diff --git a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
index 3f5db23f..fd0e7481 100644
--- a/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_backend/tasks/main.yml
@@ -2,47 +2,11 @@
# Backend Build
############################################################################################################################
-- name: remove the application_example.properties file
- file:
- path: "{{ workspace }}/src/main/resources/application_example.properties"
- state: absent
-
- name: copy application.properties file to /src/main/resources/
template:
src: "{{ workspace }}/src/main/resources/application.properties.j2"
dest: "{{ workspace }}/src/main/resources/application.properties"
-- name: create graphql directory in backend
- file:
- state: directory
- path: "{{ workspace }}/src/main/resources/graphql"
-
-- name: create yaml directory in backend
- file:
- state: directory
- path: "{{ workspace }}/src/main/resources/yaml"
-
-- name: copy schema from frontend to resources
- template:
- remote_src: yes
- src: "{{item.src}}"
- dest: "{{item.dest}}"
- loop:
- - { src: "{{ workspace }}/{{ project_name }}-frontend/graphql/{{ schema_file}}",dest: "{{ workspace }}/src/main/resources/graphql/{{ schema_file}}"}
- - { src: "{{ workspace }}/{{ project_name }}-frontend/graphql/{{ public_schema_file}}",dest: "{{ workspace }}/src/main/resources/graphql/{{ public_schema_file}}"}
-
-- name: verify test queries file exists
- stat:
- path: "{{ workspace }}/{{ project_name }}-frontend/yaml/{{ test_queries_file }}"
- register: test_queries
-
-- name: copy test queries from frontend to resources
- template:
- remote_src: yes
- src: "{{ workspace }}/{{ project_name }}-frontend/yaml/{{ test_queries_file }}"
- dest: "{{ workspace }}/src/main/resources/yaml/{{ test_queries_file }}"
- when: test_queries.stat.exists
-
- name: build springboot code
command: mvn package -DskipTests
args:
@@ -69,16 +33,16 @@
force_source: yes
source: build
-- name: test image for vulnerabilities
- block:
- - name: run trivy scanner on
- #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
- command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
- register: vuln_results
- always:
- - name: echo vulnerability results
- debug:
- msg: "{{ vuln_results.stdout_lines }}"
+# - name: test image for vulnerabilities
+# block:
+# - name: run trivy scanner on
+# #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
+# command: "trivy image --timeout 15m --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+# register: vuln_results
+# always:
+# - name: echo vulnerability results
+# debug:
+# msg: "{{ vuln_results.stdout_lines }}"
- name: Add {{ project_name }}-{{ container_name }} image to ECR
docker_image:
@@ -89,10 +53,3 @@
push: yes
source: local
-- name: Add tag latest to {{ project_name }}-{{container_name}} image
- community.docker.docker_image:
- name: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:{{ image_version }}.{{build_number}}"
- repository: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:latest"
- force_tag: yes
- push: yes
- source: local
diff --git a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
index a9bd4c08..11d2feee 100644
--- a/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/build_frontend/tasks/main.yml
@@ -6,7 +6,7 @@
- name: copy nginx conf
copy:
remote_src: yes
- src: '{{workspace}}/icdc-devops/docker/dockerfiles/nginx.conf'
+ src: '{{workspace}}/playbooks/docker/dockerfiles/nginx.conf'
dest: '{{workspace}}/build/nginx.conf'
- name: copy entrypoint.sh to workspace
@@ -21,6 +21,8 @@
args:
chdir: "{{ container_build_path }}"
warn: false
+ environment:
+ NODE_OPTIONS: --max-old-space-size=4096
loop:
- npm set progress=false
- npm install --silent
@@ -45,7 +47,7 @@
src: '{{ dockerfile_path }}'
dest: '{{workspace}}/build/Dockerfile'
-- name: build {{ project_name }}-{{container_name}} image
+- name: build {{ program }}-{{ project_name }}-{{container_name}} image
community.docker.docker_image:
build:
args:
@@ -53,7 +55,7 @@
path: "{{workspace}}/build"
pull: yes
# nocache: yes
- name: "{{ project_name }}-{{ container_name }}"
+ name: "{{ program }}-{{ project_name }}-{{ container_name }}"
tag: "{{ image_version }}.{{ build_number }}"
push: no
force_source: yes
@@ -61,34 +63,26 @@
environment:
DOCKER_BUILDKIT: 1
-- name: test image for vulnerabilities
- block:
- - name: run trivy scanner on
- #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
- command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
- register: vuln_results
- always:
- - name: echo vulnerability results
- debug:
- msg: "{{ vuln_results.stdout_lines }}"
+# - name: test image for vulnerabilities
+# block:
+# - name: run trivy scanner on
+# #command: "trivy image --exit-code 1 --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}-{{ build_number }}"
+# command: "trivy image --severity HIGH,CRITICAL {{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+# register: vuln_results
+# always:
+# - name: echo vulnerability results
+# debug:
+# msg: "{{ vuln_results.stdout_lines }}"
- name: debug
debug:
- msg: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+ msg: "{{ container_registry_url }}/{{ program }}-{{ project_name }}-{{ container_name }}:{{ image_version }}.{{ build_number }}"
+
- name: Add {{ project_name }}-{{ container_name }} image to ECR
community.docker.docker_image:
- name: "{{ project_name }}-{{ container_name }}"
- repository: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}"
+ name: "{{ program }}-{{ project_name }}-{{ container_name }}"
+ repository: "{{ container_registry_url }}/{{ program }}-{{ project_name }}-{{ container_name }}"
tag: "{{ image_version }}.{{ build_number }}"
force_tag: yes
push: yes
source: local
-
-
-- name: Add tag latest to {{ project_name }}-{{container_name}} image
- community.docker.docker_image:
- name: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:{{ image_version }}.{{build_number}}"
- repository: "{{ container_registry_url }}/{{ project_name }}-{{ container_name }}:latest"
- force_tag: yes
- push: yes
- source: local
\ No newline at end of file
diff --git a/ansible/collections/bento/common/roles/ecr_login/tasks/main.yml b/ansible/collections/bento/common/roles/ecr_login/tasks/main.yml
index 0fc769d0..e5a0efd3 100644
--- a/ansible/collections/bento/common/roles/ecr_login/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecr_login/tasks/main.yml
@@ -4,10 +4,10 @@
- name: set ECR registry name
set_fact:
- ecr_repo: "{{ caller_info.account }}.dkr.ecr.{{ region }}.amazonaws.com"
+ ecr_repo: "986019062625.dkr.ecr.{{ region }}.amazonaws.com"
account: "{{ caller_info.account }}"
- name: login into ecr
shell: "docker login -u AWS -p $(aws ecr get-login-password --region {{ region }}) {{ ecr_repo }}"
ignore_errors: True
- register: ecr_login
\ No newline at end of file
+ register: ecr_login
diff --git a/ansible/collections/bento/common/roles/ecs/tasks/main.yml b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
index 762ac9e9..ff3e4deb 100644
--- a/ansible/collections/bento/common/roles/ecs/tasks/main.yml
+++ b/ansible/collections/bento/common/roles/ecs/tasks/main.yml
@@ -1,5 +1,5 @@
---
-- name: create task definition for {{ project_name }}-{{ container_name }}
+- name: create task definition for "{{ program }}-{{ tier }}-{{ project_name }}-{{ microservice }}"
community.aws.ecs_taskdefinition:
containers:
- name: sumologic-firelens
@@ -11,14 +11,14 @@
enable-ecs-log-metadata: "true"
- name: "{{ project_name }}-{{ tier }}-fargate-infra"
essential: true
- image: "newrelic/nri-ecs:1.9.2"
+ image: "newrelic/nri-ecs:1.9.9"
environment:
- name: NRIA_OVERRIDE_HOST_ROOT
value: ""
- name: NRIA_IS_FORWARD_ONLY
value: "true"
- name: NEW_RELIC_APP_NAME
- value: "{{ project_name }}-{{tier}}-{{ container_name }}"
+ value: "{{ program }}-{{ tier }}-{{ project_name }}-{{ microservice }}"
- name: NEW_RELIC_DISTRIBUTED_TRACING_ENABLED
value: "true"
- name: NEW_RELIC_HOST
@@ -31,7 +31,7 @@
value: "{\"nrDeployMethod\":\"downloadPage\"}"
- name: NRIA_LICENSE_KEY
value: "{{ newrelic_license_key }}"
- - name: "{{ container_name }}"
+ - name: "{{ program }}-{{ project_name }}-{{ microservice }}"
essential: true
image: "{{ container_image_url }}:{{ image_version }}"
environment: "{{ container_env }}"
@@ -54,7 +54,7 @@
network_mode: awsvpc
execution_role_arn: "arn:aws:iam::{{ account }}:role/{{ execution_role }}"
task_role_arn: "arn:aws:iam::{{ account }}:role/{{ task_role }}"
- family: "{{ project_name }}-{{ tier }}-{{ container_name }}"
+ family: "{{ program }}-{{ tier }}-{{ project_name }}-{{ microservice }}"
memory: "{{ container_memory }}"
cpu: "{{ container_cpu }}"
state: present
@@ -67,17 +67,18 @@
############################################################################################################################
- name: query task definition - {{ container_name }}
ecs_taskdefinition_info:
- task_definition: "{{ project_name }}-{{ tier }}-{{ container_name }}"
+ task_definition: "{{ program }}-{{ tier }}-{{ project_name }}-{{ microservice }}"
region: "{{ region }}"
register: task
############################################################################################################################
# Service Queries
############################################################################################################################
-- name: query {{ container_name }} service
+
+- name: query {{ service_name }} service
ecs_service_info:
cluster: "{{ ecs_cluster_name }}"
- service: "{{ project_name }}-{{ tier }}-{{ container_name }}"
+ service: "{{ service_name }}"
details: true
region: "{{ region }}"
register: service
@@ -89,13 +90,14 @@
lb: "{{ service.services[0].loadBalancers }}"
role_arn: "{{ service.services[0].roleArn }}"
-###########################################################################################################################
-#Update Services
############################################################################################################################
-- name: update {{ container_name }} service
+# Update Services
+############################################################################################################################
+
+- name: update {{ service_name }} service
ecs_service:
state: present
- name: "{{ project_name }}-{{ tier }}-{{ container_name }}"
+ name: "{{ service_name }}"
cluster: "{{ ecs_cluster_name }}"
task_definition: "{{ task_name }}:{{ task_revision }}"
role: "{{ role_arn }}"
@@ -109,4 +111,4 @@
desired_count: 1
load_balancers: "{{ lb }}"
region: "{{ region }}"
- register: output
\ No newline at end of file
+ register: output
diff --git a/terraform/modules/cloudfront/README.md b/terraform/modules/cloudfront/README.md
new file mode 100644
index 00000000..5c2b2f30
--- /dev/null
+++ b/terraform/modules/cloudfront/README.md
@@ -0,0 +1,89 @@
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudfront_distribution.distribution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |
+| [aws_cloudfront_key_group.key_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_key_group) | resource |
+| [aws_cloudfront_origin_access_identity.origin_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_identity) | resource |
+| [aws_cloudfront_public_key.public_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_public_key) | resource |
+| [aws_cloudwatch_event_rule.every_7am](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
+| [aws_cloudwatch_event_target.run_waf_report_every_7am](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
+| [aws_cloudwatch_log_group.log_group_slack](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_group.log_group_waf](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_metric_alarm.cloudfront_alarm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
+| [aws_iam_policy.cloudwatch_log_iam_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.firehose_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.lambda_iam_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy_attachment.cloudwatch_log_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
+| [aws_iam_policy_attachment.lambda_s3_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
+| [aws_iam_role.firehose_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role.lambda_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.firehose_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_kinesis_firehose_delivery_stream.firehose_stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream) | resource |
+| [aws_lambda_function.slack_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_function.slack_waf](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_permission.cloudwatch_invoke_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
+| [aws_lambda_permission.lambda_invoke_sns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
+| [aws_s3_bucket.access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket.files](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket.kinesis_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_policy.bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_sns_topic.cloudfront_alarm_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
+| [aws_sns_topic_subscription.subscribe_slack_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
+| [aws_wafv2_ip_set.ip_sets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_ip_set) | resource |
+| [aws_wafv2_regex_pattern_set.api_files_pattern](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_regex_pattern_set) | resource |
+| [aws_wafv2_web_acl.waf](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_web_acl) | resource |
+| [aws_wafv2_web_acl_logging_configuration.waf_logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_web_acl_logging_configuration) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_cloudfront_cache_policy.managed_cache](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_cache_policy) | data source |
+| [aws_cloudfront_origin_request_policy.s3_cors](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_origin_request_policy) | data source |
+| [aws_iam_policy_document.firehose_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.kinesis_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.lambda_assume_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.lambda_exec_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.lambda_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| [aws_s3_bucket.files_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |
+| [aws_secretsmanager_secret_version.cloudfront](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret_version) | data source |
+| [aws_secretsmanager_secret_version.slack_url](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret_version) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [alarms](#input\_alarms) | alarms to be configured | `map(map(string))` | n/a | yes |
+| [cloudfront\_distribution\_bucket\_name](#input\_cloudfront\_distribution\_bucket\_name) | specify the name of s3 bucket for cloudfront | `string` | n/a | yes |
+| [cloudfront\_slack\_channel\_name](#input\_cloudfront\_slack\_channel\_name) | cloudfront slack name | `string` | n/a | yes |
+| [create\_files\_bucket](#input\_create\_files\_bucket) | indicate if you want to create files bucket or use existing one | `bool` | `false` | no |
+| [domain\_name](#input\_domain\_name) | domain name for the application | `string` | n/a | yes |
+| [env](#input\_env) | environment | `string` | n/a | yes |
+| [iam\_prefix](#input\_iam\_prefix) | The string prefix for IAM roles and policies to conform to NCI power-user compliance | `string` | `"power-user"` | no |
+| [public\_key\_path](#input\_public\_key\_path) | path of public key | `any` | `null` | no |
+| [slack\_secret\_name](#input\_slack\_secret\_name) | name of cloudfront slack secret | `string` | n/a | yes |
+| [slack\_url\_secret\_key](#input\_slack\_url\_secret\_key) | secret key name for the slack url | `string` | `"cloud-front-slack-url"` | no |
+| [stack\_name](#input\_stack\_name) | name of the project | `string` | n/a | yes |
+| [tags](#input\_tags) | tags to associate with this instance | `map(string)` | n/a | yes |
+| [target\_account\_cloudone](#input\_target\_account\_cloudone) | to add check conditions on whether the resources are brought up in cloudone or not | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [cloudfront\_distribution\_endpoint](#output\_cloudfront\_distribution\_endpoint) | n/a |
+
\ No newline at end of file
diff --git a/terraform/modules/ecs/README.md b/terraform/modules/ecs/README.md
index 08a5d1af..348c33ee 100644
--- a/terraform/modules/ecs/README.md
+++ b/terraform/modules/ecs/README.md
@@ -42,7 +42,7 @@ No modules.
| [aws_security_group.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group.ecs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group_rule.all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.nih_network_ingress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
+| [aws_security_group_rule.app_all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.ecs_exec_cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.ecs_exec_command](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
diff --git a/terraform/modules/loadbalancer/README.md b/terraform/modules/loadbalancer/README.md
index 874f2ba9..65af3e69 100644
--- a/terraform/modules/loadbalancer/README.md
+++ b/terraform/modules/loadbalancer/README.md
@@ -21,6 +21,7 @@ No modules.
| [aws_lb_listener.http](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
| [aws_lb_listener.https](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
| [aws_security_group.alb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_security_group_rule.all_egress](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
## Inputs