Why am I getting a "Reference to undeclared resource" error when trying to set a security-CodePudding

I must be missing something somewhere to get this error message, but I can't figure it out.

What's the issue?

Error:

Error: Reference to undeclared resource

on Start.tf line 91, in resource "aws_instance" "nginx":
91:   vpc_security_group_ids = [data_aws_security_group.nginx.id]
A managed resource "data_aws_security_group" "nginx" has not been declared in
the root module."

Code:

##################################################################################
# VARIABLES
##################################################################################
variable "vpc_id" {}
variable "aws_access_key" {}
variable "aws_secret_key" {}
variable "private_key_path" {
  default = "C:\\ME\\key\\key.pem"
}
variable "key_name" {
  default = "eods-dev-ees"
}
variable "region" {
  default = "eu-west-2"
}

##################################################################################
# PROVIDERS
##################################################################################

provider "aws" {
  access_key = var.aws_access_key
  secret_key = var.aws_secret_key
  region     = var.region
}

##################################################################################
# DATA
##################################################################################

data "aws_ami" "aws-linux" {
  most_recent = true
  owners      = ["amazon"]

  filter {
    name   = "name"
    values = ["amzn-ami-hvm*"]
  }

  filter {
    name   = "root-device-type"
    values = ["ebs"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }
}


##################################################################################
# RESOURCES
##################################################################################

#vpc-041f071d8a46d6471

#This uses the default VPC.  It WILL NOT delete it on destroy.
resource "aws_security_group" "default" {

}

resource "aws_security_group" "allow_ssh" {
  name        = "nginx_demo"
  description = "Allow ports for nginx demo"
  vpc_id      = var.vpc_id


  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = -1
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "nginx" {
  ami                    = data.aws_ami.aws-linux.id
  instance_type          = "t2.micro"
  key_name               = var.key_name
  vpc_security_group_ids = [data_aws_security_group.nginx.id]

  connection {
    type        = "ssh"
    host        = self.public_ip
    user        = "ec2-user"
    private_key = file(var.private_key_path)

  }

  provisioner "remote-exec" {
    inline = [
      "sudo yum install nginx -y",
      "sudo service nginx start"
    ]
  }
}

##################################################################################
# OUTPUT
##################################################################################

output "aws_instance_public_dns" {
  value = aws_instance.nginx.public_dns
}

CodePudding user response：

data_aws_security_group.nginx.id does not exist in your Terraform configuration.

In your NGINX instance declaration (resource "aws_instance" "nginx"), you're trying to reference an undeclared resource:

vpc_security_group_ids = [data_aws_security_group.nginx.id]

You probably didn't mean [data.aws_security_group.nginx.id] as you don't have a data source defined.

Did you mean [aws_security_group.allow_ssh.id]?

vpc_security_group_ids = [aws_security_group.allow_ssh.id]