Skip to content

Commit

Permalink
Merge pull request #6 from clouddrove/CD-150
Browse files Browse the repository at this point in the history
Add Security Group IDs ingress Role
  • Loading branch information
yadavprakash authored May 26, 2020
2 parents c5b3834 + 53848d4 commit 78a5321
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 21 deletions.
30 changes: 15 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ This module has a few dependencies:
Here is an example of how you can use this module in your inventory structure:
```hcl
module "security_group" {
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4"
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.5"
name = "security-group"
application = "clouddrove"
environment = "test"
Expand All @@ -93,25 +93,25 @@ Here is an example of how you can use this module in your inventory structure:

| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| allowed\_ip | List of allowed ip. | list | `<list>` | no |
| allowed\_ports | List of allowed ingress ports. | list | `<list>` | no |
| application | Application \(e.g. `cd` or `clouddrove`\). | string | `""` | no |
| description | The security group description. | string | `"Instance default security group (only egress access is allowed)."` | no |
| enable\_security\_group | Enable default Security Group with only Egress traffic allowed. | bool | `"true"` | no |
| environment | Environment \(e.g. `prod`, `dev`, `staging`\). | string | `""` | no |
| label\_order | Label order, e.g. `name`,`application`. | list | `<list>` | no |
| managedby | ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. | string | `"anmol@clouddrove.com"` | no |
| name | Name \(e.g. `app` or `cluster`\). | string | `""` | no |
| protocol | The protocol. If not icmp, tcp, udp, or all use the. | string | `"tcp"` | no |
| security\_groups | List of Security Group IDs allowed to connect to the instance. | list | `<list>` | no |
| tags | Additional tags \(e.g. map\(`BusinessUnit`,`XYZ`\). | map(string) | `<map>` | no |
| vpc\_id | The ID of the VPC that the instance security group belongs to. | string | `""` | no |
| allowed_ip | List of allowed ip. | list | `<list>` | no |
| allowed_ports | List of allowed ingress ports. | list | `<list>` | no |
| application | Application (e.g. `cd` or `clouddrove`). | string | `` | no |
| description | The security group description. | string | `Instance default security group (only egress access is allowed).` | no |
| enable_security_group | Enable default Security Group with only Egress traffic allowed. | bool | `true` | no |
| environment | Environment (e.g. `prod`, `dev`, `staging`). | string | `` | no |
| label_order | Label order, e.g. `name`,`application`. | list | `<list>` | no |
| managedby | ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. | string | `anmol@clouddrove.com` | no |
| name | Name (e.g. `app` or `cluster`). | string | `` | no |
| protocol | The protocol. If not icmp, tcp, udp, or all use the. | string | `tcp` | no |
| security_groups | List of Security Group IDs allowed to connect to the instance. | list(string) | `<list>` | no |
| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`). | map(string) | `<map>` | no |
| vpc_id | The ID of the VPC that the instance security group belongs to. | string | `` | no |

## Outputs

| Name | Description |
|------|-------------|
| security\_group\_ids | IDs on the AWS Security Groups associated with the instance. |
| security_group_ids | IDs on the AWS Security Groups associated with the instance. |
| tags | A mapping of public tags to assign to the resource. |


Expand Down
2 changes: 1 addition & 1 deletion README.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ usage : |-
Here is an example of how you can use this module in your inventory structure:
```hcl
module "security_group" {
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4"
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.5"
name = "security-group"
application = "clouddrove"
environment = "test"
Expand Down
2 changes: 1 addition & 1 deletion _example/example.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ provider "aws" {
}

module "vpc" {
source = "git::https://github.com/clouddrove/terraform-aws-vpc.git?ref=tags/0.12.4"
source = "git::https://github.com/clouddrove/terraform-aws-vpc.git?ref=tags/0.12.5"

name = "vpc"
application = "clouddrove"
Expand Down
6 changes: 3 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ resource "aws_security_group_rule" "egress" {
to_port = 65535
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.default[0].id
security_group_id = join("", aws_security_group.default.*.id)
}

#Module : SECURITY GROUP RULE FOR INGRESS
Expand All @@ -64,7 +64,7 @@ resource "aws_security_group_rule" "ingress" {
to_port = element(var.allowed_ports, count.index)
protocol = var.protocol
cidr_blocks = var.allowed_ip
security_group_id = aws_security_group.default[0].id
security_group_id = join("", aws_security_group.default.*.id)
}

resource "aws_security_group_rule" "ingress_sg" {
Expand All @@ -75,5 +75,5 @@ resource "aws_security_group_rule" "ingress_sg" {
to_port = element(element(local.ports_source_sec_group_product, count.index), 0)
protocol = var.protocol
source_security_group_id = element(element(local.ports_source_sec_group_product, count.index), 1)
security_group_id = aws_security_group.default[0].id
security_group_id = join("", aws_security_group.default.*.id)
}
2 changes: 1 addition & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ variable "allowed_ip" {
}

variable "security_groups" {
type = list
type = list(string)
default = []
description = "List of Security Group IDs allowed to connect to the instance."
}
Expand Down

0 comments on commit 78a5321

Please sign in to comment.