From c9cf82057803cb2b3d01168ccc6f6f533c26b74d Mon Sep 17 00:00:00 2001
From: gwionap <gwion.aprhobat@justice.gov.uk>
Date: Fri, 15 Sep 2023 10:21:34 +0100
Subject: [PATCH] Update lb redshfit egress rule.

---
 terraform/environments/data-and-insights-wepi/redshift.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/environments/data-and-insights-wepi/redshift.tf b/terraform/environments/data-and-insights-wepi/redshift.tf
index 76af2304501..704a010faea 100644
--- a/terraform/environments/data-and-insights-wepi/redshift.tf
+++ b/terraform/environments/data-and-insights-wepi/redshift.tf
@@ -163,10 +163,10 @@ resource "aws_security_group_rule" "lb_tcp_5439_ingress_vpc" {
 }
 
 resource "aws_security_group_rule" "lb_tcp_5439_egress_redshift" {
+  for_each          = toset([for node in aws_redshift_cluster.wepi_redshift_cluster.cluster_nodes : node.private_ip_address])
   from_port         = 5439
-  prefix_list_ids   = [data.aws_vpc_endpoint.redshift.prefix_list_id]
   protocol          = "TCP"
-  security_group_id = aws_security_group.redshift-data-lb.id
+  cidr_blocks       = [format("%s/32", each.value)]
   to_port           = 5439
   type              = "egress"
 }