Skip to content

T
terraform-aws-security-group
Commit a522d7f9 authored by Paul Pop's avatar Paul Pop Committed by GitHub
Browse files
Options

fix: Add Kafka broker rule for TLS port (#155)

parent 746697bd
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 6 deletions
README.md
View file @ a522d7f9
This diff is collapsed.
modules/kafka/README.md
View file @ a522d7f9
...@@ -28,7 +28,7 @@ No provider. ...@@ -28,7 +28,7 @@ No provider.
| auto\_computed\_ingress\_with\_self | List of maps defining computed ingress rules with self to add automatically | `list(map(string))` | `[]` | no | | auto\_computed\_ingress\_with\_self | List of maps defining computed ingress rules with self to add automatically | `list(map(string))` | `[]` | no |
| auto\_egress\_rules | List of egress rules to add automatically | `list(string)` | <pre>[<br> "all-all"<br>]<br></pre> | no | | auto\_egress\_rules | List of egress rules to add automatically | `list(string)` | <pre>[<br> "all-all"<br>]<br></pre> | no |
| auto\_egress\_with\_self | List of maps defining egress rules with self to add automatically | `list(map(string))` | `[]` | no | | auto\_egress\_with\_self | List of maps defining egress rules with self to add automatically | `list(map(string))` | `[]` | no |
| auto\_ingress\_rules | List of ingress rules to add automatically | `list(string)` | <pre>[<br> "kafka-broker-tcp"<br>]<br></pre> | no | | auto\_ingress\_rules | List of ingress rules to add automatically | `list(string)` | <pre>[<br> "kafka-broker-tcp",<br> "kafka-broker-tls-tcp"<br>]<br></pre> | no |
| auto\_ingress\_with\_self | List of maps defining ingress rules with self to add automatically | `list(map(string))` | <pre>[<br> {<br> "rule": "all-all"<br> }<br>]<br></pre> | no | | auto\_ingress\_with\_self | List of maps defining ingress rules with self to add automatically | `list(map(string))` | <pre>[<br> {<br> "rule": "all-all"<br> }<br>]<br></pre> | no |
| auto\_number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | `number` | `0` | no | | auto\_number\_of\_computed\_egress\_rules | Number of computed egress rules to create by name | `number` | `0` | no |
| auto\_number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | `number` | `0` | no | | auto\_number\_of\_computed\_egress\_with\_self | Number of computed egress rules to create where 'self' is defined | `number` | `0` | no |
......
modules/kafka/auto_values.tf
View file @ a522d7f9
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
variable "auto_ingress_rules" { variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically" description = "List of ingress rules to add automatically"
type = list(string) type = list(string)
default = ["kafka-broker-tcp"] default = ["kafka-broker-tcp", "kafka-broker-tls-tcp"]
} }
variable "auto_ingress_with_self" { variable "auto_ingress_with_self" {
......
rules.tf
View file @ a522d7f9
...@@ -57,7 +57,8 @@ variable "rules" { ...@@ -57,7 +57,8 @@ variable "rules" {
ipsec-500-udp = [500, 500, "udp", "IPSEC ISAKMP"] ipsec-500-udp = [500, 500, "udp", "IPSEC ISAKMP"]
ipsec-4500-udp = [4500, 4500, "udp", "IPSEC NAT-T"] ipsec-4500-udp = [4500, 4500, "udp", "IPSEC NAT-T"]
# Kafka # Kafka
kafka-broker-tcp = [9092, 9092, "tcp", "Kafka broker 0.8.2+"] kafka-broker-tcp = [9092, 9092, "tcp", "Kafka broker 0.8.2+"]
kafka-broker-tls-tcp = [9094, 9094, "tcp", "Kafka TLS enabled broker 0.8.2+"]
# Kubernetes # Kubernetes
kubernetes-api-tcp = [6443, 6443, "tcp", "Kubernetes API Server"] kubernetes-api-tcp = [6443, 6443, "tcp", "Kubernetes API Server"]
# LDAPS # LDAPS
...@@ -218,7 +219,7 @@ variable "auto_groups" { ...@@ -218,7 +219,7 @@ variable "auto_groups" {
egress_rules = ["all-all"] egress_rules = ["all-all"]
} }
kafka = { kafka = {
ingress_rules = ["kafka-broker-tcp"] ingress_rules = ["kafka-broker-tcp", "kafka-broker-tls-tcp"]
ingress_with_self = ["all-all"] ingress_with_self = ["all-all"]
egress_rules = ["all-all"] egress_rules = ["all-all"]
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment