7ccfd8 100644 --- a/custom/data.vpc.tf +++ b/custom/data.vpc.tf @@ -6,13 +6,13 @@ data "aws_vpc" "this_vpc" { data "aws_security_group" "ingress_security_groups" { # count = length(var.ingress_security_groups) # id = element(var.ingress_security_groups, count.index) - for_each = [for sg in var.ingress_security_groups : sg if !stringcontains(sg, "/")] + for_each = [for sg in var.ingress_security_groups : sg if !strcontains(sg, "/")] id = each.key } data "aws_security_group" "egress_security_groups" { # count = length(var.egress_security_groups) # id = element(var.egress_security_groups, count.index) - for_each = [for sg in var.egress_security_groups : sg if !stringcontains(sg, "/")] + for_each = [for sg in var.egress_security_groups : sg if !strcontains(sg, "/")] id = each.key } From 0a310ae22a215bfb943e7e4c138d208800d64a41 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 20 Nov 2025 08:56:22 -0500 Subject: [PATCH 3/3] fix --- custom/data.vpc.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/custom/data.vpc.tf b/custom/data.vpc.tf index f7ccfd8..7ac993a 100644 --- a/custom/data.vpc.tf +++ b/custom/data.vpc.tf @@ -6,13 +6,13 @@ data "aws_vpc" "this_vpc" { data "aws_security_group" "ingress_security_groups" { # count = length(var.ingress_security_groups) # id = element(var.ingress_security_groups, count.index) - for_each = [for sg in var.ingress_security_groups : sg if !strcontains(sg, "/")] + for_each = toset([for sg in var.ingress_security_groups : sg if !strcontains(sg, "/")]) id = each.key } data "aws_security_group" "egress_security_groups" { # count = length(var.egress_security_groups) # id = element(var.egress_security_groups, count.index) - for_each = [for sg in var.egress_security_groups : sg if !strcontains(sg, "/")] + for_each = toset([for sg in var.egress_security_groups : sg if !strcontains(sg, "/")]) id = each.key }