Idempotence when extending AWS security group rules in Terraform

Terraform acts so weird when mixing up between aws_security_group and aws_security_group_rule in extending AWS security group rules.

Context: that leads to not idempotent for each apply (without changing anything in IaC)

  • Create one security group using aws_security_group with some predefined inlines
  • Extending more rules (rows) in that secgroup by using aws_security_group_rule to add more discrete rules
  • At each time executing terraform plan/apply, terraform re-creates rules lead to fcked up idempotent of result.

Sample code at:

The art of on-call duty

Being on-call means working/fixing live issues under high pressure and almost during midnight and/or weekend.

  • Taking strong responsibility for what we work, for what we did, for what we build
  • Uptime is an important metric, also critical to the success of our production.
  • If our product is down, we acutely feel our customer’s pain
  • Being on-call duty means we can learn a lot from it, for both technical knowledge & growing mindset.
  • Must get high paid for each on-call duty shift, because of stressful.