diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf index b18b60a3..4a26b318 100644 --- a/examples/complete/outputs.tf +++ b/examples/complete/outputs.tf @@ -7,3 +7,13 @@ output "slz_vsi" { value = module.slz_vsi description = "VSI module values" } + +output "secondary_subnets" { + description = "Secondary subnets created" + value = local.secondary_subnet_zone_list +} + +output "secondary_security_groups" { + description = "Secondary security groups created" + value = local.secondary_security_groups +} diff --git a/main.tf b/main.tf index db7c6ea6..389ab238 100644 --- a/main.tf +++ b/main.tf @@ -135,7 +135,15 @@ resource "ibm_is_instance" "vsi" { } content { subnet = network_interfaces.value.id - security_groups = flatten([ + # If security_groups is empty(list is len(0)) then default list to default_security_group_id. + # If list is empty it will fail on reapply as when vsi is passed an empty security group list it will attach the default security group. + security_groups = length(flatten([ + (var.create_security_group && var.secondary_use_vsi_security_group ? [ibm_is_security_group.security_group[var.security_group.name].id] : []), + [ + for group in var.secondary_security_groups : + group.security_group_id if group.interface_name == network_interfaces.value.name + ] + ])) == 0 ? [local.default_security_group_id] : flatten([ (var.create_security_group && var.secondary_use_vsi_security_group ? [ibm_is_security_group.security_group[var.security_group.name].id] : []), [ for group in var.secondary_security_groups : diff --git a/module-metadata.json b/module-metadata.json index 09f52915..0c5ea528 100644 --- a/module-metadata.json +++ b/module-metadata.json @@ -468,7 +468,7 @@ }, "pos": { "filename": "main.tf", - "line": 174 + "line": 182 } }, "ibm_is_floating_ip.vsi_fip": { @@ -485,7 +485,7 @@ }, "pos": { "filename": "main.tf", - "line": 166 + "line": 174 } }, "ibm_is_instance.vsi": {