feat: Added optional revoke_rules_on_delete functionality (required for EMR) (#179)

main.tf

@@ -15,9 +15,10 @@ locals {
 resource "aws_security_group" "this" {
   count = var.create && false == var.use_name_prefix ? 1 : 0
 
-  name        = var.name
-  description = var.description
-  vpc_id      = var.vpc_id
+  name                   = var.name
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
 
   tags = merge(
     var.tags,
@@ -33,9 +34,10 @@ resource "aws_security_group" "this" {
 resource "aws_security_group" "this_name_prefix" {
   count = var.create && var.use_name_prefix ? 1 : 0
 
-  name_prefix = "${var.name}-"
-  description = var.description
-  vpc_id      = var.vpc_id
+  name_prefix            = "${var.name}-"
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
 
   tags = merge(
     var.tags,

modules/README.md

@@ -21,6 +21,7 @@ List of Security Groups implemented as Terraform modules
 * [kibana](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/kibana)
 * [kubernetes-api](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/kubernetes-api)
 * [ldaps](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/ldaps)
+* [logstash](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/logstash)
 * [memcached](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/memcached)
 * [minio](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/minio)
 * [mongodb](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/mongodb)

modules/_templates/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/_templates/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/_templates/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/activemq/README.md

@@ -18,7 +18,7 @@ All automatic values **activemq module** is using are available [here](https://g
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/activemq/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/activemq/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/activemq/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/alertmanager/README.md

@@ -18,7 +18,7 @@ All automatic values **alertmanager module** is using are available [here](https
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/alertmanager/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/alertmanager/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/alertmanager/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/carbon-relay-ng/README.md

@@ -18,7 +18,7 @@ All automatic values **carbon-relay-ng module** is using are available [here](ht
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/carbon-relay-ng/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/carbon-relay-ng/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/carbon-relay-ng/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/cassandra/README.md

@@ -18,7 +18,7 @@ All automatic values **cassandra module** is using are available [here](https://
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/cassandra/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/cassandra/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/cassandra/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/consul/README.md

@@ -18,7 +18,7 @@ All automatic values **consul module** is using are available [here](https://git
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/consul/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/consul/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/consul/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/docker-swarm/README.md

@@ -18,7 +18,7 @@ All automatic values **docker-swarm module** is using are available [here](https
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/docker-swarm/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/docker-swarm/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/docker-swarm/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/elasticsearch/README.md

@@ -18,7 +18,7 @@ All automatic values **elasticsearch module** is using are available [here](http
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/elasticsearch/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/elasticsearch/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/elasticsearch/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/grafana/README.md

@@ -18,7 +18,7 @@ All automatic values **grafana module** is using are available [here](https://gi
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/grafana/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/grafana/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/grafana/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/graphite-statsd/README.md

@@ -18,7 +18,7 @@ All automatic values **graphite-statsd module** is using are available [here](ht
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/graphite-statsd/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/graphite-statsd/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/graphite-statsd/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/http-80/README.md

@@ -18,7 +18,7 @@ All automatic values **http-80 module** is using are available [here](https://gi
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/http-80/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/http-80/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/http-80/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/http-8080/README.md

@@ -18,7 +18,7 @@ All automatic values **http-8080 module** is using are available [here](https://
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/http-8080/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/http-8080/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/http-8080/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/https-443/README.md

@@ -18,7 +18,7 @@ All automatic values **https-443 module** is using are available [here](https://
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/https-443/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/https-443/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/https-443/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/https-8443/README.md

@@ -18,7 +18,7 @@ All automatic values **https-8443 module** is using are available [here](https:/
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/https-8443/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/https-8443/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/https-8443/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/ipsec-4500/README.md

@@ -18,7 +18,7 @@ All automatic values **ipsec-4500 module** is using are available [here](https:/
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/ipsec-4500/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/ipsec-4500/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/ipsec-4500/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/ipsec-500/README.md

@@ -18,7 +18,7 @@ All automatic values **ipsec-500 module** is using are available [here](https://
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/ipsec-500/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/ipsec-500/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/ipsec-500/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/kafka/README.md

@@ -18,7 +18,7 @@ All automatic values **kafka module** is using are available [here](https://gith
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/kafka/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/kafka/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/kafka/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/kibana/README.md

@@ -18,7 +18,7 @@ All automatic values **kibana module** is using are available [here](https://git
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/kibana/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/kibana/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/kibana/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/kubernetes-api/README.md

@@ -18,7 +18,7 @@ All automatic values **kubernetes-api module** is using are available [here](htt
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/kubernetes-api/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/kubernetes-api/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/kubernetes-api/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/ldaps/README.md

@@ -18,7 +18,7 @@ All automatic values **ldaps module** is using are available [here](https://gith
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/ldaps/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/ldaps/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/ldaps/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/logstash/auto_values.tf

+# This file was generated from values defined in rules.tf using update_groups.sh.
+###################################
+# DO NOT CHANGE THIS FILE MANUALLY
+###################################
+
+variable "auto_ingress_rules" {
+  description = "List of ingress rules to add automatically"
+  type        = list(string)
+  default     = ["logstash-tcp"]
+}
+
+variable "auto_ingress_with_self" {
+  description = "List of maps defining ingress rules with self to add automatically"
+  type        = list(map(string))
+  default     = [{ "rule" = "all-all" }]
+}
+
+variable "auto_egress_rules" {
+  description = "List of egress rules to add automatically"
+  type        = list(string)
+  default     = ["all-all"]
+}
+
+variable "auto_egress_with_self" {
+  description = "List of maps defining egress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+# Computed
+variable "auto_computed_ingress_rules" {
+  description = "List of ingress rules to add automatically"
+  type        = list(string)
+  default     = []
+}
+
+variable "auto_computed_ingress_with_self" {
+  description = "List of maps defining computed ingress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+variable "auto_computed_egress_rules" {
+  description = "List of computed egress rules to add automatically"
+  type        = list(string)
+  default     = []
+}
+
+variable "auto_computed_egress_with_self" {
+  description = "List of maps defining computed egress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+# Number of computed rules
+variable "auto_number_of_computed_ingress_rules" {
+  description = "Number of computed ingress rules to create by name"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_ingress_with_self" {
+  description = "Number of computed ingress rules to create where 'self' is defined"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_egress_rules" {
+  description = "Number of computed egress rules to create by name"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_egress_with_self" {
+  description = "Number of computed egress rules to create where 'self' is defined"
+  type        = number
+  default     = 0
+}
+

modules/logstash/main.tf

+module "sg" {
+  source = "../../"
+
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
+
+  ##########
+  # Ingress
+  ##########
+  # Rules by names - open for default CIDR
+  ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
+
+  # Open for self
+  ingress_with_self = concat(var.auto_ingress_with_self, var.ingress_with_self)
+
+  # Open to IPv4 cidr blocks
+  ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  ingress_with_ipv6_cidr_blocks = var.ingress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
+
+  # Default ingress CIDR blocks
+  ingress_cidr_blocks      = var.ingress_cidr_blocks
+  ingress_ipv6_cidr_blocks = var.ingress_ipv6_cidr_blocks
+
+  # Default prefix list ids
+  ingress_prefix_list_ids = var.ingress_prefix_list_ids
+
+  ###################
+  # Computed Ingress
+  ###################
+  # Rules by names - open for default CIDR
+  computed_ingress_rules = sort(compact(distinct(concat(var.auto_computed_ingress_rules, var.computed_ingress_rules, [""]))))
+
+  # Open for self
+  computed_ingress_with_self = concat(var.auto_computed_ingress_with_self, var.computed_ingress_with_self)
+
+  # Open to IPv4 cidr blocks
+  computed_ingress_with_cidr_blocks = var.computed_ingress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  computed_ingress_with_ipv6_cidr_blocks = var.computed_ingress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  computed_ingress_with_source_security_group_id = var.computed_ingress_with_source_security_group_id
+
+  #############################
+  # Number of computed ingress
+  #############################
+  number_of_computed_ingress_rules                         = var.auto_number_of_computed_ingress_rules + var.number_of_computed_ingress_rules
+  number_of_computed_ingress_with_self                     = var.auto_number_of_computed_ingress_with_self + var.number_of_computed_ingress_with_self
+  number_of_computed_ingress_with_cidr_blocks              = var.number_of_computed_ingress_with_cidr_blocks
+  number_of_computed_ingress_with_ipv6_cidr_blocks         = var.number_of_computed_ingress_with_ipv6_cidr_blocks
+  number_of_computed_ingress_with_source_security_group_id = var.number_of_computed_ingress_with_source_security_group_id
+
+  #########
+  # Egress
+  #########
+  # Rules by names - open for default CIDR
+  egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
+
+  # Open for self
+  egress_with_self = concat(var.auto_egress_with_self, var.egress_with_self)
+
+  # Open to IPv4 cidr blocks
+  egress_with_cidr_blocks = var.egress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  egress_with_ipv6_cidr_blocks = var.egress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  egress_with_source_security_group_id = var.egress_with_source_security_group_id
+
+  # Default egress CIDR blocks
+  egress_cidr_blocks      = var.egress_cidr_blocks
+  egress_ipv6_cidr_blocks = var.egress_ipv6_cidr_blocks
+
+  # Default prefix list ids
+  egress_prefix_list_ids = var.egress_prefix_list_ids
+
+  ##################
+  # Computed Egress
+  ##################
+  # Rules by names - open for default CIDR
+  computed_egress_rules = sort(compact(distinct(concat(var.auto_computed_egress_rules, var.computed_egress_rules, [""]))))
+
+  # Open for self
+  computed_egress_with_self = concat(var.auto_computed_egress_with_self, var.computed_egress_with_self)
+
+  # Open to IPv4 cidr blocks
+  computed_egress_with_cidr_blocks = var.computed_egress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  computed_egress_with_ipv6_cidr_blocks = var.computed_egress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  computed_egress_with_source_security_group_id = var.computed_egress_with_source_security_group_id
+
+  #############################
+  # Number of computed egress
+  #############################
+  number_of_computed_egress_rules                         = var.auto_number_of_computed_egress_rules + var.number_of_computed_egress_rules
+  number_of_computed_egress_with_self                     = var.auto_number_of_computed_egress_with_self + var.number_of_computed_egress_with_self
+  number_of_computed_egress_with_cidr_blocks              = var.number_of_computed_egress_with_cidr_blocks
+  number_of_computed_egress_with_ipv6_cidr_blocks         = var.number_of_computed_egress_with_ipv6_cidr_blocks
+  number_of_computed_egress_with_source_security_group_id = var.number_of_computed_egress_with_source_security_group_id
+}

modules/logstash/outputs.tf

+output "this_security_group_id" {
+  description = "The ID of the security group"
+  value       = module.sg.this_security_group_id
+}
+
+output "this_security_group_vpc_id" {
+  description = "The VPC ID"
+  value       = module.sg.this_security_group_vpc_id
+}
+
+output "this_security_group_owner_id" {
+  description = "The owner ID"
+  value       = module.sg.this_security_group_owner_id
+}
+
+output "this_security_group_name" {
+  description = "The name of the security group"
+  value       = module.sg.this_security_group_name
+}
+
+output "this_security_group_description" {
+  description = "The description of the security group"
+  value       = module.sg.this_security_group_description
+}

modules/logstash/versions.tf

+terraform {
+  required_version = ">= 0.12.6, < 0.14"
+
+  required_providers {
+    aws = "~> 2.42"
+  }
+}

modules/memcached/README.md

@@ -18,7 +18,7 @@ All automatic values **memcached module** is using are available [here](https://
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/memcached/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/memcached/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/memcached/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/minio/README.md

@@ -18,7 +18,7 @@ All automatic values **minio module** is using are available [here](https://gith
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/minio/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/minio/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/minio/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"

modules/mongodb/README.md

@@ -18,7 +18,7 @@ All automatic values **mongodb module** is using are available [here](https://gi
 
 | Name | Version |
 |------|---------|
-| terraform | ~> 0.12.6 |
+| terraform | >= 0.12.6, < 0.14 |
 | aws | ~> 2.42 |
 
 ## Providers
@@ -92,6 +92,7 @@ No provider.
 | number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6\_cidr\_blocks' is used | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | `number` | `0` | no |
 | number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source\_security\_group\_id' is used | `number` | `0` | no |
+| revoke\_rules\_on\_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR. | `bool` | `false` | no |
 | tags | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
 | use\_name\_prefix | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | vpc\_id | ID of the VPC where to create security group | `string` | n/a | yes |

modules/mongodb/main.tf

 module "sg" {
   source = "../../"
 
-  create          = var.create
-  name            = var.name
-  use_name_prefix = var.use_name_prefix
-  description     = var.description
-  vpc_id          = var.vpc_id
-  tags            = var.tags
+  create                 = var.create
+  name                   = var.name
+  use_name_prefix        = var.use_name_prefix
+  description            = var.description
+  vpc_id                 = var.vpc_id
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  tags                   = var.tags
 
   ##########
   # Ingress

modules/mongodb/variables.tf

@@ -29,6 +29,12 @@ variable "description" {
   default     = "Security Group managed by Terraform"
 }
 
+variable "revoke_rules_on_delete" {
+  description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. Enable for EMR."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "A mapping of tags to assign to security group"
   type        = map(string)

modules/mongodb/versions.tf

 terraform {
-  required_version = "~> 0.12.6"
+  required_version = ">= 0.12.6, < 0.14"
 
   required_providers {
     aws = "~> 2.42"