Fixed redshift by running update_rules script

1ae398ef · Anton Babenko · 3ad579d4 · 1ae398ef · 1ae398ef · 1ae398ef
Commit 1ae398ef authored Jan 10, 2018 by Anton Babenko
Showing with 27 additions and 13 deletions

README.md modules/README.md +2 -0

main.tf modules/redshift/main.tf +9 -2

outputs.tf modules/redshift/outputs.tf +0 -10

variables.tf modules/redshift/variables.tf +16 -1

No files found.
--- a/modules/README.md
+++ b/modules/README.md
@@ -9,6 +9,8 @@ List of Security Groups implemented as Terraform modules
 * [elasticsearch](elasticsearch)
 * [http-80](http-80)
 * [https-443](https-443)
+* [ipsec-4500](ipsec-4500)
+* [ipsec-500](ipsec-500)
 * [kafka](kafka)
 * [ldaps](ldaps)
 * [memcached](memcached)

--- a/modules/redshift/main.tf
+++ b/modules/redshift/main.tf
 module "sg" {
  source = "../../"

+  create      = "${var.create}"
  name        = "${var.name}"
  description = "${var.description}"
  vpc_id      = "${var.vpc_id}"
@@ -15,9 +16,12 @@ module "sg" {
  # Open for self
  ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]

-  # Open to cidr_blocks
+  # Open to IPv4 cidr blocks
  ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]

+  # Open to IPv6 cidr blocks
+  ingress_with_ipv6_cidr_blocks = ["${var.ingress_with_ipv6_cidr_blocks}"]
+
  # Open for security group id
  ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]

@@ -37,9 +41,12 @@ module "sg" {
  # Open for self
  egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]

-  # Open to cidr_blocks
+  # Open to IPv4 cidr blocks
  egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]

+  # Open to IPv6 cidr blocks
+  egress_with_ipv6_cidr_blocks = ["${var.egress_with_ipv6_cidr_blocks}"]
+
  # Open for security group id
  egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]


--- a/modules/redshift/outputs.tf
+++ b/modules/redshift/outputs.tf
@@ -22,13 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = "${module.sg.this_security_group_description}"
 }
-
-output "this_security_group_ingress" {
-  description = "The ingress rules"
-  value       = "${module.sg.this_security_group_ingress}"
-}
-
-output "this_security_group_egress" {
-  description = "The egress rules"
-  value       = "${module.sg.this_security_group_egress}"
-}
--- a/modules/redshift/variables.tf
+++ b/modules/redshift/variables.tf
 #################
 # Security group
 #################
+variable "create" {
+  description = "Whether to create security group and all rules"
+  default     = true
+}
+
 variable "vpc_id" {
-  description = "ID of VPC to create security group into"
+  description = "ID of the VPC where to create security group"
 }

 variable "name" {
@@ -37,6 +42,11 @@ variable "ingress_with_cidr_blocks" {
  default     = []
 }

+variable "ingress_with_ipv6_cidr_blocks" {
+  description = "List of ingress rules to create where 'ipv6_cidr_blocks' is used"
+  default     = []
+}
+
 variable "ingress_with_source_security_group_id" {
  description = "List of ingress rules to create where 'source_security_group_id' is used"
  default     = []
@@ -75,6 +85,11 @@ variable "egress_with_cidr_blocks" {
  default     = []
 }

+variable "egress_with_ipv6_cidr_blocks" {
+  description = "List of egress rules to create where 'ipv6_cidr_blocks' is used"
+  default     = []
+}
+
 variable "egress_with_source_security_group_id" {
  description = "List of egress rules to create where 'source_security_group_id' is used"
  default     = []