I can not find how I should define ranges using terraform in ingress security groups. Checking the documentation fields to_port and from_port suport range port. However, I do not find how to configure it.
working example using aws CLI:
aws ec2 authorize-security-group-ingress \
--region $REGION \
--group-name test \
--protocol tcp \
--port 50000-50001 \
--cidr 0.0.0.0/0
But I do not manage to do the same using terraform. I have tried configuring the same in the security group resource:
resource "aws_security_group" "allow_tls" {
name = "allow_tls"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "allow_tls"
from_port = 50000-50001
to_port = 50000-50001
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "allow_tls"
}
}
And the problem that I have is that it is automatically setting to_port and from_port to -1 value.
# from terraform plan output
cidr_blocks = [
"0.0.0.0/0",
]
description = "allow_tls"
from_port = -1
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = "tcp"
security_groups = []
self = false
to_port = -1
}
also tried using aws_security_group_rule and it have the same behavior. Any idea how it can be solved?
CodePudding user response:
It should be:
from_port = 50000
to_port = 50001