From 53848d4f168a9911e1c67307eede3415f5744e15 Mon Sep 17 00:00:00 2001 From: Sohan Date: Tue, 26 May 2020 14:51:31 +0530 Subject: [PATCH] Add Security Group IDs ingress Role --- README.md | 30 +++++++++++++++--------------- README.yaml | 2 +- _example/example.tf | 2 +- main.tf | 6 +++--- variables.tf | 2 +- 5 files changed, 21 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 3a4d38f..c6c3b2e 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ This module has a few dependencies: Here is an example of how you can use this module in your inventory structure: ```hcl module "security_group" { - source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4" + source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.5" name = "security-group" application = "clouddrove" environment = "test" @@ -93,25 +93,25 @@ Here is an example of how you can use this module in your inventory structure: | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| allowed\_ip | List of allowed ip. | list | `` | no | -| allowed\_ports | List of allowed ingress ports. | list | `` | no | -| application | Application \(e.g. `cd` or `clouddrove`\). | string | `""` | no | -| description | The security group description. | string | `"Instance default security group (only egress access is allowed)."` | no | -| enable\_security\_group | Enable default Security Group with only Egress traffic allowed. | bool | `"true"` | no | -| environment | Environment \(e.g. `prod`, `dev`, `staging`\). | string | `""` | no | -| label\_order | Label order, e.g. `name`,`application`. | list | `` | no | -| managedby | ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. | string | `"anmol@clouddrove.com"` | no | -| name | Name \(e.g. `app` or `cluster`\). | string | `""` | no | -| protocol | The protocol. If not icmp, tcp, udp, or all use the. | string | `"tcp"` | no | -| security\_groups | List of Security Group IDs allowed to connect to the instance. | list | `` | no | -| tags | Additional tags \(e.g. map\(`BusinessUnit`,`XYZ`\). | map(string) | `` | no | -| vpc\_id | The ID of the VPC that the instance security group belongs to. | string | `""` | no | +| allowed_ip | List of allowed ip. | list | `` | no | +| allowed_ports | List of allowed ingress ports. | list | `` | no | +| application | Application (e.g. `cd` or `clouddrove`). | string | `` | no | +| description | The security group description. | string | `Instance default security group (only egress access is allowed).` | no | +| enable_security_group | Enable default Security Group with only Egress traffic allowed. | bool | `true` | no | +| environment | Environment (e.g. `prod`, `dev`, `staging`). | string | `` | no | +| label_order | Label order, e.g. `name`,`application`. | list | `` | no | +| managedby | ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. | string | `anmol@clouddrove.com` | no | +| name | Name (e.g. `app` or `cluster`). | string | `` | no | +| protocol | The protocol. If not icmp, tcp, udp, or all use the. | string | `tcp` | no | +| security_groups | List of Security Group IDs allowed to connect to the instance. | list(string) | `` | no | +| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`). | map(string) | `` | no | +| vpc_id | The ID of the VPC that the instance security group belongs to. | string | `` | no | ## Outputs | Name | Description | |------|-------------| -| security\_group\_ids | IDs on the AWS Security Groups associated with the instance. | +| security_group_ids | IDs on the AWS Security Groups associated with the instance. | | tags | A mapping of public tags to assign to the resource. | diff --git a/README.yaml b/README.yaml index e156c46..669db1b 100644 --- a/README.yaml +++ b/README.yaml @@ -36,7 +36,7 @@ usage : |- Here is an example of how you can use this module in your inventory structure: ```hcl module "security_group" { - source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4" + source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.5" name = "security-group" application = "clouddrove" environment = "test" diff --git a/_example/example.tf b/_example/example.tf index efccad8..dc79517 100644 --- a/_example/example.tf +++ b/_example/example.tf @@ -3,7 +3,7 @@ provider "aws" { } module "vpc" { - source = "git::https://github.com/clouddrove/terraform-aws-vpc.git?ref=tags/0.12.4" + source = "git::https://github.com/clouddrove/terraform-aws-vpc.git?ref=tags/0.12.5" name = "vpc" application = "clouddrove" diff --git a/main.tf b/main.tf index bfd98ba..83108cb 100644 --- a/main.tf +++ b/main.tf @@ -50,7 +50,7 @@ resource "aws_security_group_rule" "egress" { to_port = 65535 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] - security_group_id = aws_security_group.default[0].id + security_group_id = join("", aws_security_group.default.*.id) } #Module : SECURITY GROUP RULE FOR INGRESS @@ -64,7 +64,7 @@ resource "aws_security_group_rule" "ingress" { to_port = element(var.allowed_ports, count.index) protocol = var.protocol cidr_blocks = var.allowed_ip - security_group_id = aws_security_group.default[0].id + security_group_id = join("", aws_security_group.default.*.id) } resource "aws_security_group_rule" "ingress_sg" { @@ -75,5 +75,5 @@ resource "aws_security_group_rule" "ingress_sg" { to_port = element(element(local.ports_source_sec_group_product, count.index), 0) protocol = var.protocol source_security_group_id = element(element(local.ports_source_sec_group_product, count.index), 1) - security_group_id = aws_security_group.default[0].id + security_group_id = join("", aws_security_group.default.*.id) } diff --git a/variables.tf b/variables.tf index 95310d6..00ed2e6 100644 --- a/variables.tf +++ b/variables.tf @@ -69,7 +69,7 @@ variable "allowed_ip" { } variable "security_groups" { - type = list + type = list(string) default = [] description = "List of Security Group IDs allowed to connect to the instance." }