History

xpk c3b62a163b UPD: added default_tags validation		2023-11-23 17:00:16 +08:00
..
main.tf	UPD: added default_tags validation	2023-11-23 17:00:16 +08:00
outputs.tf	NEW: new security group module	2023-11-23 16:58:41 +08:00
README.md	NEW: new security group module	2023-11-23 16:58:41 +08:00
variables.tf	NEW: new security group module	2023-11-23 16:58:41 +08:00

README.md

security-groups-gen2

This module create security groups from a map

Inputs

Name	Description	Type	Default	Required
tags	tags	List	n/a	yes
vpc-id	VPC id	string	n/a	yes
security-groups	See example below	map	n/a	yes

security-groups input

Below is a sample security-groups map this module ingests

module "bea-bast-sg" {
  source = "../../modules/compute/security_groups"

  security-groups = [
    {
      name        = "RackspaceAdmin2"
      description = "Allow rdp/ssh access from Rackspace"
      ingress = {
        r1  = "icmp,-1,-1,0.0.0.0/0,ICMP ping"
        r2  = "-1,-1,-1,1.2.3.4/32,Foo access"
      }
      egress = {
        r1 = "-1,-1,-1,0.0.0.0/0,Default egress rule"
      }
    },
    {
      name        = "RackspaceAdmin"
      description = "Allow rdp/ssh access from Rackspace"
      ingress = {
        r1 = "tcp,443,443,${aws_ec2_managed_prefix_list.rsip_range.id},Bar ip ranges"
        r2 = "tcp,22,22,2.3.4.5/32,Joe Blow"
      }
      egress = {
        r1 = "-1,-1,-1,0.0.0.0/0,Default egress rule"
      }
    }
  ]

  tags   = local.default-tags
  vpc-id = "vpc-xxx"
}

Outputs

Name	Description
sg-id-name	A map of SG id and their names