skip to Main Content

I have the following aws_security_group I would like to implement with terraform:

resource "aws_security_group" "ort_to_db" {
  name   = "MySQL/AURORA"
  vpc_id = data.aws_vpc.vpc_ort.id
 

  ingress {
    from_port   = 3306
    to_port     = 3306
    protocol    = "MYSQL/Aurora"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = -1
    cidr_blocks = ["0.0.0.0/0"]
  }
}

However, I’m receiving the following error on terraform apply:

Error: updating Security Group ingress rules:
authorizing Security Group (ingress) rules: InvalidParameterValue:
Invalid value ‘mysql/aurora’ for IP protocol. Unknown protocol. │
status code: 400, request id: d0

I’ve been checking from the documentation all the potential values as protocol.
However it looks like it’s not in the extended documentation

Is there any workaround or should I forget at the moment to use the specific protocol proposed by AWS?
Protocol proposed by AMAZON in its UI

2

Answers


  1. I think aws_security_group accept only the basic protocols Like TCP or UDP…
    If you are using MySQL just use TCP because that’s what MySQL use.

    Login or Signup to reply.
  2. You are looking at the wrong field, the protocol type is TCP, and you were looking at the Type field. You can see in the screenshot it is greyed out and says TCP. The documentation says that as well. So you need to fix this:

    resource "aws_security_group" "ort_to_db" {
      name   = "MySQL/AURORA"
      vpc_id = data.aws_vpc.vpc_ort.id
     
    
      ingress {
        from_port   = 3306
        to_port     = 3306
        protocol    = "TCP"
        cidr_blocks = ["0.0.0.0/0"]
      }
    
      egress {
        from_port   = 0
        to_port     = 0
        protocol    = -1
        cidr_blocks = ["0.0.0.0/0"]
      }
    }
    

    In the docs, look at the Protocol type column.

    enter image description here


    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search