Refresh aws_security_group ingress output after apply aws_security_group_rule

Hi,

I’m building security groups using aws_security_group and aws_security_group_rule resources. Unfortunately two terraform cycles are required to get the output of aws_security_group.this.ingres. I’m wondering how to refresh the generation of the output so that a single terraform execution is sufficient.

This is a sample code snippet:

########
resource "aws_security_group_rule" "example" {
  type              = "ingress"
  from_port         = 0
  to_port           = 65535
  protocol          = "tcp"
  cidr_blocks       = [aws_vpc.example.cidr_block]
  security_group_id = aws_security_group.this.0.id
}

resource "aws_security_group" "this" {
  count = 1 #var.create && false == var.use_name_prefix ? 1 : 0

  name                   = "my-lovely-sg"
  description            = "sg-desc"
  vpc_id                 = aws_vpc.example.id
  revoke_rules_on_delete = true # var.revoke_rules_on_delete

  /*tags = merge(
    {
      "Name" = format("%s", "sg-name")
    },
    var.tags,
  )*/
}

resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}


output "ingress" {
  value = aws_security_group.this.*.ingress
}