From 0e72f6490616b3ee82848a0c7ddcf9ba13ccbfba Mon Sep 17 00:00:00 2001
From: Nathan Collins <colli372@msu.edu>
Date: Thu, 27 Apr 2023 12:15:20 -0400
Subject: [PATCH] Fix TF timeout when ssh_cidr_blocks is empty

Resource aws_security_group_rule.ssh_public_ip would
not be created when empty list (default) was set
for ssh_cidr_blocks. SGR is now conditional on
that var not being empty.
---
 compose.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/compose.tf b/compose.tf
index d347eb4..349eba5 100644
--- a/compose.tf
+++ b/compose.tf
@@ -157,6 +157,7 @@ resource "aws_security_group" "public_ip" {
 }
 
 resource "aws_security_group_rule" "ssh_public_ip" {
+  for_each = toset(length(var.ssh_cidr_blocks) > 0 ? ["1"] : [])
   type = "ingress"
   description = "Allow SSH direct to public IP"
   cidr_blocks = var.ssh_cidr_blocks