How to update a Security Group deployed by Terraform and with a lambda function?

Fred2MTL · July 17, 2019, 7:35pm

We have to update dynamically a Security Group thru a Lambda Function ; the IP to be allowed are extracted from the CloudWatch events.

This Security Group and the owner are deployed by Terraform into a VPC, within a lot of components and with a lot of updates.

These components, included the Security Group, are under control of Terraform, meaning it could be redeployed if Terraform identifies some differences from the source. Then, the differences dynamically made by the Lambda are lost.

How can we control / avoid this behavior, please ?

rtwolfe · January 26, 2024, 8:42pm

To manage a dynamic update of a Security Group (SG) in AWS using a Lambda function, while also ensuring that these changes are not overridden by Terraform during subsequent deployments, you need to approach the problem with a strategy that aligns Terraform’s state management with the dynamic nature of your infrastructure.

Topic		Replies	Views
Unexpected removal of values when updating aws_security_group AWS	0	356	July 22, 2019
How to update EC2 instance parameters (e.g., security groups) without terminating or restarting the instance using Terraform? AWS	1	800	July 21, 2023
Security group rule resource is getting recreated with each TF apply Terraform	8	7224	March 29, 2022
Terraform dynamic block AWS	1	171	October 26, 2023
Terraform wants to replace my AWS instance with no modifications AWS	3	8170	August 5, 2021

How to update a Security Group deployed by Terraform and with a lambda function?

Related topics