Internal module resource access

So, I’m refactoring some legacy code, which which there was a project with multiple tf files, and turning it into a module being called by a driver project.

so say there’s a driver module on the “driver” directory:


module "old_module" {
  source = "../old-module-dir"

param1 = var.old-value1

old-value1 represents a value that used to be a local or a var in the old module, that’s now being populated by the driver before calling it.

In old-module-dir there are two files in question:

locals {
   sgs = {
     "tag" =

(stuff happens)


resource "aws_security_group" "one" {
  stuff that does create the sg if I apply

If I apply it, I get an error from aws-hosts that

"tag" =

A managed resource "aws_security_group" "consul-server-ap-southwest-1" has not been declared in old_module.

If I comment out the bit in, I’ll get a will be created

If I reference it that way I get a `no module call named “old_module” is declared in old_module.

So how the heck do I write a reference to the resource that the module I’m in is creating?