Skip to content

T
terraform-aws-security-group
Commit 0c0572f1 authored by Rob Lazzurs's avatar Rob Lazzurs Committed by GitHub
Browse files
Options

feat: Adding LDAP into rules.tf (#195)

parent b6362f88
Show whitespace changes
Inline Side-by-side
Showing with 886 additions and 195 deletions
.pre-commit-config.yaml
View file @ 0c0572f1
repos:
- repo: git://github.com/antonbabenko/pre-commit-terraform
rev: v1.31.0
rev: v1.45.0
hooks:
- id: terraform_fmt
- id: terraform_docs
- repo: git://github.com/pre-commit/pre-commit-hooks
rev: v3.1.0
rev: v3.3.0
hooks:
- id: check-merge-conflict
README.md
View file @ 0c0572f1
......@@ -161,20 +161,20 @@ No issue is creating limit on this module.
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
| Name | Version |
|------|---------|
| aws | >= 2.42, < 4.0 |
| aws | >= 2.42 |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| auto\_groups | Map of groups of security group rules to use to generate modules (see update\_groups.sh) | `map(map(list(string)))` | <pre>{<br> "activemq": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "activemq-5671-tcp",<br> "activemq-8883-tcp",<br> "activemq-61614-tcp",<br> "activemq-61617-tcp",<br> "activemq-61619-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "alertmanager": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "alertmanager-9093-tcp",<br> "alertmanager-9094-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "carbon-relay-ng": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "carbon-line-in-tcp",<br> "carbon-line-in-udp",<br> "carbon-pickle-tcp",<br> "carbon-pickle-udp",<br> "carbon-gui-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "cassandra": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "cassandra-clients-tcp",<br> "cassandra-thrift-clients-tcp",<br> "cassandra-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "consul": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "consul-tcp",<br> "consul-cli-rpc-tcp",<br> "consul-webui-tcp",<br> "consul-dns-tcp",<br> "consul-dns-udp",<br> "consul-serf-lan-tcp",<br> "consul-serf-lan-udp",<br> "consul-serf-wan-tcp",<br> "consul-serf-wan-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "docker-swarm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "docker-swarm-mngmt-tcp",<br> "docker-swarm-node-tcp",<br> "docker-swarm-node-udp",<br> "docker-swarm-overlay-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "elasticsearch": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "elasticsearch-rest-tcp",<br> "elasticsearch-java-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "grafana": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "grafana-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "graphite-statsd": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "graphite-webui",<br> "graphite-2003-tcp",<br> "graphite-2004-tcp",<br> "graphite-2023-tcp",<br> "graphite-2024-tcp",<br> "graphite-8080-tcp",<br> "graphite-8125-tcp",<br> "graphite-8125-udp",<br> "graphite-8126-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "http-80": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-80-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "http-8080": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-8080-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "https-443": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "https-443-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "https-8443": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "https-8443-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ipsec-4500": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ipsec-4500-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ipsec-500": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ipsec-500-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kafka": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kafka-broker-tcp",<br> "kafka-broker-tls-tcp",<br> "kafka-jmx-exporter-tcp",<br> "kafka-node-exporter-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kibana": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kibana-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kubernetes-api": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kubernetes-api-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ldaps": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ldaps-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "logstash": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "logstash-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "memcached": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "memcached-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "minio": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "minio-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mongodb": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mongodb-27017-tcp",<br> "mongodb-27018-tcp",<br> "mongodb-27019-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mssql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mssql-tcp",<br> "mssql-udp",<br> "mssql-analytics-tcp",<br> "mssql-broker-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mysql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mysql-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "nfs": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "nfs-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "nomad": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "nomad-http-tcp",<br> "nomad-rpc-tcp",<br> "nomad-serf-tcp",<br> "nomad-serf-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ntp": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ntp-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "openvpn": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "openvpn-udp",<br> "openvpn-tcp",<br> "openvpn-https-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "oracle-db": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "oracle-db-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "postgresql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "postgresql-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "prometheus": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "prometheus-http-tcp",<br> "prometheus-pushgateway-http-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "puppet": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "puppet-tcp",<br> "puppetdb-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "rabbitmq": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "rabbitmq-4369-tcp",<br> "rabbitmq-5671-tcp",<br> "rabbitmq-5672-tcp",<br> "rabbitmq-15672-tcp",<br> "rabbitmq-25672-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "rdp": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "rdp-tcp",<br> "rdp-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "redis": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "redis-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "redshift": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "redshift-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "solr": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "solr-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "splunk": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "splunk-indexer-tcp",<br> "splunk-clients-tcp",<br> "splunk-splunkd-tcp",<br> "splunk-hec-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "squid": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "squid-proxy-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ssh": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ssh-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "storm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "storm-nimbus-tcp",<br> "storm-ui-tcp",<br> "storm-supervisor-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "web": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-80-tcp",<br> "http-8080-tcp",<br> "https-443-tcp",<br> "web-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "winrm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "winrm-http-tcp",<br> "winrm-https-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "zipkin": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "zipkin-admin-tcp",<br> "zipkin-admin-query-tcp",<br> "zipkin-admin-web-tcp",<br> "zipkin-query-tcp",<br> "zipkin-web-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "zookeeper": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "zookeeper-2181-tcp",<br> "zookeeper-2888-tcp",<br> "zookeeper-3888-tcp",<br> "zookeeper-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> }<br>}</pre> | no |
| auto\_groups | Map of groups of security group rules to use to generate modules (see update\_groups.sh) | `map(map(list(string)))` | <pre>{<br> "activemq": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "activemq-5671-tcp",<br> "activemq-8883-tcp",<br> "activemq-61614-tcp",<br> "activemq-61617-tcp",<br> "activemq-61619-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "alertmanager": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "alertmanager-9093-tcp",<br> "alertmanager-9094-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "carbon-relay-ng": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "carbon-line-in-tcp",<br> "carbon-line-in-udp",<br> "carbon-pickle-tcp",<br> "carbon-pickle-udp",<br> "carbon-gui-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "cassandra": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "cassandra-clients-tcp",<br> "cassandra-thrift-clients-tcp",<br> "cassandra-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "consul": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "consul-tcp",<br> "consul-cli-rpc-tcp",<br> "consul-webui-tcp",<br> "consul-dns-tcp",<br> "consul-dns-udp",<br> "consul-serf-lan-tcp",<br> "consul-serf-lan-udp",<br> "consul-serf-wan-tcp",<br> "consul-serf-wan-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "docker-swarm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "docker-swarm-mngmt-tcp",<br> "docker-swarm-node-tcp",<br> "docker-swarm-node-udp",<br> "docker-swarm-overlay-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "elasticsearch": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "elasticsearch-rest-tcp",<br> "elasticsearch-java-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "grafana": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "grafana-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "graphite-statsd": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "graphite-webui",<br> "graphite-2003-tcp",<br> "graphite-2004-tcp",<br> "graphite-2023-tcp",<br> "graphite-2024-tcp",<br> "graphite-8080-tcp",<br> "graphite-8125-tcp",<br> "graphite-8125-udp",<br> "graphite-8126-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "http-80": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-80-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "http-8080": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-8080-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "https-443": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "https-443-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "https-8443": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "https-8443-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ipsec-4500": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ipsec-4500-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ipsec-500": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ipsec-500-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kafka": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kafka-broker-tcp",<br> "kafka-broker-tls-tcp",<br> "kafka-jmx-exporter-tcp",<br> "kafka-node-exporter-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kibana": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kibana-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "kubernetes-api": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "kubernetes-api-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ldap": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ldap-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ldaps": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ldaps-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "logstash": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "logstash-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "memcached": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "memcached-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "minio": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "minio-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mongodb": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mongodb-27017-tcp",<br> "mongodb-27018-tcp",<br> "mongodb-27019-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mssql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mssql-tcp",<br> "mssql-udp",<br> "mssql-analytics-tcp",<br> "mssql-broker-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "mysql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "mysql-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "nfs": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "nfs-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "nomad": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "nomad-http-tcp",<br> "nomad-rpc-tcp",<br> "nomad-serf-tcp",<br> "nomad-serf-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ntp": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ntp-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "openvpn": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "openvpn-udp",<br> "openvpn-tcp",<br> "openvpn-https-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "oracle-db": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "oracle-db-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "postgresql": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "postgresql-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "prometheus": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "prometheus-http-tcp",<br> "prometheus-pushgateway-http-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "puppet": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "puppet-tcp",<br> "puppetdb-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "rabbitmq": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "rabbitmq-4369-tcp",<br> "rabbitmq-5671-tcp",<br> "rabbitmq-5672-tcp",<br> "rabbitmq-15672-tcp",<br> "rabbitmq-25672-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "rdp": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "rdp-tcp",<br> "rdp-udp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "redis": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "redis-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "redshift": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "redshift-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "solr": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "solr-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "splunk": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "splunk-indexer-tcp",<br> "splunk-clients-tcp",<br> "splunk-splunkd-tcp",<br> "splunk-hec-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "squid": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "squid-proxy-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "ssh": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "ssh-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "storm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "storm-nimbus-tcp",<br> "storm-ui-tcp",<br> "storm-supervisor-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "web": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "http-80-tcp",<br> "http-8080-tcp",<br> "https-443-tcp",<br> "web-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "winrm": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "winrm-http-tcp",<br> "winrm-https-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "zipkin": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "zipkin-admin-tcp",<br> "zipkin-admin-query-tcp",<br> "zipkin-admin-web-tcp",<br> "zipkin-query-tcp",<br> "zipkin-web-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> },<br> "zookeeper": {<br> "egress_rules": [<br> "all-all"<br> ],<br> "ingress_rules": [<br> "zookeeper-2181-tcp",<br> "zookeeper-2888-tcp",<br> "zookeeper-3888-tcp",<br> "zookeeper-jmx-tcp"<br> ],<br> "ingress_with_self": [<br> "all-all"<br> ]<br> }<br>}</pre> | no |
| computed\_egress\_rules | List of computed egress rules to create by name | `list(string)` | `[]` | no |
| computed\_egress\_with\_cidr\_blocks | List of computed egress rules to create where 'cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| computed\_egress\_with\_ipv6\_cidr\_blocks | List of computed egress rules to create where 'ipv6\_cidr\_blocks' is used | `list(map(string))` | `[]` | no |
......@@ -215,7 +215,7 @@ No issue is creating limit on this module.
| number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
| number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
| rules | Map of known security group rules (define as 'name' = ['from port', 'to port', 'protocol', 'description']) | `map(list(any))` | <pre>{<br> "_": [<br> "",<br> "",<br> ""<br> ],<br> "activemq-5671-tcp": [<br> 5671,<br> 5671,<br> "tcp",<br> "ActiveMQ AMQP"<br> ],<br> "activemq-61614-tcp": [<br> 61614,<br> 61614,<br> "tcp",<br> "ActiveMQ STOMP"<br> ],<br> "activemq-61617-tcp": [<br> 61617,<br> 61617,<br> "tcp",<br> "ActiveMQ OpenWire"<br> ],<br> "activemq-61619-tcp": [<br> 61619,<br> 61619,<br> "tcp",<br> "ActiveMQ WebSocket"<br> ],<br> "activemq-8883-tcp": [<br> 8883,<br> 8883,<br> "tcp",<br> "ActiveMQ MQTT"<br> ],<br> "alertmanager-9093-tcp": [<br> 9093,<br> 9093,<br> "tcp",<br> "Alert Manager"<br> ],<br> "alertmanager-9094-tcp": [<br> 9094,<br> 9094,<br> "tcp",<br> "Alert Manager Cluster"<br> ],<br> "all-all": [<br> -1,<br> -1,<br> "-1",<br> "All protocols"<br> ],<br> "all-icmp": [<br> -1,<br> -1,<br> "icmp",<br> "All IPV4 ICMP"<br> ],<br> "all-ipv6-icmp": [<br> -1,<br> -1,<br> 58,<br> "All IPV6 ICMP"<br> ],<br> "all-tcp": [<br> 0,<br> 65535,<br> "tcp",<br> "All TCP ports"<br> ],<br> "all-udp": [<br> 0,<br> 65535,<br> "udp",<br> "All UDP ports"<br> ],<br> "carbon-admin-tcp": [<br> 2004,<br> 2004,<br> "tcp",<br> "Carbon admin"<br> ],<br> "carbon-gui-udp": [<br> 8081,<br> 8081,<br> "tcp",<br> "Carbon GUI"<br> ],<br> "carbon-line-in-tcp": [<br> 2003,<br> 2003,<br> "tcp",<br> "Carbon line-in"<br> ],<br> "carbon-line-in-udp": [<br> 2003,<br> 2003,<br> "udp",<br> "Carbon line-in"<br> ],<br> "carbon-pickle-tcp": [<br> 2013,<br> 2013,<br> "tcp",<br> "Carbon pickle"<br> ],<br> "carbon-pickle-udp": [<br> 2013,<br> 2013,<br> "udp",<br> "Carbon pickle"<br> ],<br> "cassandra-clients-tcp": [<br> 9042,<br> 9042,<br> "tcp",<br> "Cassandra clients"<br> ],<br> "cassandra-jmx-tcp": [<br> 7199,<br> 7199,<br> "tcp",<br> "JMX"<br> ],<br> "cassandra-thrift-clients-tcp": [<br> 9160,<br> 9160,<br> "tcp",<br> "Cassandra Thrift clients"<br> ],<br> "consul-cli-rpc-tcp": [<br> 8400,<br> 8400,<br> "tcp",<br> "Consul CLI RPC"<br> ],<br> "consul-dns-tcp": [<br> 8600,<br> 8600,<br> "tcp",<br> "Consul DNS"<br> ],<br> "consul-dns-udp": [<br> 8600,<br> 8600,<br> "udp",<br> "Consul DNS"<br> ],<br> "consul-serf-lan-tcp": [<br> 8301,<br> 8301,<br> "tcp",<br> "Serf LAN"<br> ],<br> "consul-serf-lan-udp": [<br> 8301,<br> 8301,<br> "udp",<br> "Serf LAN"<br> ],<br> "consul-serf-wan-tcp": [<br> 8302,<br> 8302,<br> "tcp",<br> "Serf WAN"<br> ],<br> "consul-serf-wan-udp": [<br> 8302,<br> 8302,<br> "udp",<br> "Serf WAN"<br> ],<br> "consul-tcp": [<br> 8300,<br> 8300,<br> "tcp",<br> "Consul server"<br> ],<br> "consul-webui-tcp": [<br> 8500,<br> 8500,<br> "tcp",<br> "Consul web UI"<br> ],<br> "dns-tcp": [<br> 53,<br> 53,<br> "tcp",<br> "DNS"<br> ],<br> "dns-udp": [<br> 53,<br> 53,<br> "udp",<br> "DNS"<br> ],<br> "docker-swarm-mngmt-tcp": [<br> 2377,<br> 2377,<br> "tcp",<br> "Docker Swarm cluster management"<br> ],<br> "docker-swarm-node-tcp": [<br> 7946,<br> 7946,<br> "tcp",<br> "Docker Swarm node"<br> ],<br> "docker-swarm-node-udp": [<br> 7946,<br> 7946,<br> "udp",<br> "Docker Swarm node"<br> ],<br> "docker-swarm-overlay-udp": [<br> 4789,<br> 4789,<br> "udp",<br> "Docker Swarm Overlay Network Traffic"<br> ],<br> "elasticsearch-java-tcp": [<br> 9300,<br> 9300,<br> "tcp",<br> "Elasticsearch Java interface"<br> ],<br> "elasticsearch-rest-tcp": [<br> 9200,<br> 9200,<br> "tcp",<br> "Elasticsearch REST interface"<br> ],<br> "grafana-tcp": [<br> 3000,<br> 3000,<br> "tcp",<br> "Grafana Dashboard"<br> ],<br> "graphite-2003-tcp": [<br> 2003,<br> 2003,<br> "tcp",<br> "Carbon receiver plain text"<br> ],<br> "graphite-2004-tcp": [<br> 2004,<br> 2004,<br> "tcp",<br> "Carbon receiver pickle"<br> ],<br> "graphite-2023-tcp": [<br> 2023,<br> 2023,<br> "tcp",<br> "Carbon aggregator plaintext"<br> ],<br> "graphite-2024-tcp": [<br> 2024,<br> 2024,<br> "tcp",<br> "Carbon aggregator pickle"<br> ],<br> "graphite-8080-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Graphite gunicorn port"<br> ],<br> "graphite-8125-tcp": [<br> 8125,<br> 8125,<br> "tcp",<br> "Statsd TCP"<br> ],<br> "graphite-8125-udp": [<br> 8125,<br> 8125,<br> "udp",<br> "Statsd UDP default"<br> ],<br> "graphite-8126-tcp": [<br> 8126,<br> 8126,<br> "tcp",<br> "Statsd admin"<br> ],<br> "graphite-webui": [<br> 80,<br> 80,<br> "tcp",<br> "Graphite admin interface"<br> ],<br> "http-80-tcp": [<br> 80,<br> 80,<br> "tcp",<br> "HTTP"<br> ],<br> "http-8080-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "HTTP"<br> ],<br> "https-443-tcp": [<br> 443,<br> 443,<br> "tcp",<br> "HTTPS"<br> ],<br> "https-8443-tcp": [<br> 8443,<br> 8443,<br> "tcp",<br> "HTTPS"<br> ],<br> "ipsec-4500-udp": [<br> 4500,<br> 4500,<br> "udp",<br> "IPSEC NAT-T"<br> ],<br> "ipsec-500-udp": [<br> 500,<br> 500,<br> "udp",<br> "IPSEC ISAKMP"<br> ],<br> "kafka-broker-tcp": [<br> 9092,<br> 9092,<br> "tcp",<br> "Kafka broker 0.8.2+"<br> ],<br> "kafka-broker-tls-tcp": [<br> 9094,<br> 9094,<br> "tcp",<br> "Kafka TLS enabled broker 0.8.2+"<br> ],<br> "kafka-jmx-exporter-tcp": [<br> 11001,<br> 11001,<br> "tcp",<br> "Kafka JMX Exporter"<br> ],<br> "kafka-node-exporter-tcp": [<br> 11002,<br> 11002,<br> "tcp",<br> "Kafka Node Exporter"<br> ],<br> "kibana-tcp": [<br> 5601,<br> 5601,<br> "tcp",<br> "Kibana Web Interface"<br> ],<br> "kubernetes-api-tcp": [<br> 6443,<br> 6443,<br> "tcp",<br> "Kubernetes API Server"<br> ],<br> "ldaps-tcp": [<br> 636,<br> 636,<br> "tcp",<br> "LDAPS"<br> ],<br> "logstash-tcp": [<br> 5044,<br> 5044,<br> "tcp",<br> "Logstash"<br> ],<br> "memcached-tcp": [<br> 11211,<br> 11211,<br> "tcp",<br> "Memcached"<br> ],<br> "minio-tcp": [<br> 9000,<br> 9000,<br> "tcp",<br> "MinIO"<br> ],<br> "mongodb-27017-tcp": [<br> 27017,<br> 27017,<br> "tcp",<br> "MongoDB"<br> ],<br> "mongodb-27018-tcp": [<br> 27018,<br> 27018,<br> "tcp",<br> "MongoDB shard"<br> ],<br> "mongodb-27019-tcp": [<br> 27019,<br> 27019,<br> "tcp",<br> "MongoDB config server"<br> ],<br> "mssql-analytics-tcp": [<br> 2383,<br> 2383,<br> "tcp",<br> "MSSQL Analytics"<br> ],<br> "mssql-broker-tcp": [<br> 4022,<br> 4022,<br> "tcp",<br> "MSSQL Broker"<br> ],<br> "mssql-tcp": [<br> 1433,<br> 1433,<br> "tcp",<br> "MSSQL Server"<br> ],<br> "mssql-udp": [<br> 1434,<br> 1434,<br> "udp",<br> "MSSQL Browser"<br> ],<br> "mysql-tcp": [<br> 3306,<br> 3306,<br> "tcp",<br> "MySQL/Aurora"<br> ],<br> "nfs-tcp": [<br> 2049,<br> 2049,<br> "tcp",<br> "NFS/EFS"<br> ],<br> "nomad-http-tcp": [<br> 4646,<br> 4646,<br> "tcp",<br> "Nomad HTTP"<br> ],<br> "nomad-rpc-tcp": [<br> 4647,<br> 4647,<br> "tcp",<br> "Nomad RPC"<br> ],<br> "nomad-serf-tcp": [<br> 4648,<br> 4648,<br> "tcp",<br> "Serf"<br> ],<br> "nomad-serf-udp": [<br> 4648,<br> 4648,<br> "udp",<br> "Serf"<br> ],<br> "ntp-udp": [<br> 123,<br> 123,<br> "udp",<br> "NTP"<br> ],<br> "openvpn-https-tcp": [<br> 443,<br> 443,<br> "tcp",<br> "OpenVPN"<br> ],<br> "openvpn-tcp": [<br> 943,<br> 943,<br> "tcp",<br> "OpenVPN"<br> ],<br> "openvpn-udp": [<br> 1194,<br> 1194,<br> "udp",<br> "OpenVPN"<br> ],<br> "oracle-db-tcp": [<br> 1521,<br> 1521,<br> "tcp",<br> "Oracle"<br> ],<br> "postgresql-tcp": [<br> 5432,<br> 5432,<br> "tcp",<br> "PostgreSQL"<br> ],<br> "prometheus-http-tcp": [<br> 9090,<br> 9090,<br> "tcp",<br> "Prometheus"<br> ],<br> "prometheus-pushgateway-http-tcp": [<br> 9091,<br> 9091,<br> "tcp",<br> "Prometheus Pushgateway"<br> ],<br> "puppet-tcp": [<br> 8140,<br> 8140,<br> "tcp",<br> "Puppet"<br> ],<br> "puppetdb-tcp": [<br> 8081,<br> 8081,<br> "tcp",<br> "PuppetDB"<br> ],<br> "rabbitmq-15672-tcp": [<br> 15672,<br> 15672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-25672-tcp": [<br> 25672,<br> 25672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-4369-tcp": [<br> 4369,<br> 4369,<br> "tcp",<br> "RabbitMQ epmd"<br> ],<br> "rabbitmq-5671-tcp": [<br> 5671,<br> 5671,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-5672-tcp": [<br> 5672,<br> 5672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rdp-tcp": [<br> 3389,<br> 3389,<br> "tcp",<br> "Remote Desktop"<br> ],<br> "rdp-udp": [<br> 3389,<br> 3389,<br> "udp",<br> "Remote Desktop"<br> ],<br> "redis-tcp": [<br> 6379,<br> 6379,<br> "tcp",<br> "Redis"<br> ],<br> "redshift-tcp": [<br> 5439,<br> 5439,<br> "tcp",<br> "Redshift"<br> ],<br> "solr-tcp": [<br> 8983,<br> 8987,<br> "tcp",<br> "Solr"<br> ],<br> "splunk-hec-tcp": [<br> 8088,<br> 8088,<br> "tcp",<br> "Splunk HEC"<br> ],<br> "splunk-indexer-tcp": [<br> 9997,<br> 9997,<br> "tcp",<br> "Splunk indexer"<br> ],<br> "splunk-splunkd-tcp": [<br> 8089,<br> 8089,<br> "tcp",<br> "Splunkd"<br> ],<br> "splunk-web-tcp": [<br> 8000,<br> 8000,<br> "tcp",<br> "Splunk Web"<br> ],<br> "squid-proxy-tcp": [<br> 3128,<br> 3128,<br> "tcp",<br> "Squid default proxy"<br> ],<br> "ssh-tcp": [<br> 22,<br> 22,<br> "tcp",<br> "SSH"<br> ],<br> "storm-nimbus-tcp": [<br> 6627,<br> 6627,<br> "tcp",<br> "Nimbus"<br> ],<br> "storm-supervisor-tcp": [<br> 6700,<br> 6703,<br> "tcp",<br> "Supervisor"<br> ],<br> "storm-ui-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Storm UI"<br> ],<br> "web-jmx-tcp": [<br> 1099,<br> 1099,<br> "tcp",<br> "JMX"<br> ],<br> "winrm-http-tcp": [<br> 5985,<br> 5985,<br> "tcp",<br> "WinRM HTTP"<br> ],<br> "winrm-https-tcp": [<br> 5986,<br> 5986,<br> "tcp",<br> "WinRM HTTPS"<br> ],<br> "zipkin-admin-query-tcp": [<br> 9901,<br> 9901,<br> "tcp",<br> "Zipkin Admin port query"<br> ],<br> "zipkin-admin-tcp": [<br> 9990,<br> 9990,<br> "tcp",<br> "Zipkin Admin port collector"<br> ],<br> "zipkin-admin-web-tcp": [<br> 9991,<br> 9991,<br> "tcp",<br> "Zipkin Admin port web"<br> ],<br> "zipkin-query-tcp": [<br> 9411,<br> 9411,<br> "tcp",<br> "Zipkin query port"<br> ],<br> "zipkin-web-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Zipkin web port"<br> ],<br> "zookeeper-2181-tcp": [<br> 2181,<br> 2181,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-2888-tcp": [<br> 2888,<br> 2888,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-3888-tcp": [<br> 3888,<br> 3888,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-jmx-tcp": [<br> 7199,<br> 7199,<br> "tcp",<br> "JMX"<br> ]<br>}</pre> | no |
| rules | Map of known security group rules (define as 'name' = ['from port', 'to port', 'protocol', 'description']) | `map(list(any))` | <pre>{<br> "_": [<br> "",<br> "",<br> ""<br> ],<br> "activemq-5671-tcp": [<br> 5671,<br> 5671,<br> "tcp",<br> "ActiveMQ AMQP"<br> ],<br> "activemq-61614-tcp": [<br> 61614,<br> 61614,<br> "tcp",<br> "ActiveMQ STOMP"<br> ],<br> "activemq-61617-tcp": [<br> 61617,<br> 61617,<br> "tcp",<br> "ActiveMQ OpenWire"<br> ],<br> "activemq-61619-tcp": [<br> 61619,<br> 61619,<br> "tcp",<br> "ActiveMQ WebSocket"<br> ],<br> "activemq-8883-tcp": [<br> 8883,<br> 8883,<br> "tcp",<br> "ActiveMQ MQTT"<br> ],<br> "alertmanager-9093-tcp": [<br> 9093,<br> 9093,<br> "tcp",<br> "Alert Manager"<br> ],<br> "alertmanager-9094-tcp": [<br> 9094,<br> 9094,<br> "tcp",<br> "Alert Manager Cluster"<br> ],<br> "all-all": [<br> -1,<br> -1,<br> "-1",<br> "All protocols"<br> ],<br> "all-icmp": [<br> -1,<br> -1,<br> "icmp",<br> "All IPV4 ICMP"<br> ],<br> "all-ipv6-icmp": [<br> -1,<br> -1,<br> 58,<br> "All IPV6 ICMP"<br> ],<br> "all-tcp": [<br> 0,<br> 65535,<br> "tcp",<br> "All TCP ports"<br> ],<br> "all-udp": [<br> 0,<br> 65535,<br> "udp",<br> "All UDP ports"<br> ],<br> "carbon-admin-tcp": [<br> 2004,<br> 2004,<br> "tcp",<br> "Carbon admin"<br> ],<br> "carbon-gui-udp": [<br> 8081,<br> 8081,<br> "tcp",<br> "Carbon GUI"<br> ],<br> "carbon-line-in-tcp": [<br> 2003,<br> 2003,<br> "tcp",<br> "Carbon line-in"<br> ],<br> "carbon-line-in-udp": [<br> 2003,<br> 2003,<br> "udp",<br> "Carbon line-in"<br> ],<br> "carbon-pickle-tcp": [<br> 2013,<br> 2013,<br> "tcp",<br> "Carbon pickle"<br> ],<br> "carbon-pickle-udp": [<br> 2013,<br> 2013,<br> "udp",<br> "Carbon pickle"<br> ],<br> "cassandra-clients-tcp": [<br> 9042,<br> 9042,<br> "tcp",<br> "Cassandra clients"<br> ],<br> "cassandra-jmx-tcp": [<br> 7199,<br> 7199,<br> "tcp",<br> "JMX"<br> ],<br> "cassandra-thrift-clients-tcp": [<br> 9160,<br> 9160,<br> "tcp",<br> "Cassandra Thrift clients"<br> ],<br> "consul-cli-rpc-tcp": [<br> 8400,<br> 8400,<br> "tcp",<br> "Consul CLI RPC"<br> ],<br> "consul-dns-tcp": [<br> 8600,<br> 8600,<br> "tcp",<br> "Consul DNS"<br> ],<br> "consul-dns-udp": [<br> 8600,<br> 8600,<br> "udp",<br> "Consul DNS"<br> ],<br> "consul-serf-lan-tcp": [<br> 8301,<br> 8301,<br> "tcp",<br> "Serf LAN"<br> ],<br> "consul-serf-lan-udp": [<br> 8301,<br> 8301,<br> "udp",<br> "Serf LAN"<br> ],<br> "consul-serf-wan-tcp": [<br> 8302,<br> 8302,<br> "tcp",<br> "Serf WAN"<br> ],<br> "consul-serf-wan-udp": [<br> 8302,<br> 8302,<br> "udp",<br> "Serf WAN"<br> ],<br> "consul-tcp": [<br> 8300,<br> 8300,<br> "tcp",<br> "Consul server"<br> ],<br> "consul-webui-tcp": [<br> 8500,<br> 8500,<br> "tcp",<br> "Consul web UI"<br> ],<br> "dns-tcp": [<br> 53,<br> 53,<br> "tcp",<br> "DNS"<br> ],<br> "dns-udp": [<br> 53,<br> 53,<br> "udp",<br> "DNS"<br> ],<br> "docker-swarm-mngmt-tcp": [<br> 2377,<br> 2377,<br> "tcp",<br> "Docker Swarm cluster management"<br> ],<br> "docker-swarm-node-tcp": [<br> 7946,<br> 7946,<br> "tcp",<br> "Docker Swarm node"<br> ],<br> "docker-swarm-node-udp": [<br> 7946,<br> 7946,<br> "udp",<br> "Docker Swarm node"<br> ],<br> "docker-swarm-overlay-udp": [<br> 4789,<br> 4789,<br> "udp",<br> "Docker Swarm Overlay Network Traffic"<br> ],<br> "elasticsearch-java-tcp": [<br> 9300,<br> 9300,<br> "tcp",<br> "Elasticsearch Java interface"<br> ],<br> "elasticsearch-rest-tcp": [<br> 9200,<br> 9200,<br> "tcp",<br> "Elasticsearch REST interface"<br> ],<br> "grafana-tcp": [<br> 3000,<br> 3000,<br> "tcp",<br> "Grafana Dashboard"<br> ],<br> "graphite-2003-tcp": [<br> 2003,<br> 2003,<br> "tcp",<br> "Carbon receiver plain text"<br> ],<br> "graphite-2004-tcp": [<br> 2004,<br> 2004,<br> "tcp",<br> "Carbon receiver pickle"<br> ],<br> "graphite-2023-tcp": [<br> 2023,<br> 2023,<br> "tcp",<br> "Carbon aggregator plaintext"<br> ],<br> "graphite-2024-tcp": [<br> 2024,<br> 2024,<br> "tcp",<br> "Carbon aggregator pickle"<br> ],<br> "graphite-8080-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Graphite gunicorn port"<br> ],<br> "graphite-8125-tcp": [<br> 8125,<br> 8125,<br> "tcp",<br> "Statsd TCP"<br> ],<br> "graphite-8125-udp": [<br> 8125,<br> 8125,<br> "udp",<br> "Statsd UDP default"<br> ],<br> "graphite-8126-tcp": [<br> 8126,<br> 8126,<br> "tcp",<br> "Statsd admin"<br> ],<br> "graphite-webui": [<br> 80,<br> 80,<br> "tcp",<br> "Graphite admin interface"<br> ],<br> "http-80-tcp": [<br> 80,<br> 80,<br> "tcp",<br> "HTTP"<br> ],<br> "http-8080-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "HTTP"<br> ],<br> "https-443-tcp": [<br> 443,<br> 443,<br> "tcp",<br> "HTTPS"<br> ],<br> "https-8443-tcp": [<br> 8443,<br> 8443,<br> "tcp",<br> "HTTPS"<br> ],<br> "ipsec-4500-udp": [<br> 4500,<br> 4500,<br> "udp",<br> "IPSEC NAT-T"<br> ],<br> "ipsec-500-udp": [<br> 500,<br> 500,<br> "udp",<br> "IPSEC ISAKMP"<br> ],<br> "kafka-broker-tcp": [<br> 9092,<br> 9092,<br> "tcp",<br> "Kafka broker 0.8.2+"<br> ],<br> "kafka-broker-tls-tcp": [<br> 9094,<br> 9094,<br> "tcp",<br> "Kafka TLS enabled broker 0.8.2+"<br> ],<br> "kafka-jmx-exporter-tcp": [<br> 11001,<br> 11001,<br> "tcp",<br> "Kafka JMX Exporter"<br> ],<br> "kafka-node-exporter-tcp": [<br> 11002,<br> 11002,<br> "tcp",<br> "Kafka Node Exporter"<br> ],<br> "kibana-tcp": [<br> 5601,<br> 5601,<br> "tcp",<br> "Kibana Web Interface"<br> ],<br> "kubernetes-api-tcp": [<br> 6443,<br> 6443,<br> "tcp",<br> "Kubernetes API Server"<br> ],<br> "ldap-tcp": [<br> 389,<br> 389,<br> "tcp",<br> "LDAP"<br> ],<br> "ldaps-tcp": [<br> 636,<br> 636,<br> "tcp",<br> "LDAPS"<br> ],<br> "logstash-tcp": [<br> 5044,<br> 5044,<br> "tcp",<br> "Logstash"<br> ],<br> "memcached-tcp": [<br> 11211,<br> 11211,<br> "tcp",<br> "Memcached"<br> ],<br> "minio-tcp": [<br> 9000,<br> 9000,<br> "tcp",<br> "MinIO"<br> ],<br> "mongodb-27017-tcp": [<br> 27017,<br> 27017,<br> "tcp",<br> "MongoDB"<br> ],<br> "mongodb-27018-tcp": [<br> 27018,<br> 27018,<br> "tcp",<br> "MongoDB shard"<br> ],<br> "mongodb-27019-tcp": [<br> 27019,<br> 27019,<br> "tcp",<br> "MongoDB config server"<br> ],<br> "mssql-analytics-tcp": [<br> 2383,<br> 2383,<br> "tcp",<br> "MSSQL Analytics"<br> ],<br> "mssql-broker-tcp": [<br> 4022,<br> 4022,<br> "tcp",<br> "MSSQL Broker"<br> ],<br> "mssql-tcp": [<br> 1433,<br> 1433,<br> "tcp",<br> "MSSQL Server"<br> ],<br> "mssql-udp": [<br> 1434,<br> 1434,<br> "udp",<br> "MSSQL Browser"<br> ],<br> "mysql-tcp": [<br> 3306,<br> 3306,<br> "tcp",<br> "MySQL/Aurora"<br> ],<br> "nfs-tcp": [<br> 2049,<br> 2049,<br> "tcp",<br> "NFS/EFS"<br> ],<br> "nomad-http-tcp": [<br> 4646,<br> 4646,<br> "tcp",<br> "Nomad HTTP"<br> ],<br> "nomad-rpc-tcp": [<br> 4647,<br> 4647,<br> "tcp",<br> "Nomad RPC"<br> ],<br> "nomad-serf-tcp": [<br> 4648,<br> 4648,<br> "tcp",<br> "Serf"<br> ],<br> "nomad-serf-udp": [<br> 4648,<br> 4648,<br> "udp",<br> "Serf"<br> ],<br> "ntp-udp": [<br> 123,<br> 123,<br> "udp",<br> "NTP"<br> ],<br> "openvpn-https-tcp": [<br> 443,<br> 443,<br> "tcp",<br> "OpenVPN"<br> ],<br> "openvpn-tcp": [<br> 943,<br> 943,<br> "tcp",<br> "OpenVPN"<br> ],<br> "openvpn-udp": [<br> 1194,<br> 1194,<br> "udp",<br> "OpenVPN"<br> ],<br> "oracle-db-tcp": [<br> 1521,<br> 1521,<br> "tcp",<br> "Oracle"<br> ],<br> "postgresql-tcp": [<br> 5432,<br> 5432,<br> "tcp",<br> "PostgreSQL"<br> ],<br> "prometheus-http-tcp": [<br> 9090,<br> 9090,<br> "tcp",<br> "Prometheus"<br> ],<br> "prometheus-pushgateway-http-tcp": [<br> 9091,<br> 9091,<br> "tcp",<br> "Prometheus Pushgateway"<br> ],<br> "puppet-tcp": [<br> 8140,<br> 8140,<br> "tcp",<br> "Puppet"<br> ],<br> "puppetdb-tcp": [<br> 8081,<br> 8081,<br> "tcp",<br> "PuppetDB"<br> ],<br> "rabbitmq-15672-tcp": [<br> 15672,<br> 15672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-25672-tcp": [<br> 25672,<br> 25672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-4369-tcp": [<br> 4369,<br> 4369,<br> "tcp",<br> "RabbitMQ epmd"<br> ],<br> "rabbitmq-5671-tcp": [<br> 5671,<br> 5671,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rabbitmq-5672-tcp": [<br> 5672,<br> 5672,<br> "tcp",<br> "RabbitMQ"<br> ],<br> "rdp-tcp": [<br> 3389,<br> 3389,<br> "tcp",<br> "Remote Desktop"<br> ],<br> "rdp-udp": [<br> 3389,<br> 3389,<br> "udp",<br> "Remote Desktop"<br> ],<br> "redis-tcp": [<br> 6379,<br> 6379,<br> "tcp",<br> "Redis"<br> ],<br> "redshift-tcp": [<br> 5439,<br> 5439,<br> "tcp",<br> "Redshift"<br> ],<br> "solr-tcp": [<br> 8983,<br> 8987,<br> "tcp",<br> "Solr"<br> ],<br> "splunk-hec-tcp": [<br> 8088,<br> 8088,<br> "tcp",<br> "Splunk HEC"<br> ],<br> "splunk-indexer-tcp": [<br> 9997,<br> 9997,<br> "tcp",<br> "Splunk indexer"<br> ],<br> "splunk-splunkd-tcp": [<br> 8089,<br> 8089,<br> "tcp",<br> "Splunkd"<br> ],<br> "splunk-web-tcp": [<br> 8000,<br> 8000,<br> "tcp",<br> "Splunk Web"<br> ],<br> "squid-proxy-tcp": [<br> 3128,<br> 3128,<br> "tcp",<br> "Squid default proxy"<br> ],<br> "ssh-tcp": [<br> 22,<br> 22,<br> "tcp",<br> "SSH"<br> ],<br> "storm-nimbus-tcp": [<br> 6627,<br> 6627,<br> "tcp",<br> "Nimbus"<br> ],<br> "storm-supervisor-tcp": [<br> 6700,<br> 6703,<br> "tcp",<br> "Supervisor"<br> ],<br> "storm-ui-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Storm UI"<br> ],<br> "web-jmx-tcp": [<br> 1099,<br> 1099,<br> "tcp",<br> "JMX"<br> ],<br> "winrm-http-tcp": [<br> 5985,<br> 5985,<br> "tcp",<br> "WinRM HTTP"<br> ],<br> "winrm-https-tcp": [<br> 5986,<br> 5986,<br> "tcp",<br> "WinRM HTTPS"<br> ],<br> "zipkin-admin-query-tcp": [<br> 9901,<br> 9901,<br> "tcp",<br> "Zipkin Admin port query"<br> ],<br> "zipkin-admin-tcp": [<br> 9990,<br> 9990,<br> "tcp",<br> "Zipkin Admin port collector"<br> ],<br> "zipkin-admin-web-tcp": [<br> 9991,<br> 9991,<br> "tcp",<br> "Zipkin Admin port web"<br> ],<br> "zipkin-query-tcp": [<br> 9411,<br> 9411,<br> "tcp",<br> "Zipkin query port"<br> ],<br> "zipkin-web-tcp": [<br> 8080,<br> 8080,<br> "tcp",<br> "Zipkin web port"<br> ],<br> "zookeeper-2181-tcp": [<br> 2181,<br> 2181,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-2888-tcp": [<br> 2888,<br> 2888,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-3888-tcp": [<br> 3888,<br> 3888,<br> "tcp",<br> "Zookeeper"<br> ],<br> "zookeeper-jmx-tcp": [<br> 7199,<br> 7199,<br> "tcp",<br> "JMX"<br> ]<br>}</pre> | no |
| tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
| use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
| vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |
......
modules/README.md
View file @ 0c0572f1
......@@ -20,6 +20,7 @@ List of Security Groups implemented as Terraform modules
* [kafka](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/kafka)
* [kibana](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/kibana)
* [kubernetes-api](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/kubernetes-api)
* [ldap](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/ldap)
* [ldaps](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/ldaps)
* [logstash](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/logstash)
* [memcached](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/memcached)
......
modules/_templates/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/activemq/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **activemq module** is using are available [here](https://g
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/activemq/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/alertmanager/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **alertmanager module** is using are available [here](https
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/alertmanager/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/carbon-relay-ng/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **carbon-relay-ng module** is using are available [here](ht
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/carbon-relay-ng/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/cassandra/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **cassandra module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/cassandra/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/consul/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **consul module** is using are available [here](https://git
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/consul/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/docker-swarm/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **docker-swarm module** is using are available [here](https
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/docker-swarm/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/elasticsearch/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **elasticsearch module** is using are available [here](http
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/elasticsearch/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/grafana/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **grafana module** is using are available [here](https://gi
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/grafana/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/graphite-statsd/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **graphite-statsd module** is using are available [here](ht
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/graphite-statsd/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/http-80/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **http-80 module** is using are available [here](https://gi
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/http-80/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/http-8080/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **http-8080 module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/http-8080/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/https-443/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **https-443 module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/https-443/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/https-8443/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **https-8443 module** is using are available [here](https:/
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/https-8443/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/ipsec-4500/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **ipsec-4500 module** is using are available [here](https:/
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/ipsec-4500/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/ipsec-500/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **ipsec-500 module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/ipsec-500/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/kafka/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **kafka module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/kafka/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/kibana/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **kibana module** is using are available [here](https://git
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/kibana/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/kubernetes-api/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **kubernetes-api module** is using are available [here](htt
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/kubernetes-api/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/ldap/README.md 0 → 100644
View file @ 0c0572f1
# ldap - AWS EC2-VPC Security Group Terraform module
## Usage
```hcl
module "ldap_security_group" {
source = "terraform-aws-modules/security-group/aws//modules/ldap"
version = "~> 3.0"
# omitted...
}
```
All automatic values **ldap module** is using are available [here](https://github.com/terraform-aws-modules/terraform-aws-security-group/blob/master/modules/ldap/auto_values.tf).
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Requirements
| Name | Version |
|------|---------|
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
No provider.
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| auto\_computed\_egress\_rules | List of computed egress rules to add automatically | `list(string)` | `[]` | no |
| auto\_computed\_egress\_with\_self | List of maps defining computed egress rules with self to add automatically | `list(map(string))` | `[]` | no |
| auto\_computed\_ingress\_rules | List of ingress rules to add automatically | `list(string)` | `[]` | no |
| auto\_computed\_ingress\_with\_self | List of maps defining computed ingress rules with self to add automatically | `list(map(string))` | `[]` | no |
| auto\_egress\_rules | List of egress rules to add automatically | `list(string)` | <pre>[<br> "all-all"<br>]</pre> | no |
| auto\_egress\_with\_self | List of maps defining egress rules with self to add automatically | `list(map(string))` | `[]` | no |
| auto\_ingress\_rules | List of ingress rules to add automatically | `list(string)` | <pre>[<br> "ldap-tcp"<br>]</pre> | no |
| auto\_ingress\_with\_self | List of maps defining ingress rules with self to add automatically | `list(map(string))` | <pre>[<br> {<br> "rule": "all-all"<br> }<br>]</pre> | no |
| auto\_number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | `number` | `0` | no |
| auto\_number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | `number` | `0` | no |
| auto\_number\_of\_computed\_ingress\_rules | Number of computed ingress rules to create by name | `number` | `0` | no |
| auto\_number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
| computed\_egress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all computed egress rules | `list(string)` | <pre>[<br> "0.0.0.0/0"<br>]</pre> | no |
| computed\_egress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all computed egress rules | `list(string)` | <pre>[<br> "::/0"<br>]</pre> | no |
| computed\_egress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules | `list(string)` | `[]` | no |
| computed\_egress\_rules | List of computed egress rules to create by name | `list(string)` | `[]` | no |
| computed\_egress\_with\_cidr\_blocks | List of computed egress rules to create where 'cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| computed\_egress\_with\_ipv6\_cidr\_blocks | List of computed egress rules to create where 'ipv6\_cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| computed\_egress\_with\_self | List of computed egress rules to create where 'self' is defined | `list(map(string))` | `[]` | no |
| computed\_egress\_with\_source\_security\_group\_id | List of computed egress rules to create where 'source\_security\_group\_id' is used | `list(map(string))` | `[]` | no |
| computed\_ingress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all computed ingress rules | `list(string)` | `[]` | no |
| computed\_ingress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all computed ingress rules | `list(string)` | `[]` | no |
| computed\_ingress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules | `list(string)` | `[]` | no |
| computed\_ingress\_rules | List of computed ingress rules to create by name | `list(string)` | `[]` | no |
| computed\_ingress\_with\_cidr\_blocks | List of computed ingress rules to create where 'cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| computed\_ingress\_with\_ipv6\_cidr\_blocks | List of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| computed\_ingress\_with\_self | List of computed ingress rules to create where 'self' is defined | `list(map(string))` | `[]` | no |
| computed\_ingress\_with\_source\_security\_group\_id | List of computed ingress rules to create where 'source\_security\_group\_id' is used | `list(map(string))` | `[]` | no |
| create | Whether to create security group and all rules | `bool` | `true` | no |
| description | Description of security group | `string` | `"Security Group managed by Terraform"` | no |
| egress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all egress rules | `list(string)` | <pre>[<br> "0.0.0.0/0"<br>]</pre> | no |
| egress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all egress rules | `list(string)` | <pre>[<br> "::/0"<br>]</pre> | no |
| egress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules | `list(string)` | `[]` | no |
| egress\_rules | List of egress rules to create by name | `list(string)` | `[]` | no |
| egress\_with\_cidr\_blocks | List of egress rules to create where 'cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| egress\_with\_ipv6\_cidr\_blocks | List of egress rules to create where 'ipv6\_cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| egress\_with\_self | List of egress rules to create where 'self' is defined | `list(map(string))` | `[]` | no |
| egress\_with\_source\_security\_group\_id | List of egress rules to create where 'source\_security\_group\_id' is used | `list(map(string))` | `[]` | no |
| ingress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all ingress rules | `list(string)` | `[]` | no |
| ingress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all ingress rules | `list(string)` | `[]` | no |
| ingress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules | `list(string)` | `[]` | no |
| ingress\_rules | List of ingress rules to create by name | `list(string)` | `[]` | no |
| ingress\_with\_cidr\_blocks | List of ingress rules to create where 'cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| ingress\_with\_ipv6\_cidr\_blocks | List of ingress rules to create where 'ipv6\_cidr\_blocks' is used | `list(map(string))` | `[]` | no |
| ingress\_with\_self | List of ingress rules to create where 'self' is defined | `list(map(string))` | `[]` | no |
| ingress\_with\_source\_security\_group\_id | List of ingress rules to create where 'source\_security\_group\_id' is used | `list(map(string))` | `[]` | no |
| name | Name of security group | `string` | n/a | yes |
| number\_of\_computed\_egress\_cidr\_blocks | Number of IPv4 CIDR ranges to use on all computed egress rules | `number` | `0` | no |
| number\_of\_computed\_egress\_ipv6\_cidr\_blocks | Number of IPv6 CIDR ranges to use on all computed egress rules | `number` | `0` | no |
| number\_of\_computed\_egress\_prefix\_list\_ids | Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules | `number` | `0` | no |
| number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | `number` | `0` | no |
| number\_of\_computed\_egress\_with\_cidr\_blocks | Number of computed egress rules to create where 'cidr\_blocks' is used | `number` | `0` | no |
| number\_of\_computed\_egress\_with\_ipv6\_cidr\_blocks | Number of computed egress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
| number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | `number` | `0` | no |
| number\_of\_computed\_egress\_with\_source\_security\_group\_id | Number of computed egress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
| number\_of\_computed\_ingress\_cidr\_blocks | Number of IPv4 CIDR ranges to use on all computed ingress rules | `number` | `0` | no |
| number\_of\_computed\_ingress\_ipv6\_cidr\_blocks | Number of IPv6 CIDR ranges to use on all computed ingress rules | `number` | `0` | no |
| number\_of\_computed\_ingress\_prefix\_list\_ids | Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules | `number` | `0` | no |
| number\_of\_computed\_ingress\_rules | Number of computed ingress rules to create by name | `number` | `0` | no |
| number\_of\_computed\_ingress\_with\_cidr\_blocks | Number of computed ingress rules to create where 'cidr\_blocks' is used | `number` | `0` | no |
| number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
| number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
| number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
| tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
| use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
| vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
| this\_security\_group\_description | The description of the security group |
| this\_security\_group\_id | The ID of the security group |
| this\_security\_group\_name | The name of the security group |
| this\_security\_group\_owner\_id | The owner ID |
| this\_security\_group\_vpc\_id | The VPC ID |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
modules/ldap/auto_values.tf 0 → 100644
View file @ 0c0572f1
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = list(string)
default = ["ldap-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of maps defining ingress rules with self to add automatically"
type = list(map(string))
default = [{ "rule" = "all-all" }]
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = list(string)
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of maps defining egress rules with self to add automatically"
type = list(map(string))
default = []
}
# Computed
variable "auto_computed_ingress_rules" {
description = "List of ingress rules to add automatically"
type = list(string)
default = []
}
variable "auto_computed_ingress_with_self" {
description = "List of maps defining computed ingress rules with self to add automatically"
type = list(map(string))
default = []
}
variable "auto_computed_egress_rules" {
description = "List of computed egress rules to add automatically"
type = list(string)
default = []
}
variable "auto_computed_egress_with_self" {
description = "List of maps defining computed egress rules with self to add automatically"
type = list(map(string))
default = []
}
# Number of computed rules
variable "auto_number_of_computed_ingress_rules" {
description = "Number of computed ingress rules to create by name"
type = number
default = 0
}
variable "auto_number_of_computed_ingress_with_self" {
description = "Number of computed ingress rules to create where 'self' is defined"
type = number
default = 0
}
variable "auto_number_of_computed_egress_rules" {
description = "Number of computed egress rules to create by name"
type = number
default = 0
}
variable "auto_number_of_computed_egress_with_self" {
description = "Number of computed egress rules to create where 'self' is defined"
type = number
default = 0
}
modules/ldap/main.tf 0 → 100644
View file @ 0c0572f1
module "sg" {
source = "../../"
create = var.create
name = var.name
use_name_prefix = var.use_name_prefix
description = var.description
vpc_id = var.vpc_id
revoke_rules_on_delete = var.revoke_rules_on_delete
tags = var.tags
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
# Open for self
ingress_with_self = concat(var.auto_ingress_with_self, var.ingress_with_self)
# Open to IPv4 cidr blocks
ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
# Open to IPv6 cidr blocks
ingress_with_ipv6_cidr_blocks = var.ingress_with_ipv6_cidr_blocks
# Open for security group id
ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
# Default ingress CIDR blocks
ingress_cidr_blocks = var.ingress_cidr_blocks
ingress_ipv6_cidr_blocks = var.ingress_ipv6_cidr_blocks
# Default prefix list ids
ingress_prefix_list_ids = var.ingress_prefix_list_ids
###################
# Computed Ingress
###################
# Rules by names - open for default CIDR
computed_ingress_rules = sort(compact(distinct(concat(var.auto_computed_ingress_rules, var.computed_ingress_rules, [""]))))
# Open for self
computed_ingress_with_self = concat(var.auto_computed_ingress_with_self, var.computed_ingress_with_self)
# Open to IPv4 cidr blocks
computed_ingress_with_cidr_blocks = var.computed_ingress_with_cidr_blocks
# Open to IPv6 cidr blocks
computed_ingress_with_ipv6_cidr_blocks = var.computed_ingress_with_ipv6_cidr_blocks
# Open for security group id
computed_ingress_with_source_security_group_id = var.computed_ingress_with_source_security_group_id
#############################
# Number of computed ingress
#############################
number_of_computed_ingress_rules = var.auto_number_of_computed_ingress_rules + var.number_of_computed_ingress_rules
number_of_computed_ingress_with_self = var.auto_number_of_computed_ingress_with_self + var.number_of_computed_ingress_with_self
number_of_computed_ingress_with_cidr_blocks = var.number_of_computed_ingress_with_cidr_blocks
number_of_computed_ingress_with_ipv6_cidr_blocks = var.number_of_computed_ingress_with_ipv6_cidr_blocks
number_of_computed_ingress_with_source_security_group_id = var.number_of_computed_ingress_with_source_security_group_id
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
# Open for self
egress_with_self = concat(var.auto_egress_with_self, var.egress_with_self)
# Open to IPv4 cidr blocks
egress_with_cidr_blocks = var.egress_with_cidr_blocks
# Open to IPv6 cidr blocks
egress_with_ipv6_cidr_blocks = var.egress_with_ipv6_cidr_blocks
# Open for security group id
egress_with_source_security_group_id = var.egress_with_source_security_group_id
# Default egress CIDR blocks
egress_cidr_blocks = var.egress_cidr_blocks
egress_ipv6_cidr_blocks = var.egress_ipv6_cidr_blocks
# Default prefix list ids
egress_prefix_list_ids = var.egress_prefix_list_ids
##################
# Computed Egress
##################
# Rules by names - open for default CIDR
computed_egress_rules = sort(compact(distinct(concat(var.auto_computed_egress_rules, var.computed_egress_rules, [""]))))
# Open for self
computed_egress_with_self = concat(var.auto_computed_egress_with_self, var.computed_egress_with_self)
# Open to IPv4 cidr blocks
computed_egress_with_cidr_blocks = var.computed_egress_with_cidr_blocks
# Open to IPv6 cidr blocks
computed_egress_with_ipv6_cidr_blocks = var.computed_egress_with_ipv6_cidr_blocks
# Open for security group id
computed_egress_with_source_security_group_id = var.computed_egress_with_source_security_group_id
#############################
# Number of computed egress
#############################
number_of_computed_egress_rules = var.auto_number_of_computed_egress_rules + var.number_of_computed_egress_rules
number_of_computed_egress_with_self = var.auto_number_of_computed_egress_with_self + var.number_of_computed_egress_with_self
number_of_computed_egress_with_cidr_blocks = var.number_of_computed_egress_with_cidr_blocks
number_of_computed_egress_with_ipv6_cidr_blocks = var.number_of_computed_egress_with_ipv6_cidr_blocks
number_of_computed_egress_with_source_security_group_id = var.number_of_computed_egress_with_source_security_group_id
}
modules/ldap/outputs.tf 0 → 100644
View file @ 0c0572f1
output "this_security_group_id" {
description = "The ID of the security group"
value = module.sg.this_security_group_id
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = module.sg.this_security_group_vpc_id
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = module.sg.this_security_group_owner_id
}
output "this_security_group_name" {
description = "The name of the security group"
value = module.sg.this_security_group_name
}
output "this_security_group_description" {
description = "The description of the security group"
value = module.sg.this_security_group_description
}
modules/ldap/variables.tf 0 → 100644
View file @ 0c0572f1
#################
# Security group
#################
variable "create" {
description = "Whether to create security group and all rules"
type = bool
default = true
}
variable "vpc_id" {
description = "ID of the VPC where to create security group"
type = string
}
variable "name" {
description = "Name of security group"
type = string
}
variable "use_name_prefix" {
description = "Whether to use name_prefix or fixed name. Should be true to able to update security group name after initial creation"
type = bool
default = true
}
variable "description" {
description = "Description of security group"
type = string
default = "Security Group managed by Terraform"
}
variable "revoke_rules_on_delete" {
description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
type = bool
default = false
}
variable "tags" {
description = "A mapping of tags to assign to security group"
type = map(string)
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
type = list(string)
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
type = list(map(string))
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "ingress_with_ipv6_cidr_blocks" {
description = "List of ingress rules to create where 'ipv6_cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
type = list(map(string))
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
type = list(string)
default = []
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
type = list(string)
default = []
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
type = list(string)
default = []
}
###################
# Computed Ingress
###################
variable "computed_ingress_rules" {
description = "List of computed ingress rules to create by name"
type = list(string)
default = []
}
variable "computed_ingress_with_self" {
description = "List of computed ingress rules to create where 'self' is defined"
type = list(map(string))
default = []
}
variable "computed_ingress_with_cidr_blocks" {
description = "List of computed ingress rules to create where 'cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "computed_ingress_with_ipv6_cidr_blocks" {
description = "List of computed ingress rules to create where 'ipv6_cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "computed_ingress_with_source_security_group_id" {
description = "List of computed ingress rules to create where 'source_security_group_id' is used"
type = list(map(string))
default = []
}
variable "computed_ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all computed ingress rules"
type = list(string)
default = []
}
variable "computed_ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all computed ingress rules"
type = list(string)
default = []
}
variable "computed_ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules"
type = list(string)
default = []
}
###################################
# Number of computed ingress rules
###################################
variable "number_of_computed_ingress_rules" {
description = "Number of computed ingress rules to create by name"
type = number
default = 0
}
variable "number_of_computed_ingress_with_self" {
description = "Number of computed ingress rules to create where 'self' is defined"
type = number
default = 0
}
variable "number_of_computed_ingress_with_cidr_blocks" {
description = "Number of computed ingress rules to create where 'cidr_blocks' is used"
type = number
default = 0
}
variable "number_of_computed_ingress_with_ipv6_cidr_blocks" {
description = "Number of computed ingress rules to create where 'ipv6_cidr_blocks' is used"
type = number
default = 0
}
variable "number_of_computed_ingress_with_source_security_group_id" {
description = "Number of computed ingress rules to create where 'source_security_group_id' is used"
type = number
default = 0
}
variable "number_of_computed_ingress_cidr_blocks" {
description = "Number of IPv4 CIDR ranges to use on all computed ingress rules"
type = number
default = 0
}
variable "number_of_computed_ingress_ipv6_cidr_blocks" {
description = "Number of IPv6 CIDR ranges to use on all computed ingress rules"
type = number
default = 0
}
variable "number_of_computed_ingress_prefix_list_ids" {
description = "Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules"
type = number
default = 0
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
type = list(string)
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
type = list(map(string))
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "egress_with_ipv6_cidr_blocks" {
description = "List of egress rules to create where 'ipv6_cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
type = list(map(string))
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
type = list(string)
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
type = list(string)
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
type = list(string)
default = []
}
##################
# Computed Egress
##################
variable "computed_egress_rules" {
description = "List of computed egress rules to create by name"
type = list(string)
default = []
}
variable "computed_egress_with_self" {
description = "List of computed egress rules to create where 'self' is defined"
type = list(map(string))
default = []
}
variable "computed_egress_with_cidr_blocks" {
description = "List of computed egress rules to create where 'cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "computed_egress_with_ipv6_cidr_blocks" {
description = "List of computed egress rules to create where 'ipv6_cidr_blocks' is used"
type = list(map(string))
default = []
}
variable "computed_egress_with_source_security_group_id" {
description = "List of computed egress rules to create where 'source_security_group_id' is used"
type = list(map(string))
default = []
}
variable "computed_egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all computed egress rules"
type = list(string)
default = ["0.0.0.0/0"]
}
variable "computed_egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all computed egress rules"
type = list(string)
default = ["::/0"]
}
variable "computed_egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules"
type = list(string)
default = []
}
##################################
# Number of computed egress rules
##################################
variable "number_of_computed_egress_rules" {
description = "Number of computed egress rules to create by name"
type = number
default = 0
}
variable "number_of_computed_egress_with_self" {
description = "Number of computed egress rules to create where 'self' is defined"
type = number
default = 0
}
variable "number_of_computed_egress_with_cidr_blocks" {
description = "Number of computed egress rules to create where 'cidr_blocks' is used"
type = number
default = 0
}
variable "number_of_computed_egress_with_ipv6_cidr_blocks" {
description = "Number of computed egress rules to create where 'ipv6_cidr_blocks' is used"
type = number
default = 0
}
variable "number_of_computed_egress_with_source_security_group_id" {
description = "Number of computed egress rules to create where 'source_security_group_id' is used"
type = number
default = 0
}
variable "number_of_computed_egress_cidr_blocks" {
description = "Number of IPv4 CIDR ranges to use on all computed egress rules"
type = number
default = 0
}
variable "number_of_computed_egress_ipv6_cidr_blocks" {
description = "Number of IPv6 CIDR ranges to use on all computed egress rules"
type = number
default = 0
}
variable "number_of_computed_egress_prefix_list_ids" {
description = "Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules"
type = number
default = 0
}
modules/ldap/versions.tf 0 → 100644
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42"
}
}
modules/ldaps/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **ldaps module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/ldaps/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/logstash/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **logstash module** is using are available [here](https://g
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/logstash/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/memcached/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **memcached module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/memcached/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/minio/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **minio module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/minio/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/mongodb/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **mongodb module** is using are available [here](https://gi
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/mongodb/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/mssql/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **mssql module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/mssql/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/mysql/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **mysql module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/mysql/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/nfs/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **nfs module** is using are available [here](https://github
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/nfs/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/nomad/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **nomad module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/nomad/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/ntp/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **ntp module** is using are available [here](https://github
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/ntp/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/openvpn/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **openvpn module** is using are available [here](https://gi
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/openvpn/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/oracle-db/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **oracle-db module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/oracle-db/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/postgresql/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **postgresql module** is using are available [here](https:/
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/postgresql/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/prometheus/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **prometheus module** is using are available [here](https:/
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/prometheus/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/puppet/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **puppet module** is using are available [here](https://git
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/puppet/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/rabbitmq/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **rabbitmq module** is using are available [here](https://g
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/rabbitmq/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/rdp/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **rdp module** is using are available [here](https://github
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/rdp/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/redis/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **redis module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/redis/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/redshift/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **redshift module** is using are available [here](https://g
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/redshift/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/solr/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **solr module** is using are available [here](https://githu
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/solr/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/splunk/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **splunk module** is using are available [here](https://git
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/splunk/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/squid/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **squid module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/squid/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/ssh/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **ssh module** is using are available [here](https://github
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/ssh/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/storm/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **storm module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/storm/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/web/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **web module** is using are available [here](https://github
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/web/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/winrm/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **winrm module** is using are available [here](https://gith
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/winrm/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/zipkin/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **zipkin module** is using are available [here](https://git
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/zipkin/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
modules/zookeeper/README.md
View file @ 0c0572f1
......@@ -18,8 +18,8 @@ All automatic values **zookeeper module** is using are available [here](https://
| Name | Version |
|------|---------|
| terraform | >= 0.12.6, < 0.14 |
| aws | >= 2.42, < 4.0 |
| terraform | >= 0.12.6 |
| aws | >= 2.42 |
## Providers
......
modules/zookeeper/versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
rules.tf
View file @ 0c0572f1
......@@ -78,6 +78,8 @@ variable "rules" {
kibana-tcp = [5601, 5601, "tcp", "Kibana Web Interface"]
# Kubernetes
kubernetes-api-tcp = [6443, 6443, "tcp", "Kubernetes API Server"]
# LDAP
ldap-tcp = [389, 389, "tcp", "LDAP"]
# LDAPS
ldaps-tcp = [636, 636, "tcp", "LDAPS"]
# Logstash
......@@ -269,6 +271,11 @@ variable "auto_groups" {
ingress_with_self = ["all-all"]
egress_rules = ["all-all"]
}
ldap = {
ingress_rules = ["ldap-tcp"]
ingress_with_self = ["all-all"]
egress_rules = ["all-all"]
}
ldaps = {
ingress_rules = ["ldaps-tcp"]
ingress_with_self = ["all-all"]
......
versions.tf
View file @ 0c0572f1
terraform {
required_version = ">= 0.12.6, < 0.14"
required_version = ">= 0.12.6"
required_providers {
aws = ">= 2.42, < 4.0"
aws = ">= 2.42"
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment