terraform-aws-modules · RoseSecurity · Dec 1, 2025 · Dec 1, 2025 · Dec 1, 2025 · bryantbiggs
diff --git a/modules/service/main.tf b/modules/service/main.tf
@@ -1868,22 +1868,22 @@ locals {
 }
 
 data "aws_subnet" "this" {
-  count = local.create_security_group ? 1 : 0
+  count = local.create_security_group && length(var.subnet_ids) > 0 ? 1 : 0
 
   region = var.region
 
   id = element(var.subnet_ids, 0)
 }
 
 resource "aws_security_group" "this" {
-  count = local.create_security_group ? 1 : 0
+  count = local.create_security_group && length(var.subnet_ids) > 0 ? 1 : 0
 
   region = var.region
 
   name        = var.security_group_use_name_prefix ? null : local.security_group_name
   name_prefix = var.security_group_use_name_prefix ? "${local.security_group_name}-" : null
   description = var.security_group_description
-  vpc_id      = var.vpc_id != null ? var.vpc_id : data.aws_subnet.this[0].vpc_id
+  vpc_id      = var.vpc_id != null ? var.vpc_id : one(data.aws_subnet.this[*].vpc_id)
 
   tags = merge(
     var.tags,