Add ActiveMQ rules (#143)

7a4bce75 · Miguel Ferreira · Anton Babenko · b1bee722 · 7a4bce75 · 7a4bce75
Commit 7a4bce75 authored Nov 14, 2019 by Miguel Ferreira Committed by Anton Babenko Nov 14, 2019
46 changed files
--- a/README.md
+++ b/README.md
--- a/modules/README.md
+++ b/modules/README.md
@@ -2,6 +2,7 @@ List of Security Groups implemented as Terraform modules
 ========================================================


+* [activemq](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/activemq)
 * [carbon-relay-ng](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/carbon-relay-ng)
 * [cassandra](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/cassandra)
 * [consul](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/consul)

--- a/modules/activemq/README.md
+++ b/modules/activemq/README.md
+# activemq - AWS EC2-VPC Security Group Terraform module
+
+## Usage
+
+```hcl
+module "activemq_security_group" {
+  source  = "terraform-aws-modules/security-group/aws//modules/activemq"
+  version = "~> 3.0"
+
+  # omitted...
+}
+```
+
+All automatic values **activemq module** is using are available [here](https://github.com/terraform-aws-modules/terraform-aws-security-group/blob/master/modules/activemq/auto_values.tf).
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| auto\_computed\_egress\_rules | List of computed egress rules to add automatically | list(string) | `[]` | no |
+| auto\_computed\_egress\_with\_self | List of maps defining computed egress rules with self to add automatically | list(map(string)) | `[]` | no |
+| auto\_computed\_ingress\_rules | List of ingress rules to add automatically | list(string) | `[]` | no |
+| auto\_computed\_ingress\_with\_self | List of maps defining computed ingress rules with self to add automatically | list(map(string)) | `[]` | no |
+| auto\_egress\_rules | List of egress rules to add automatically | list(string) | `[ "all-all" ]` | no |
+| auto\_egress\_with\_self | List of maps defining egress rules with self to add automatically | list(map(string)) | `[]` | no |
+| auto\_ingress\_rules | List of ingress rules to add automatically | list(string) | `[ "activemq-5671-tcp", "activemq-8883-tcp", "activemq-61614-tcp", "activemq-61617-tcp", "activemq-61619-tcp" ]` | no |
+| auto\_ingress\_with\_self | List of maps defining ingress rules with self to add automatically | list(map(string)) | `[ { "rule": "all-all" } ]` | no |
+| auto\_number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | number | `"0"` | no |
+| auto\_number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | number | `"0"` | no |
+| auto\_number\_of\_computed\_ingress\_rules | Number of computed ingress rules to create by name | number | `"0"` | no |
+| auto\_number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | number | `"0"` | no |
+| computed\_egress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all computed egress rules | list(string) | `[ "0.0.0.0/0" ]` | no |
+| computed\_egress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all computed egress rules | list(string) | `[ "::/0" ]` | no |
+| computed\_egress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules | list(string) | `[]` | no |
+| computed\_egress\_rules | List of computed egress rules to create by name | list(string) | `[]` | no |
+| computed\_egress\_with\_cidr\_blocks | List of computed egress rules to create where 'cidr_blocks' is used | list(map(string)) | `[]` | no |
+| computed\_egress\_with\_ipv6\_cidr\_blocks | List of computed egress rules to create where 'ipv6_cidr_blocks' is used | list(map(string)) | `[]` | no |
+| computed\_egress\_with\_self | List of computed egress rules to create where 'self' is defined | list(map(string)) | `[]` | no |
+| computed\_egress\_with\_source\_security\_group\_id | List of computed egress rules to create where 'source_security_group_id' is used | list(map(string)) | `[]` | no |
+| computed\_ingress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all computed ingress rules | list(string) | `[]` | no |
+| computed\_ingress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all computed ingress rules | list(string) | `[]` | no |
+| computed\_ingress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules | list(string) | `[]` | no |
+| computed\_ingress\_rules | List of computed ingress rules to create by name | list(string) | `[]` | no |
+| computed\_ingress\_with\_cidr\_blocks | List of computed ingress rules to create where 'cidr_blocks' is used | list(map(string)) | `[]` | no |
+| computed\_ingress\_with\_ipv6\_cidr\_blocks | List of computed ingress rules to create where 'ipv6_cidr_blocks' is used | list(map(string)) | `[]` | no |
+| computed\_ingress\_with\_self | List of computed ingress rules to create where 'self' is defined | list(map(string)) | `[]` | no |
+| computed\_ingress\_with\_source\_security\_group\_id | List of computed ingress rules to create where 'source_security_group_id' is used | list(map(string)) | `[]` | no |
+| create | Whether to create security group and all rules | bool | `"true"` | no |
+| description | Description of security group | string | `"Security Group managed by Terraform"` | no |
+| egress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all egress rules | list(string) | `[ "0.0.0.0/0" ]` | no |
+| egress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all egress rules | list(string) | `[ "::/0" ]` | no |
+| egress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules | list(string) | `[]` | no |
+| egress\_rules | List of egress rules to create by name | list(string) | `[]` | no |
+| egress\_with\_cidr\_blocks | List of egress rules to create where 'cidr_blocks' is used | list(map(string)) | `[]` | no |
+| egress\_with\_ipv6\_cidr\_blocks | List of egress rules to create where 'ipv6_cidr_blocks' is used | list(map(string)) | `[]` | no |
+| egress\_with\_self | List of egress rules to create where 'self' is defined | list(map(string)) | `[]` | no |
+| egress\_with\_source\_security\_group\_id | List of egress rules to create where 'source_security_group_id' is used | list(map(string)) | `[]` | no |
+| ingress\_cidr\_blocks | List of IPv4 CIDR ranges to use on all ingress rules | list(string) | `[]` | no |
+| ingress\_ipv6\_cidr\_blocks | List of IPv6 CIDR ranges to use on all ingress rules | list(string) | `[]` | no |
+| ingress\_prefix\_list\_ids | List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules | list(string) | `[]` | no |
+| ingress\_rules | List of ingress rules to create by name | list(string) | `[]` | no |
+| ingress\_with\_cidr\_blocks | List of ingress rules to create where 'cidr_blocks' is used | list(map(string)) | `[]` | no |
+| ingress\_with\_ipv6\_cidr\_blocks | List of ingress rules to create where 'ipv6_cidr_blocks' is used | list(map(string)) | `[]` | no |
+| ingress\_with\_self | List of ingress rules to create where 'self' is defined | list(map(string)) | `[]` | no |
+| ingress\_with\_source\_security\_group\_id | List of ingress rules to create where 'source_security_group_id' is used | list(map(string)) | `[]` | no |
+| name | Name of security group | string | n/a | yes |
+| number\_of\_computed\_egress\_cidr\_blocks | Number of IPv4 CIDR ranges to use on all computed egress rules | number | `"0"` | no |
+| number\_of\_computed\_egress\_ipv6\_cidr\_blocks | Number of IPv6 CIDR ranges to use on all computed egress rules | number | `"0"` | no |
+| number\_of\_computed\_egress\_prefix\_list\_ids | Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed egress rules | number | `"0"` | no |
+| number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | number | `"0"` | no |
+| number\_of\_computed\_egress\_with\_cidr\_blocks | Number of computed egress rules to create where 'cidr_blocks' is used | number | `"0"` | no |
+| number\_of\_computed\_egress\_with\_ipv6\_cidr\_blocks | Number of computed egress rules to create where 'ipv6_cidr_blocks' is used | number | `"0"` | no |
+| number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | number | `"0"` | no |
+| number\_of\_computed\_egress\_with\_source\_security\_group\_id | Number of computed egress rules to create where 'source_security_group_id' is used | number | `"0"` | no |
+| number\_of\_computed\_ingress\_cidr\_blocks | Number of IPv4 CIDR ranges to use on all computed ingress rules | number | `"0"` | no |
+| number\_of\_computed\_ingress\_ipv6\_cidr\_blocks | Number of IPv6 CIDR ranges to use on all computed ingress rules | number | `"0"` | no |
+| number\_of\_computed\_ingress\_prefix\_list\_ids | Number of prefix list IDs (for allowing access to VPC endpoints) to use on all computed ingress rules | number | `"0"` | no |
+| number\_of\_computed\_ingress\_rules | Number of computed ingress rules to create by name | number | `"0"` | no |
+| number\_of\_computed\_ingress\_with\_cidr\_blocks | Number of computed ingress rules to create where 'cidr_blocks' is used | number | `"0"` | no |
+| number\_of\_computed\_ingress\_with\_ipv6\_cidr\_blocks | Number of computed ingress rules to create where 'ipv6_cidr_blocks' is used | number | `"0"` | no |
+| number\_of\_computed\_ingress\_with\_self | Number of computed ingress rules to create where 'self' is defined | number | `"0"` | no |
+| number\_of\_computed\_ingress\_with\_source\_security\_group\_id | Number of computed ingress rules to create where 'source_security_group_id' is used | number | `"0"` | no |
+| tags | A mapping of tags to assign to security group | map(string) | `{}` | no |
+| use\_name\_prefix | Whether to use name_prefix or fixed name. Should be true to able to update security group name after initial creation | bool | `"true"` | no |
+| vpc\_id | ID of the VPC where to create security group | string | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| this\_security\_group\_description | The description of the security group |
+| this\_security\_group\_id | The ID of the security group |
+| this\_security\_group\_name | The name of the security group |
+| this\_security\_group\_owner\_id | The owner ID |
+| this\_security\_group\_vpc\_id | The VPC ID |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
--- a/modules/activemq/auto_values.tf
+++ b/modules/activemq/auto_values.tf
+# This file was generated from values defined in rules.tf using update_groups.sh.
+###################################
+# DO NOT CHANGE THIS FILE MANUALLY
+###################################
+
+variable "auto_ingress_rules" {
+  description = "List of ingress rules to add automatically"
+  type        = list(string)
+  default     = ["activemq-5671-tcp", "activemq-8883-tcp", "activemq-61614-tcp", "activemq-61617-tcp", "activemq-61619-tcp"]
+}
+
+variable "auto_ingress_with_self" {
+  description = "List of maps defining ingress rules with self to add automatically"
+  type        = list(map(string))
+  default     = [{ "rule" = "all-all" }]
+}
+
+variable "auto_egress_rules" {
+  description = "List of egress rules to add automatically"
+  type        = list(string)
+  default     = ["all-all"]
+}
+
+variable "auto_egress_with_self" {
+  description = "List of maps defining egress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+# Computed
+variable "auto_computed_ingress_rules" {
+  description = "List of ingress rules to add automatically"
+  type        = list(string)
+  default     = []
+}
+
+variable "auto_computed_ingress_with_self" {
+  description = "List of maps defining computed ingress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+variable "auto_computed_egress_rules" {
+  description = "List of computed egress rules to add automatically"
+  type        = list(string)
+  default     = []
+}
+
+variable "auto_computed_egress_with_self" {
+  description = "List of maps defining computed egress rules with self to add automatically"
+  type        = list(map(string))
+  default     = []
+}
+
+# Number of computed rules
+variable "auto_number_of_computed_ingress_rules" {
+  description = "Number of computed ingress rules to create by name"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_ingress_with_self" {
+  description = "Number of computed ingress rules to create where 'self' is defined"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_egress_rules" {
+  description = "Number of computed egress rules to create by name"
+  type        = number
+  default     = 0
+}
+
+variable "auto_number_of_computed_egress_with_self" {
+  description = "Number of computed egress rules to create where 'self' is defined"
+  type        = number
+  default     = 0
+}
+
--- a/modules/activemq/main.tf
+++ b/modules/activemq/main.tf
+module "sg" {
+  source = "../../"
+
+  create          = var.create
+  name            = var.name
+  use_name_prefix = var.use_name_prefix
+  description     = var.description
+  vpc_id          = var.vpc_id
+  tags            = var.tags
+
+  ##########
+  # Ingress
+  ##########
+  # Rules by names - open for default CIDR
+  ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
+
+  # Open for self
+  ingress_with_self = concat(var.auto_ingress_with_self, var.ingress_with_self)
+
+  # Open to IPv4 cidr blocks
+  ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  ingress_with_ipv6_cidr_blocks = var.ingress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
+
+  # Default ingress CIDR blocks
+  ingress_cidr_blocks      = var.ingress_cidr_blocks
+  ingress_ipv6_cidr_blocks = var.ingress_ipv6_cidr_blocks
+
+  # Default prefix list ids
+  ingress_prefix_list_ids = var.ingress_prefix_list_ids
+
+  ###################
+  # Computed Ingress
+  ###################
+  # Rules by names - open for default CIDR
+  computed_ingress_rules = sort(compact(distinct(concat(var.auto_computed_ingress_rules, var.computed_ingress_rules, [""]))))
+
+  # Open for self
+  computed_ingress_with_self = concat(var.auto_computed_ingress_with_self, var.computed_ingress_with_self)
+
+  # Open to IPv4 cidr blocks
+  computed_ingress_with_cidr_blocks = var.computed_ingress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  computed_ingress_with_ipv6_cidr_blocks = var.computed_ingress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  computed_ingress_with_source_security_group_id = var.computed_ingress_with_source_security_group_id
+
+  #############################
+  # Number of computed ingress
+  #############################
+  number_of_computed_ingress_rules                         = var.auto_number_of_computed_ingress_rules + var.number_of_computed_ingress_rules
+  number_of_computed_ingress_with_self                     = var.auto_number_of_computed_ingress_with_self + var.number_of_computed_ingress_with_self
+  number_of_computed_ingress_with_cidr_blocks              = var.number_of_computed_ingress_with_cidr_blocks
+  number_of_computed_ingress_with_ipv6_cidr_blocks         = var.number_of_computed_ingress_with_ipv6_cidr_blocks
+  number_of_computed_ingress_with_source_security_group_id = var.number_of_computed_ingress_with_source_security_group_id
+
+  #########
+  # Egress
+  #########
+  # Rules by names - open for default CIDR
+  egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
+
+  # Open for self
+  egress_with_self = concat(var.auto_egress_with_self, var.egress_with_self)
+
+  # Open to IPv4 cidr blocks
+  egress_with_cidr_blocks = var.egress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  egress_with_ipv6_cidr_blocks = var.egress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  egress_with_source_security_group_id = var.egress_with_source_security_group_id
+
+  # Default egress CIDR blocks
+  egress_cidr_blocks      = var.egress_cidr_blocks
+  egress_ipv6_cidr_blocks = var.egress_ipv6_cidr_blocks
+
+  # Default prefix list ids
+  egress_prefix_list_ids = var.egress_prefix_list_ids
+
+  ##################
+  # Computed Egress
+  ##################
+  # Rules by names - open for default CIDR
+  computed_egress_rules = sort(compact(distinct(concat(var.auto_computed_egress_rules, var.computed_egress_rules, [""]))))
+
+  # Open for self
+  computed_egress_with_self = concat(var.auto_computed_egress_with_self, var.computed_egress_with_self)
+
+  # Open to IPv4 cidr blocks
+  computed_egress_with_cidr_blocks = var.computed_egress_with_cidr_blocks
+
+  # Open to IPv6 cidr blocks
+  computed_egress_with_ipv6_cidr_blocks = var.computed_egress_with_ipv6_cidr_blocks
+
+  # Open for security group id
+  computed_egress_with_source_security_group_id = var.computed_egress_with_source_security_group_id
+
+  #############################
+  # Number of computed egress
+  #############################
+  number_of_computed_egress_rules                         = var.auto_number_of_computed_egress_rules + var.number_of_computed_egress_rules
+  number_of_computed_egress_with_self                     = var.auto_number_of_computed_egress_with_self + var.number_of_computed_egress_with_self
+  number_of_computed_egress_with_cidr_blocks              = var.number_of_computed_egress_with_cidr_blocks
+  number_of_computed_egress_with_ipv6_cidr_blocks         = var.number_of_computed_egress_with_ipv6_cidr_blocks
+  number_of_computed_egress_with_source_security_group_id = var.number_of_computed_egress_with_source_security_group_id
+}
--- a/modules/activemq/outputs.tf
+++ b/modules/activemq/outputs.tf
+output "this_security_group_id" {
+  description = "The ID of the security group"
+  value       = module.sg.this_security_group_id
+}
+
+output "this_security_group_vpc_id" {
+  description = "The VPC ID"
+  value       = module.sg.this_security_group_vpc_id
+}
+
+output "this_security_group_owner_id" {
+  description = "The owner ID"
+  value       = module.sg.this_security_group_owner_id
+}
+
+output "this_security_group_name" {
+  description = "The name of the security group"
+  value       = module.sg.this_security_group_name
+}
+
+output "this_security_group_description" {
+  description = "The description of the security group"
+  value       = module.sg.this_security_group_description
+}
--- a/modules/activemq/variables.tf
+++ b/modules/activemq/variables.tf
--- a/modules/carbon-relay-ng/outputs.tf
+++ b/modules/carbon-relay-ng/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/cassandra/outputs.tf
+++ b/modules/cassandra/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/consul/outputs.tf
+++ b/modules/consul/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/docker-swarm/outputs.tf
+++ b/modules/docker-swarm/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/elasticsearch/outputs.tf
+++ b/modules/elasticsearch/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/http-80/outputs.tf
+++ b/modules/http-80/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/http-8080/outputs.tf
+++ b/modules/http-8080/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/https-443/outputs.tf
+++ b/modules/https-443/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/https-8443/outputs.tf
+++ b/modules/https-8443/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/ipsec-4500/outputs.tf
+++ b/modules/ipsec-4500/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/ipsec-500/outputs.tf
+++ b/modules/ipsec-500/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/kafka/outputs.tf
+++ b/modules/kafka/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/ldaps/outputs.tf
+++ b/modules/ldaps/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/memcached/outputs.tf
+++ b/modules/memcached/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/mongodb/outputs.tf
+++ b/modules/mongodb/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/mssql/outputs.tf
+++ b/modules/mssql/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/mysql/outputs.tf
+++ b/modules/mysql/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/nfs/outputs.tf
+++ b/modules/nfs/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/nomad/outputs.tf
+++ b/modules/nomad/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/ntp/outputs.tf
+++ b/modules/ntp/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/openvpn/outputs.tf
+++ b/modules/openvpn/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/oracle-db/outputs.tf
+++ b/modules/oracle-db/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/postgresql/outputs.tf
+++ b/modules/postgresql/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/puppet/outputs.tf
+++ b/modules/puppet/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/rabbitmq/outputs.tf
+++ b/modules/rabbitmq/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/rdp/outputs.tf
+++ b/modules/rdp/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/redis/outputs.tf
+++ b/modules/redis/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/redshift/outputs.tf
+++ b/modules/redshift/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/splunk/README.md
+++ b/modules/splunk/README.md
@@ -24,7 +24,7 @@ All automatic values **splunk module** is using are available [here](https://git
 | auto\_computed\_ingress\_with\_self | List of maps defining computed ingress rules with self to add automatically | list(map(string)) | `[]` | no |
 | auto\_egress\_rules | List of egress rules to add automatically | list(string) | `[ "all-all" ]` | no |
 | auto\_egress\_with\_self | List of maps defining egress rules with self to add automatically | list(map(string)) | `[]` | no |
-| auto\_ingress\_rules | List of ingress rules to add automatically | list(string) | `[ "splunk-indexer-tcp", "splunk-web-tcp", "splunk-splunkd-tcp", "splunk-hec-tcp" ]` | no |
+| auto\_ingress\_rules | List of ingress rules to add automatically | list(string) | `[ "splunk-indexer-tcp", "splunk-clients-tcp", "splunk-splunkd-tcp", "splunk-hec-tcp" ]` | no |
 | auto\_ingress\_with\_self | List of maps defining ingress rules with self to add automatically | list(map(string)) | `[ { "rule": "all-all" } ]` | no |
 | auto\_number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | number | `"0"` | no |
 | auto\_number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | number | `"0"` | no |

--- a/modules/splunk/auto_values.tf
+++ b/modules/splunk/auto_values.tf
@@ -6,7 +6,7 @@
 variable "auto_ingress_rules" {
  description = "List of ingress rules to add automatically"
  type        = list(string)
-  default     = ["splunk-indexer-tcp", "splunk-web-tcp", "splunk-splunkd-tcp", "splunk-hec-tcp"]
+  default     = ["splunk-indexer-tcp", "splunk-clients-tcp", "splunk-splunkd-tcp", "splunk-hec-tcp"]
 }

 variable "auto_ingress_with_self" {

--- a/modules/splunk/outputs.tf
+++ b/modules/splunk/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/squid/outputs.tf
+++ b/modules/squid/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/ssh/outputs.tf
+++ b/modules/ssh/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/storm/outputs.tf
+++ b/modules/storm/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/web/outputs.tf
+++ b/modules/web/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/winrm/outputs.tf
+++ b/modules/winrm/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/zipkin/outputs.tf
+++ b/modules/zipkin/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/modules/zookeeper/outputs.tf
+++ b/modules/zookeeper/outputs.tf
@@ -22,4 +22,3 @@ output "this_security_group_description" {
  description = "The description of the security group"
  value       = module.sg.this_security_group_description
 }
-
--- a/rules.tf
+++ b/rules.tf
@@ -5,6 +5,12 @@ variable "rules" {
  # Protocols (tcp, udp, icmp, all - are allowed keywords) or numbers (from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml):
  # All = -1, IPV4-ICMP = 1, TCP = 6, UDP = 16, IPV6-ICMP = 58
  default = {
+    # ActiveMQ
+    activemq-5671-tcp  = [5671, 5671, "tcp", "ActiveMQ AMQP"]
+    activemq-8883-tcp  = [8883, 8883, "tcp", "ActiveMQ MQTT"]
+    activemq-61614-tcp = [61614, 61614, "tcp", "ActiveMQ STOMP"]
+    activemq-61617-tcp = [61617, 61617, "tcp", "ActiveMQ OpenWire"]
+    activemq-61619-tcp = [61619, 61619, "tcp", "ActiveMQ WebSocket"]
    # Carbon relay
    carbon-line-in-tcp = [2003, 2003, "tcp", "Carbon line-in"]
    carbon-line-in-udp = [2003, 2003, "udp", "Carbon line-in"]
@@ -98,7 +104,7 @@ variable "rules" {
    redshift-tcp = [5439, 5439, "tcp", "Redshift"]
    # Splunk
    splunk-indexer-tcp = [9997, 9997, "tcp", "Splunk indexer"]
-    splunk-web-tcp = [8000, 8000, "tcp", "Splunk Web"]
+    splunk-web-tcp     = [8000, 8000, "tcp", "Splunk Web"]
    splunk-splunkd-tcp = [8089, 8089, "tcp", "Splunkd"]
    splunk-hec-tcp     = [8088, 8088, "tcp", "Splunk HEC"]
    # Squid
@@ -142,6 +148,11 @@ variable "auto_groups" {

  # Valid keys - ingress_rules, egress_rules, ingress_with_self, egress_with_self
  default = {
+    activemq = {
+      ingress_rules     = ["activemq-5671-tcp", "activemq-8883-tcp", "activemq-61614-tcp", "activemq-61617-tcp", "activemq-61619-tcp"]
+      ingress_with_self = ["all-all"]
+      egress_rules      = ["all-all"]
+    }
    carbon-relay-ng = {
      ingress_rules     = ["carbon-line-in-tcp", "carbon-line-in-udp", "carbon-pickle-tcp", "carbon-pickle-udp", "carbon-gui-udp"]
      ingress_with_self = ["all-all"]