diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index 80fa2be06..361c95cee 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -111,7 +111,10 @@ func flattenIPPerms(list []ec2.IPPerm) []map[string]interface{} { n["from_port"] = perm.FromPort n["protocol"] = perm.Protocol n["to_port"] = perm.ToPort - n["cidr_blocks"] = perm.SourceIPs + + if len(perm.SourceIPs) > 0 { + n["cidr_blocks"] = perm.SourceIPs + } if v := flattenSecurityGroups(perm.SourceGroups); len(v) > 0 { n["security_groups"] = v diff --git a/builtin/providers/aws/structure_test.go b/builtin/providers/aws/structure_test.go index 3f1259194..0b5c46225 100644 --- a/builtin/providers/aws/structure_test.go +++ b/builtin/providers/aws/structure_test.go @@ -155,6 +155,24 @@ func Test_flattenIPPerms(t *testing.T) { }, }, }, + { + Input: []ec2.IPPerm{ + ec2.IPPerm{ + Protocol: "icmp", + FromPort: 1, + ToPort: -1, + SourceIPs: nil, + }, + }, + + Output: []map[string]interface{}{ + map[string]interface{}{ + "protocol": "icmp", + "from_port": 1, + "to_port": -1, + }, + }, + }, } for _, tc := range cases {