Bugfixes (#136)

Nuru · web-flow · commit badb311caccf · 2021-10-25T15:53:43.000-07:00
* Fix #134 use only existing security groups * Fix #135, default zone ID
diff --git a/main.tf b/main.tf
@@ -34,6 +34,8 @@ module "aws_security_group" {
   source  = "cloudposse/security-group/aws"
   version = "0.4.2"
 
+  enabled = local.create_security_group
+
   allow_all_egress    = local.allow_all_egress
   security_group_name = var.security_group_name
   rules_map           = local.sg_rules
@@ -61,7 +63,6 @@ module "aws_security_group" {
   security_group_delete_timeout = var.security_group_delete_timeout
 
 
-  enabled = local.enabled && local.create_security_group
   context = module.this.context
 }
 
@@ -114,10 +115,10 @@ resource "aws_elasticache_replication_group" "default" {
   automatic_failover_enabled    = var.automatic_failover_enabled
   multi_az_enabled              = var.multi_az_enabled
   subnet_group_name             = local.elasticache_subnet_group_name
-  # It would be nice to remove duplicate security group IDs, if there are any, using `compact`,
+  # It would be nice to remove null or duplicate security group IDs, if there are any, using `compact`,
   # but that causes problems, and having duplicates does not seem to cause problems.
   # See https://github.com/hashicorp/terraform/issues/29799
-  security_group_ids         = concat(local.associated_security_group_ids, [module.aws_security_group.id])
+  security_group_ids         = local.create_security_group ? concat(local.associated_security_group_ids, [module.aws_security_group.id]) : local.associated_security_group_ids
   maintenance_window         = var.maintenance_window
   notification_topic_arn     = var.notification_topic_arn
   engine_version             = var.engine_version
@@ -196,7 +197,7 @@ module "dns" {
   enabled  = module.this.enabled && length(var.zone_id) > 0 ? true : false
   dns_name = var.dns_subdomain != "" ? var.dns_subdomain : module.this.id
   ttl      = 60
-  zone_id  = try(var.zone_id[0], var.zone_id)
+  zone_id  = try(var.zone_id[0], tostring(var.zone_id), "")
   records  = var.cluster_mode_enabled ? [join("", aws_elasticache_replication_group.default.*.configuration_endpoint_address)] : [join("", aws_elasticache_replication_group.default.*.primary_endpoint_address)]
 
   context = module.this.context
diff --git a/security_group_inputs.tf b/security_group_inputs.tf
@@ -9,7 +9,7 @@ variable "create_security_group" {
 }
 
 locals {
-  create_security_group = var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups
+  create_security_group = local.enabled && (var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups)
 }
 
 variable "associated_security_group_ids" {

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ variable "create_security_group" {`
`9`	`9`	`}`
`10`	`10`
`11`	`11`	`locals {`
`12`		`- create_security_group = var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups`
	`12`	`+ create_security_group = local.enabled && (var.use_existing_security_groups == null ? var.create_security_group : !var.use_existing_security_groups)`
`13`	`13`	`}`
`14`	`14`
`15`	`15`	`variable "associated_security_group_ids" {`