Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
T
terraform-aws-security-group
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Packages
Packages
Container Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Terraform Modules
terraform-aws-security-group
Commits
188b5363
Commit
188b5363
authored
Jan 10, 2018
by
Ahmed
Committed by
Anton Babenko
Jan 10, 2018
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add support for Rule descriptions with a safe default value (#27)
parent
e303e890
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
0 deletions
+11
-0
main.tf
main.tf
+11
-0
No files found.
main.tf
View file @
188b5363
...
@@ -24,6 +24,7 @@ resource "aws_security_group_rule" "ingress_rules" {
...
@@ -24,6 +24,7 @@ resource "aws_security_group_rule" "ingress_rules" {
cidr_blocks
=
[
"
${
var
.
ingress_cidr_blocks
}
"
]
cidr_blocks
=
[
"
${
var
.
ingress_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
description
=
"
${
element
(
var
.
rules
[
var
.
ingress_rules
[
count
.
index
]],
3
)
}
"
from_port
=
"
${
element
(
var
.
rules
[
var
.
ingress_rules
[
count
.
index
]],
0
)
}
"
from_port
=
"
${
element
(
var
.
rules
[
var
.
ingress_rules
[
count
.
index
]],
0
)
}
"
to_port
=
"
${
element
(
var
.
rules
[
var
.
ingress_rules
[
count
.
index
]],
1
)
}
"
to_port
=
"
${
element
(
var
.
rules
[
var
.
ingress_rules
[
count
.
index
]],
1
)
}
"
...
@@ -43,6 +44,7 @@ resource "aws_security_group_rule" "ingress_with_source_security_group_id" {
...
@@ -43,6 +44,7 @@ resource "aws_security_group_rule" "ingress_with_source_security_group_id" {
source_security_group_id
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"source_security_group_id"
)
}
"
source_security_group_id
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"source_security_group_id"
)
}
"
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"description"
,
"Ingress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -58,6 +60,7 @@ resource "aws_security_group_rule" "ingress_with_cidr_blocks" {
...
@@ -58,6 +60,7 @@ resource "aws_security_group_rule" "ingress_with_cidr_blocks" {
cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"cidr_blocks"
,
join
(
","
,
var
.
ingress_cidr_blocks
)))
}
"
]
cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"cidr_blocks"
,
join
(
","
,
var
.
ingress_cidr_blocks
)))
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"description"
,
"Ingress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -73,6 +76,7 @@ resource "aws_security_group_rule" "ingress_with_ipv6_cidr_blocks" {
...
@@ -73,6 +76,7 @@ resource "aws_security_group_rule" "ingress_with_ipv6_cidr_blocks" {
ipv6_cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"ipv6_cidr_blocks"
,
join
(
","
,
var
.
ingress_ipv6_cidr_blocks
)))
}
"
]
ipv6_cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"ipv6_cidr_blocks"
,
join
(
","
,
var
.
ingress_ipv6_cidr_blocks
)))
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"description"
,
"Ingress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -89,6 +93,7 @@ resource "aws_security_group_rule" "ingress_with_self" {
...
@@ -89,6 +93,7 @@ resource "aws_security_group_rule" "ingress_with_self" {
self
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"self"
,
true
)
}
"
self
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"self"
,
true
)
}
"
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
ingress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
ingress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"description"
,
"Ingress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
ingress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -112,6 +117,8 @@ resource "aws_security_group_rule" "egress_rules" {
...
@@ -112,6 +117,8 @@ resource "aws_security_group_rule" "egress_rules" {
cidr_blocks
=
[
"
${
var
.
egress_cidr_blocks
}
"
]
cidr_blocks
=
[
"
${
var
.
egress_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
description
=
"
${
element
(
var
.
rules
[
var
.
egress_rules
[
count
.
index
]],
3
)
}
"
from_port
=
"
${
element
(
var
.
rules
[
var
.
egress_rules
[
count
.
index
]],
0
)
}
"
from_port
=
"
${
element
(
var
.
rules
[
var
.
egress_rules
[
count
.
index
]],
0
)
}
"
to_port
=
"
${
element
(
var
.
rules
[
var
.
egress_rules
[
count
.
index
]],
1
)
}
"
to_port
=
"
${
element
(
var
.
rules
[
var
.
egress_rules
[
count
.
index
]],
1
)
}
"
...
@@ -131,6 +138,7 @@ resource "aws_security_group_rule" "egress_with_source_security_group_id" {
...
@@ -131,6 +138,7 @@ resource "aws_security_group_rule" "egress_with_source_security_group_id" {
source_security_group_id
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"source_security_group_id"
)
}
"
source_security_group_id
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"source_security_group_id"
)
}
"
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"description"
,
"Egress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_source_security_group_id
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -146,6 +154,7 @@ resource "aws_security_group_rule" "egress_with_cidr_blocks" {
...
@@ -146,6 +154,7 @@ resource "aws_security_group_rule" "egress_with_cidr_blocks" {
cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"cidr_blocks"
,
join
(
","
,
var
.
egress_cidr_blocks
)))
}
"
]
cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"cidr_blocks"
,
join
(
","
,
var
.
egress_cidr_blocks
)))
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"description"
,
"Egress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -161,6 +170,7 @@ resource "aws_security_group_rule" "egress_with_ipv6_cidr_blocks" {
...
@@ -161,6 +170,7 @@ resource "aws_security_group_rule" "egress_with_ipv6_cidr_blocks" {
ipv6_cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"ipv6_cidr_blocks"
,
join
(
","
,
var
.
egress_ipv6_cidr_blocks
)))
}
"
]
ipv6_cidr_blocks
=
[
"
${
split
(
","
,
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"ipv6_cidr_blocks"
,
join
(
","
,
var
.
egress_ipv6_cidr_blocks
)))
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"description"
,
"Egress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_ipv6_cidr_blocks
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
@@ -177,6 +187,7 @@ resource "aws_security_group_rule" "egress_with_self" {
...
@@ -177,6 +187,7 @@ resource "aws_security_group_rule" "egress_with_self" {
self
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"self"
,
true
)
}
"
self
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"self"
,
true
)
}
"
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
ipv6_cidr_blocks
=
[
"
${
var
.
egress_ipv6_cidr_blocks
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
prefix_list_ids
=
[
"
${
var
.
egress_prefix_list_ids
}
"
]
description
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"description"
,
"Egress Rule"
)
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
from_port
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"from_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
0
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
to_port
=
"
${
lookup
(
var
.
egress_with_self
[
count
.
index
],
"to_port"
,
element
(
var
.
rules
[
lookup
(
var
.
egress_with_self
[
count
.
index
],
"rule"
,
"_"
)],
1
))
}
"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
