Bugfixes (#136)

* Fix #134 use only existing security groups * Fix #135, default zone ID

Bugfixes (#136)
* Fix #134 use only existing security groups * Fix #135, default zone ID
badb311c · Nuru · GitHub · 42cf8d14 · badb311c · badb311c
Commit badb311c authored Oct 25, 2021 by Nuru Committed by GitHub Oct 25, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 5 deletions

main.tf main.tf +5 -4

security_group_inputs.tf security_group_inputs.tf +1 -1

No files found.
--- a/main.tf
+++ b/main.tf
@@ -34,6 +34,8 @@ module "aws_security_group" {
  source  = "cloudposse/security-group/aws"
  version = "0.4.2"

+  enabled = local.create_security_group
+
  allow_all_egress    = local.allow_all_egress
  security_group_name = var.security_group_name
  rules_map           = local.sg_rules
@@ -61,7 +63,6 @@ module "aws_security_group" {
  security_group_delete_timeout = var.security_group_delete_timeout


-  enabled = local.enabled && local.create_security_group
  context = module.this.context
 }

@@ -114,10 +115,10 @@ resource "aws_elasticache_replication_group" "default" {
  automatic_failover_enabled    = var.automatic_failover_enabled
  multi_az_enabled              = var.multi_az_enabled
  subnet_group_name             = local.elasticache_subnet_group_name
-  # It would be nice to remove duplicate security group IDs, if there are any, using `compact`,
+  # It would be nice to remove null or duplicate security group IDs, if there are any, using `compact`,
  # but that causes problems, and having duplicates does not seem to cause problems.
  # See https://github.com/hashicorp/terraform/issues/29799
-  security_group_ids         = concat(local.associated_security_group_ids, [module.aws_security_group.id])
+  security_group_ids         = local.create_security_group ? concat(local.associated_security_group_ids, [module.aws_security_group.id]) : local.associated_security_group_ids
  maintenance_window         = var.maintenance_window
  notification_topic_arn     = var.notification_topic_arn
  engine_version             = var.engine_version
@@ -196,7 +197,7 @@ module "dns" {
  enabled  = module.this.enabled && length(var.zone_id) > 0 ? true : false
  dns_name = var.dns_subdomain != "" ? var.dns_subdomain : module.this.id
  ttl      = 60
-  zone_id  = try(var.zone_id[0], var.zone_id)
+  zone_id  = try(var.zone_id[0], tostring(var.zone_id), "")
  records  = var.cluster_mode_enabled ? [join("", aws_elasticache_replication_group.default.*.configuration_endpoint_address)] : [join("", aws_elasticache_replication_group.default.*.primary_endpoint_address)]

  context = module.this.context

--- a/security_group_inputs.tf
+++ b/security_group_inputs.tf
@@ -9,7 +9,7 @@ variable "create_security_group" {
 }

 locals {
-  create_security_group = var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups
+  create_security_group = local.enabled && (var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups)
 }

 variable "associated_security_group_ids" {