Self referential ingress rules for security groups

[albertrdixon]

Terraform complains if I try to make ingress rules that reference the security group itself.
Example:

example.tf

resource "aws_security_group" "example" {
    name = "example"
    ...
    ingress {
        from_port = 22
        to_port = 22
        protocol = "tcp"
        security_groups = ["${aws_security_group.example.id}"]
    }
}

and the output I get:

Error creating graph: The dependency graph is not valid:

* Cycle: aws_security_group.example

[alekstorm]

This would be fixed with the new resource types I suggest in #28 (comment).

[albertrdixon]

Cool, yeah adding ingress and egress types would certainly work. At the least, some mechanism by which security group rules are added to the SG after the SG is created so that the id attribute exists.

[mitchellh]

A certain amount of self-referential variables would actually in theory work (in practice it doesn't right now), but we're not yet looking to support this. I think @alekstorm's suggestion is the best.

[mitchellh]

(closing this in favor of just racking on #28)

[wazoo]

For Google continuity I wanted to note that there is now a "self" parameter on ingress and egress rules that allows this behavior: http://www.terraform.io/docs/providers/aws/r/security_group.html

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.