Terraform issue attaching a security group to my aws instances

2
votes

I'm new enough to terraform and think I am misunderstanding something with count and count.index usage.

I am creating some EC2 instances using the count parameter and it works fine

resource "aws_instance" "server" {
ami = data.aws_ami.app_ami.id
instance_type = "t2.micro"
key_name = "DeirdreKey"
subnet_id = aws_subnet.my_subnet_a.id
count = 2
tags = {
 Name = "server.${count.index}"
}

I want to associated a security group with both instances so I created the below

resource "aws_network_interface_sg_attachment" "sg_attachment" {
security_group_id    = aws_security_group.allow_internet.id
network_interface_id = aws_instance.server.primary_network_interface_id
}

However I am running into this error

Error: Missing resource instance key

on lb.tf line 57, in resource "aws_network_interface_sg_attachment" "sg_attachment":
57:   network_interface_id = aws_instance.server.primary_network_interface_id

Because aws_instance.server has "count" set, its attributes must be
accessed on specific instances.

For example, to correlate with indices of a referring resource, use:
aws_instance.server[count.index]

I understand what the error is complaining about . Its because the local resource name I am referring to in not unique as I have created a count of 2 aws instances called "server". I dont know how to fix it though. I tried with the below

resource "aws_network_interface_sg_attachment" "sg_attachment" {
security_group_id    = aws_security_group.allow_internet.id
network_interface_id = aws_instance.server[count.index].primary_network_interface_id

But then I get the below error

Error: Reference to "count" in non-counted context

on lb.tf line 53, in resource "aws_network_interface_sg_attachment" "sg_attachment":
53:   network_interface_idaws_instance.server[count.index].primary_network_interface_id

The "count" object can only be used in "module", "resource", and "data"
blocks, and only when the "count" argument is set.

Does this mean I have to introduce the count.index into the local resource name? I tried it a few ways and it doesnt seem to work

resource "aws_instance" "server${count.index}" {
1
countterraform

1 Answers

1
votes

You need a count statement on the resource to use count.index. Count statements can get out of hand, so if you have multiple resources that logically need the same count, use a variable or local value:

local {
  replications = 2
}

resource "aws_instance" "server" {
  count = local.replications
  ami = data.aws_ami.app_ami.id
  instance_type = "t2.micro"
  key_name = "DeirdreKey"
  subnet_id = aws_subnet.my_subnet_a.id
  tags = {
    Name = "server.${count.index}"
  }
}

resource "aws_network_interface_sg_attachment" "sg_attachment" {
  count                = local.replications
  security_group_id    = aws_security_group.allow_internet.id
  network_interface_id = aws_instance.server[count.index].primary_network_interface_id
}

This creates one security group attachment per server, and gives you a list of servers you can reference as aws_instance.server[0] and aws_instance.server[1], and a list of attachments that you can reference in the same way.