I'm not sure why I'm getting this value.

I have this resource in bastion/main.tf

resource "aws_security_group" "bastion_sg" {
  name   = "${var.name}-bastion-security-group"
  vpc_id = var.vpc_id

  ingress {
    protocol    = "tcp"
    from_port   = 22
    to_port     = 22
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    protocol    = -1
    from_port   = 0
    to_port     = 0
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "${var.name}-bastion-sg"
  }
}

here is my output for that bastion/outputs.tf

output "bastion_sg_id" {
  value = aws_security_group.bastion_sg
}

My eks module in my root directory main.tf

module "eks" {
  source = "./eks"
  name   = var.name
  key_name = module.bastion.key_name
  bastion_sg = module.bastion.bastion_sg_id
  vpc_id = module.networking.vpc_id
  private_subnets = module.networking.vpc_private_subnets
}

my variables in my eks/variables.tf

variable "bastion_sg" {
  description = "bastion sg to add to ingress rule of node sg"
}

lastly, my eks/main.tf where the error is occuring

esource "aws_security_group" "node-sg" {
  name   = "${var.name}-node-security-group"
  vpc_id = var.vpc_id

  ingress {
    protocol        = "tcp"
    from_port       = 22
    to_port         = 22
    security_groups = [var.bastion_sg]
  }

  egress {
    protocol    = -1
    from_port   = 0
    to_port     = 0
    cidr_blocks = ["0.0.0.0/0"]
  }
}

I tried it with and without the [] for the security_groups argument and when I did it without I got the set of strings required error and when I added the [] I got this error

on eks\main.tf line 95, in resource "aws_security_group" "node-sg":
│   95:     security_groups = [var.bastion_sg]
│     ├────────────────
│     │ var.bastion_sg is object with 13 attributes
│
│ Inappropriate value for attribute "security_groups": element 0: string required.

CodePudding user response：

It should be:

output "bastion_sg_id" {
  value = aws_security_group.bastion_sg.id
}