Terraform apply times out when there's a change to `security_group_rules`

Question

Terraform apply times out when there's a change to `security_group_rules`

dchien234 opened this issue a year ago · 2 comments

dchien234 commented a year ago

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.

No 🛑 : more like an enhancement to the existing HCL implementation

Is your request related to a problem? Please describe.

Prerequisite:
- You have an existing EFS module
- You want to update your security_group_rules (for e.g. to add additional CIDR blocks)
Observations:
- When run terraform apply, it will try to destroy the existing aws_security_group_rule and aws_security_group objects, and this operation will time out after 15m (or the default timeout)
- This is because of the dependency between aws_security_group and the aws_efs_mount_target resource. One cannot destroy the aws_security_group, if it has a dependency object. And the aws_efs_mount_target cannot replace with the new security group since it's not created yet.

Describe the solution you'd like.

Solution:
- Add a create_before_destroy life cycle behavior to the above objects to enable terraform to replace objects properly.

Describe alternatives you've considered.

N.A.

Additional context

N.A.

Answer 1 · 2023-09-13T04:40:22.000Z

PR for this issue #16

Answer 2 · 2023-10-14T02:01:33.000Z

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.