question regarding error

[cordoval]

i am trying the project and getting this error after adapting it a little bit:

* aws_elb.s3-registry-elb: [WARN] Error looking up ELB Security Group ID: No security groups found for name amazon-elb-sg and vpc id

do you know why this is happening?

I assign on the elb the security groups with:

security_groups = ["${aws_security_group.ecs.id}"]

but still getting the same error and on the state security_groups.# = 0 and it has the source_security_group = amazon-elb-sg

[chuckyz]

Try using assigning a name to resource "aws_security_group" "ecs" and doing the following:

security_groups = ["${aws_security_group.ecs.name}"]

I've had a similar problem where trying to grab an id for a preexisting SG created in the GUI (or a default pre-created one). Using id fails for some reason, and I had to use the name instead.

Also if you're putting it in a vpc make sure you're setting vpc_id.

[cordoval]

same error for the .id -> .name change

The security_group.ecs has a vpc_id = "${module.vpc.vpc_id}" set

[cordoval]

I think all of this is related to hashicorp/terraform#2420

[cordoval]

now i see that i am running into exactly this error on this line:

https://github.com/hashicorp/terraform/pull/3780/files#diff-5bd4dc8acacea4f1ba989ac829a90894R658

[mmerchant]

You can try adding in a sleep such that the resource exists as others have suggested as work-around:

provisioner "local-exec" { command = "sleep 10" }

[pporada-gl]

@mmerchant Where would you add that local-exec provisioner? Would it be in the launch config for an ASG or in an EC2 instance declaration? Would you be able to provide a better example please?

[mmerchant]

@pporada-gl I have an IAM role that I create for ECS and in the IAM instance profile (aws_iam_instance_profile) I call when creating the role:
provisioner "local-exec" { command = "sleep 10" }

[pporada-gl]

@mmerchant That makes a lot of sense! Thanks for the tip!