Not able to add existing security groups to aws_efs_mount_target

[yiskaneto]

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.

• Yes ✅: please list the AWS provider version which introduced this functionality

I couldn't find the version but in short, it uses the security_groups attribute from https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_mount_target

Is your request related to a problem? Please describe.

There are times when we need to pass an existing security group to the aws_efs_mount_target resource, currently this is not possibly with this module.

Describe the solution you'd like.

Create a new variable security_groups and add it as part of the logic taken on https://github.com/terraform-aws-modules/terraform-aws-efs/blob/master/main.tf#L149

[bryantbiggs]

we already support this via the each.value.security_groups shown above

so in your mount targets:

  # Truncated for brevity
  mount_targets = {
    one = {
      security_groups = [ #add them here]
    }
  }

Share a reproduction of what you are trying and details on whats not working

[churtado-tech]

In addition with example attached in repo if you want to use maping with current subnets id list.

`{ for k, v in zipmap(var.vpc_azs, var.private_subnet_ids) : k => { subnet_id = v
    security_groups = [var.eks_security_group]`

Anyway, if you want to combine Custom Security group (Create a new one) and attach another SG is not allowed, no?
Or use custom Security group and attach sg with rules.