From 7e1a4ad161dd8e67df350bbdfee642b5ae59d4ce Mon Sep 17 00:00:00 2001
From: Titouan-Joseph CICORELLA <tcicorella@cns-com.com>
Date: Mon, 22 Jul 2024 14:06:10 +0000
Subject: [PATCH] fix(*_with_prefix_list_ids): using lookup in the rules
 creation resources for variables *_with_prefix_list_ids

---
 examples/complete/main.tf |  2 +-
 main.tf                   | 49 +++++++++++++++++++++++++++++++++++----
 2 files changed, 46 insertions(+), 5 deletions(-)

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 049f489..5e26fa4 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -427,7 +427,7 @@ module "prefix_list" {
   vpc_id      = data.aws_vpc.default.id
 
   ingress_prefix_list_ids = [data.aws_prefix_list.s3.id, data.aws_prefix_list.dynamodb.id]
-  ingress_with_cidr_blocks = [
+  ingress_with_prefix_list_ids = [
     {
       from_port       = 9100
       to_port         = 9100
diff --git a/main.tf b/main.tf
index b681c82..6e9eede 100644
--- a/main.tf
+++ b/main.tf
@@ -441,7 +441,15 @@ resource "aws_security_group_rule" "ingress_with_prefix_list_ids" {
   security_group_id = local.this_sg_id
   type              = "ingress"
 
-  prefix_list_ids = var.ingress_prefix_list_ids
+  prefix_list_ids = compact(split(
+    ",",
+    lookup(
+      var.ingress_with_prefix_list_ids[count.index],
+      "prefix_list_ids",
+      join(",", var.ingress_prefix_list_ids)
+    )
+  ))
+
   description = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "description",
@@ -453,11 +461,13 @@ resource "aws_security_group_rule" "ingress_with_prefix_list_ids" {
     "from_port",
     var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][0],
   )
+
   to_port = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "to_port",
     var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][1],
   )
+
   protocol = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "protocol",
@@ -472,7 +482,15 @@ resource "aws_security_group_rule" "computed_ingress_with_prefix_list_ids" {
   security_group_id = local.this_sg_id
   type              = "ingress"
 
-  prefix_list_ids = var.ingress_prefix_list_ids
+  prefix_list_ids = compact(split(
+    ",",
+    lookup(
+      var.ingress_with_prefix_list_ids[count.index],
+      "prefix_list_ids",
+      join(",", var.ingress_prefix_list_ids)
+    )
+  ))
+
   description = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "description",
@@ -484,11 +502,13 @@ resource "aws_security_group_rule" "computed_ingress_with_prefix_list_ids" {
     "from_port",
     var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][0],
   )
+
   to_port = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "to_port",
     var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][1],
   )
+
   protocol = lookup(
     var.ingress_with_prefix_list_ids[count.index],
     "protocol",
@@ -883,7 +903,15 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
   security_group_id = local.this_sg_id
   type              = "egress"
 
-  prefix_list_ids = var.egress_prefix_list_ids
+  prefix_list_ids = compact(split(
+    ",",
+    lookup(
+      var.egress_with_prefix_list_ids[count.index],
+      "prefix_list_ids",
+      join(",", var.egress_prefix_list_ids)
+    ))
+  )
+
   description = lookup(
     var.egress_with_prefix_list_ids[count.index],
     "description",
@@ -899,6 +927,7 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
       "_",
     )][0],
   )
+
   to_port = lookup(
     var.egress_with_prefix_list_ids[count.index],
     "to_port",
@@ -908,6 +937,7 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
       "_",
     )][1],
   )
+
   protocol = lookup(
     var.egress_with_prefix_list_ids[count.index],
     "protocol",
@@ -927,7 +957,16 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
   type              = "egress"
 
   source_security_group_id = var.computed_egress_with_prefix_list_ids[count.index]["source_security_group_id"]
-  prefix_list_ids          = var.egress_prefix_list_ids
+
+  prefix_list_ids = compact(split(
+    ",",
+    lookup(
+      var.computed_egress_with_prefix_list_ids[count.index],
+      "prefix_list_ids",
+      join(",", var.egress_prefix_list_ids)
+    )
+  ))
+
   description = lookup(
     var.computed_egress_with_prefix_list_ids[count.index],
     "description",
@@ -943,6 +982,7 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
       "_",
     )][0],
   )
+
   to_port = lookup(
     var.computed_egress_with_prefix_list_ids[count.index],
     "to_port",
@@ -952,6 +992,7 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
       "_",
     )][1],
   )
+
   protocol = lookup(
     var.computed_egress_with_prefix_list_ids[count.index],
     "protocol",