fix aws security group re-apply issue to use only external rule defin…

…itions this change takes guidance from terraforms behavior explained here: hashicorp/terraform#11011 [#147690737]
88981 · Jun 22, 2017 · abcd1f9 · abcd1f9
1 parent e0e7b2b
commit abcd1f9
Showing 1 changed file with 18 additions and 12 deletions.
diff --git a/install-pcf/aws/terraform/security_group.tf b/install-pcf/aws/terraform/security_group.tf
@@ -12,18 +12,24 @@ resource "aws_security_group" "directorSG" {
     tags {
         Name = "${var.prefix}-Ops Manager Director Security Group"
     }
-    ingress {
-        from_port = 0
-        to_port = 0
-        protocol = -1
-        cidr_blocks = ["${var.vpc_cidr}"]
-    }
-    egress {
-        from_port = 0
-        to_port = 0
-        protocol = -1
-        cidr_blocks = ["0.0.0.0/0"]
-    }
+}
+
+resource "aws_security_group_rule" "allow_directorsg_ingress_default" {
+    type = "ingress"
+    from_port = 0
+    to_port = 0
+    protocol = -1
+    cidr_blocks = ["${var.vpc_cidr}"]
+    security_group_id = "${aws_security_group.directorSG.id}"
+}
+
+resource "aws_security_group_rule" "allow_directorsg_egress_default" {
+    type = "egress"
+    from_port = 0
+    to_port = 0
+    protocol = -1
+    cidr_blocks = ["0.0.0.0/0"]
+    security_group_id = "${aws_security_group.directorSG.id}"
 }
 
 resource "aws_security_group_rule" "allow_ssh" {