The internal hec SG needs to only be created for moose

To be tagged v1.24.6 (with the DNS entry)

base/splunk_servers/legacy_hec/elb-without-ack-internal.tf

@@ -46,7 +46,7 @@ resource "aws_lb" "hec_internal" {
   tags               = merge(var.standard_tags, var.tags)
   name               = "iratemoses"
   load_balancer_type = "application"
-  security_groups    = [ data.aws_security_group.hec_internal_elb_security_group.id ]
+  security_groups    = [ data.aws_security_group.hec_internal_elb_security_group[0].id ]
   subnets            = var.private_subnets
   internal           = true
 }

base/splunk_servers/legacy_hec/security-group-elbs.tf

@@ -4,6 +4,7 @@ data "aws_security_group" "hec_elb_security_group" {
 }
 
 data "aws_security_group" "hec_internal_elb_security_group" {
+  count = local.is_moose ? 1 : 0
   name   = "hec_pvt_elb_security_group"
   vpc_id = var.vpc_id
 }