I want to add an existing Security Group defined in the VPC to an EC2 Auto Scaling Group. There is no LB defined. This example creates a single EC2 instance for now.
Terraform documentation shows that this is possible for EC2 instances using sg_attachment
resource "aws_network_interface_sg_attachment" "bastion" {
security_group_id = var.sg_id
network_interface_id = aws_autoscaling_group.bastion.primary_network_interface_id
}
But I get the following error, probably because I'm using Auto-scaling groups instead:
Error: Unsupported attribute
on ......\modules\ec2_auto_scaling_group\bastion.tf line 51, in resource "aws_network_interface_sg_attachment" "bastion": 51:
network_interface_id = aws_autoscaling_group.bastion.primary_network_interface_idThis object has no argument, nested block, or exported attribute named "primary_network_interface_id".
I've seen the autoscaling group attachment - https://www.terraform.io/docs/providers/aws/r/autoscaling_attachment.html
But this doesn't refer to security groups at all.
Of course - I could implicitly specify a new security group with all the same rules, or just declare an ec2 instance instead. But when creating an autoscaling group on the console - you get the option to import existing Security groups. So I'd like to think that terraform has an equivalent.