Better visualization of aws_security_group modifications

[johnrengelman]

version: 0.16

It's difficult to visualize modifications to AWS security group rules due to how the hash for specific rules is calculated. For example, adding additional CIDRs results in something like this:

  ingress.1461745566.cidr_blocks.#:     "3" => "0"
  ingress.1461745566.cidr_blocks.0:     "172.23.4.0/22" => ""
  ingress.1461745566.cidr_blocks.1:     "208.137.6.0/24" => ""
  ingress.1461745566.cidr_blocks.2:     "68.233.167.160/28" => ""
  ingress.1461745566.from_port:         "8080" => "0"
  ingress.1461745566.protocol:          "tcp" => ""
  ingress.1461745566.security_groups.#: "0" => "0"
  ingress.1461745566.self:              "false" => "false"
  ingress.1461745566.to_port:           "8080" => "0"
  ingress.2239610842.cidr_blocks.#:     "3" => "0"
  ingress.2239610842.cidr_blocks.0:     "172.23.4.0/22" => ""
  ingress.2239610842.cidr_blocks.1:     "208.137.6.0/24" => ""
  ingress.2239610842.cidr_blocks.2:     "68.233.167.160/28" => ""
  ingress.2239610842.from_port:         "8181" => "0"
  ingress.2239610842.protocol:          "tcp" => ""
  ingress.2239610842.security_groups.#: "0" => "0"
  ingress.2239610842.self:              "false" => "false"
  ingress.2239610842.to_port:           "8181" => "0"
  ingress.3443610518.cidr_blocks.#:     "0" => "5"
  ingress.3443610518.cidr_blocks.0:     "" => "172.23.4.0/22"
  ingress.3443610518.cidr_blocks.1:     "" => "208.137.6.0/24"
  ingress.3443610518.cidr_blocks.2:     "" => "209.236.99.0/26"
  ingress.3443610518.cidr_blocks.3:     "" => "216.58.165.0/24"
  ingress.3443610518.cidr_blocks.4:     "" => "68.233.167.160/28"
  ingress.3443610518.from_port:         "" => "8080"
  ingress.3443610518.protocol:          "" => "tcp"
  ingress.3443610518.security_groups.#: "0" => "0"
  ingress.3443610518.self:              "" => "false"
  ingress.3443610518.to_port:           "" => "8080"
  ingress.3910482560.cidr_blocks.#:     "0" => "5"
  ingress.3910482560.cidr_blocks.0:     "" => "172.23.4.0/22"
  ingress.3910482560.cidr_blocks.1:     "" => "208.137.6.0/24"
  ingress.3910482560.cidr_blocks.2:     "" => "209.236.99.0/26"
  ingress.3910482560.cidr_blocks.3:     "" => "216.58.165.0/24"
  ingress.3910482560.cidr_blocks.4:     "" => "68.233.167.160/28"
  ingress.3910482560.from_port:         "" => "8181"
  ingress.3910482560.protocol:          "" => "tcp"
  ingress.3910482560.security_groups.#: "0" => "0"
  ingress.3910482560.self:              "" => "false"
  ingress.3910482560.to_port:           "" => "8181"

This is difficult to parse for most people to see the changes. Additionally, the changes make it appear that much more is happening then just simply adding some CIDRs to the same ingress or egress block.
I realize that this is an effect of how this data is tracked in the state file but was hoping that we could brainstorm on some ways of displaying these changes more effectively.

[apparentlymart]

Hi @johnrengelman! Sorry we let this languish here for so long.

It looks like this is a more specific version of the issue raised in (and addressed by) #5179, so I'm going to close this out to consolidate the discussion over there.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.