computed_egress_with_prefix_list_ids fails with "Invalid index" when using prefix_list_id (v5.3.0)

[algo7]

Description

When using computed_egress_with_prefix_list_ids with a map that contains prefix_list_id , the module still attempts to read ["source_security_group_id"] internally and fails with:

Error: Invalid index
... source_security_group_id = var.computed_egress_with_prefix_list_ids[count.index]["source_security_group_id"]

This makes it impossible to use the computed prefix-list egress in v5.3.0

I believe the module source unconditionally references source_security_group_id inside the computed_egress_with_prefix_list_ids resource rather than conditionally/optionally looking up prefix_list_id.

I’ve provided a complete, minimal reproduction below.

• ✋ I have searched the open/closed issues and my issue is not listed.

Note

• Removed .terraform/, re-initialized, and re-applied. The issue persists.

Versions

• Module version [Required]: terraform-aws-modules/security-group/aws v5.3.0
• Terraform version: 1.13.4
• Provider version(s): hashicorp/aws ~> 6.0

Reproduction Code [Required]

Create a new empty directory and save the following as main.tf. Then run:

terraform init && terraform apply -auto-approve

main.tf

terraform {
  required_version = ">= 1.13.4"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 6.0"
    }
  }
}

provider "aws" {
  region = var.region
}

variable "region" {
  type    = string
  default = "eu-west-1"
}

# Minimal VPC for the SG module
resource "aws_vpc" "this" {
  cidr_block = "10.0.0.0/16"
}

data "aws_region" "current" {}

# Managed prefix list for S3
data "aws_ec2_managed_prefix_list" "s3" {
  name = "com.amazonaws.${data.aws_region.current.name}.s3"
}

module "sg_bug_repro" {
  source  = "terraform-aws-modules/security-group/aws"
  version = "5.3.0"

  name   = "bug-repro"
  vpc_id = aws_vpc.this.id

  #  Repro: computed_egress_with_prefix_list_ids
  computed_egress_with_prefix_list_ids = [{
    rule           = "https-443-tcp"
    prefix_list_id = data.aws_ec2_managed_prefix_list.s3.id
    description    = "Repro bug: computed + prefix_list_id only"
  }]
  number_of_computed_egress_with_prefix_list_ids = 1
}

Steps to reproduce the behavior:

1. terraform init
2. terraform apply -auto-approve
3. Observe the error referencing ["source_security_group_id"] inside the module.

Expected behavior

computed_egress_with_prefix_list_ids should accept objects that include prefix_list_id (without requiring source_security_group_id) and create a corresponding egress rule referencing the managed prefix list.

Actual behavior

Apply fails with:

Error: Invalid index
  on .terraform/modules/<module>/main.tf line XXX, in resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids":
   959: source_security_group_id = var.computed_egress_with_prefix_list_ids[count.index]["source_security_group_id"]

The given key does not identify an element in this collection value.

Terminal Output Screenshot(s)

The above error is the complete output