Resolving Error revoking default egress rule for Security Group in Localstack with Terraform

Learn how to troubleshoot and resolve the `InvalidPermission.NotFound` error when creating security groups in Localstack with Terraform.
---
This video is based on the question https://stackoverflow.com/q/71445631/ asked by the user 'Don Rhummy' ( https://stackoverflow.com/u/857025/ ) and on the answer https://stackoverflow.com/a/71445748/ provided by the user 'Marcin' ( https://stackoverflow.com/u/248823/ ) at 'Stack Overflow' website. Thanks to these great users and Stackexchange community for their contributions.

Visit these links for original content and any more details, such as alternate solutions, latest updates/developments on topic, comments, revision history etc. For example, the original title of the Question was: Creating security group "Error revoking default egress rule for Security Group ... The specified rule does not exist in this security group"

Also, Content (except music) licensed under CC BY-SA https://meta.stackexchange.com/help/l...
The original Question post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license, and the original Answer post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license.

If anything seems off to you, please feel free to write me at vlogize [AT] gmail [DOT] com.
---
Troubleshooting Security Group Creation in Localstack with Terraform

When working with Localstack to simulate AWS services, developers sometimes encounter issues while creating security groups. One common error is the Error revoking default egress rule for Security Group ... The specified rule does not exist in this security group. This guide will guide you through understanding and resolving this issue effectively.

Understanding the Problem

You may encounter the following error message when trying to create a security group in Localstack:

[[See Video to Reveal this Text or Code Snippet]]

This error indicates that there's a problem with the management of the egress rules in your security group configuration. This can happen due to a couple of reasons, primarily related to how the VPC settings are configured in your Terraform files.

Context

You might be using a setup that looks like this:

Operating System: Ubuntu 20.04

Localstack Version: 0.14.0.9

Terraform Version: v1.1.7

You're likely initiating Localstack with Docker and running Terraform commands in sequence like:

[[See Video to Reveal this Text or Code Snippet]]

However, without the right configurations, such as the correct handling of VPC settings, you can run into the error mentioned above.

Solution Breakdown

Step 1: Check the VPC Configuration

The main reason behind this error is often linked to how VPC is specified in your main.tf. If your security group is being created outside of a default VPC, Localstack may not manage it properly.

Resolution: Remove the line specifying vpc_id if your goal is to create a security group in a default VPC. Update your main.tf as follows:

[[See Video to Reveal this Text or Code Snippet]]

Step 2: Add Egress Rules

In addition to removing the vpc_id, it is also a good practice to explicitly define egress rules in your security group. Without proper egress configuration, issues may arise during rule revocation or when trying to apply security configurations.

Sample Egress Configuration:

[[See Video to Reveal this Text or Code Snippet]]

Final Code Example

Putting it all together, your updated security group configuration in main.tf may look like this:

[[See Video to Reveal this Text or Code Snippet]]

Conclusion

By removing the unnecessary vpc_id configuration and defining egress rules explicitly, you can effectively eliminate the InvalidPermission.NotFound error and successfully create security groups in Localstack using Terraform. This small adjustment can save you from unnecessary troubleshooting and streamline your local cloud environment setup.

If you continue experiencing issues even after these adjustments, ensure that Localstack is running correctly, and verify your Docker and Localstack configurations.