같은 ingress port라고 하더라도 서로 다른 용도라고 하면, ingress block을 나눠서 작성하시는 것이 좋습니다.
Cache 엔진의 기본 포트가 아닌 다른 포트를 사용하시는 것이 좋습니다 ( 6379 -> xxxx )
vim terraform/databases/dayone-prod/dayonep_apnortheast2/dayone/elasticache_sg.tf
# Security Group for redis elasticacheresource"aws_security_group""dayone_redis"{name="dayone-redis-${data.terraform_remote_state.vpc.outputs.vpc_name}"description="dayone ElasticCache Redis Security Group"vpc_id=data.terraform_remote_state.vpc.outputs.vpc_id# It is recommanded to create new ingress block # even though port is same in order to distinguish the usage... ingress{# Please do not use default port for security.from_port=6379to_port=6379protocol="tcp"security_groups= [] # Please add security group IDsdescription="Internal redis service port from dayone application" }ingress{from_port=6379to_port=6379protocol="tcp"security_groups= [] # Please add security group IDs description="Internal redis service port from xxx-vpc" }egress{from_port=6379to_port=6379protocol="tcp"cidr_blocks= ["10.${data.terraform_remote_state.vpc.outputs.cidr_numeral}.0.0/16"]description="Internal redis service port outbound" }tags={Name="dayone-redis-${data.terraform_remote_state.vpc.outputs.vpc_name}-sg"project="dayone"role="redis"stack=data.terraform_remote_state.vpc.outputs.vpc_name }}