terraform.aws-baseline-infra/modules/compute/security-groups/README.md

1.5 KiB

security-groups-gen2

This module create security groups from a map

Inputs

Name Description Type Default Required
tags tags List n/a yes
vpc-id VPC id string n/a yes
security-groups See example below map n/a yes

security-groups input

Below is a sample security-groups map this module ingests. The rule list needs to have the id column to prevent list from being randomly sorted.

module "headdesk-sg" {
  source = "../../modules/compute/security-groups"

  security-groups = [
    {
      name        = "WebAccess"
      description = "Public web access"
      rules = [
        [1, "tcp", "0.0.0.0/0", "80", "80", "ingress", "web"],
        [2, "tcp", "0.0.0.0/0", "443", "443", "ingress", "web"],
        [3, "tcp", "0.0.0.0/0", "25", "25", "ingress", "mail"],
        [4, "tcp", "0.0.0.0/0", "587", "587", "ingress", "mail"],
        [5, "tcp", "0.0.0.0/0", "11993", "11993", "ingress", "mail"],
        [6, "-1", "0.0.0.0/0", "0", "0", "egress", "Allow outbound traffic"],
        [7, "tcp", "0.0.0.0/0", "2201", "2201", "ingress", "ssh"]
      ]
    },
    {
      name        = "MgmtAccess"
      description = "Allow management access"
      rules = [
        [1, "tcp", "223.18.148.85/32", "22", "22", "ingress", "xpk"]
      ]
    }
  ]
  tags   = local.default-tags
  vpc-id = module.vpc-subnet.vpc_id
}

Outputs

Name Description
sg-id-name A map of SG id and their names