Security Groups - YakDriver/fardvag GitHub Wiki

There are two issues of interest related to Security Groups:

1. Security group rules cannot be imported (issue #2895/PR #6027.
2. A bug deletes your actual AWS security group rules (not state) in this situation (issue #6036):
   1. Create a security group with rules (either inline or separate, it doesn't matter)
   2. Remove it from the state
   3. Import the security group back into the state
   4. Apply

Because you cannot import individual rules, the only way to bring rules under TF control is through the security group, opening you to the bug.

Terraform docs

• Security Group
• Security Group Rule
• Default Security Group

Pull requests

• resource/aws_security_group_rule: Add import functionality for security group rules #6027

Issues

• ALL Rules DELETED on Security Group import/apply #6036
• aws_security_group_rule loses track of certain out-of-band changes #3234
• aws_security_group: DependencyViolation: resource sg-XXX has a dependent object #1671
• Destroying Security Groups Takes Forever with Attached SG #265
• Terraform shows plan changes when inline security group rules are converted to aws_security_group_rule #5243
• Can't import security_group_rule #2895