Skip to content

T
terraform-aws-security-group
Commit abb27a84 authored by Anton Babenko's avatar Anton Babenko
Browse files
Options

Fixed #1 - done

parent 08901240
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 4299 additions and 263 deletions
README.md
View file @ abb27a84
...@@ -6,36 +6,28 @@ Terraform module which creates [EC2 security group within VPC](http://docs.aws.a ...@@ -6,36 +6,28 @@ Terraform module which creates [EC2 security group within VPC](http://docs.aws.a
These types of resources are supported: These types of resources are supported:
* [EC2-VPC Security Group](https://www.terraform.io/docs/providers/aws/r/security_group.html) * [EC2-VPC Security Group](https://www.terraform.io/docs/providers/aws/r/security_group.html)
* [EC2-VPC Security Group Rules](https://www.terraform.io/docs/providers/aws/r/security_group_rule.html) * [EC2-VPC Security Group Rule](https://www.terraform.io/docs/providers/aws/r/security_group_rule.html)
Root module creates security group with provided arguments. Features
--------
Modules in [modules directory](modules) has been configured with the list of ingress (inbound) and egress (outbound) ports open for common scenarios (eg, [ssh](modules/ssh), [http](modules/http), [mysql](modules/mysql)). This module aims to implement **ALL** combinations of arguments supported by AWS and latest stable version of Terraform:
* IPv4/IPv6 CIDR blocks
* [VPC endpoint prefix lists](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) (use data source [aws_prefix_list](https://www.terraform.io/docs/providers/aws/d/prefix_list.html))
* Access from source security groups
* Access from self
* Named rules ([see the rules here](rules.tf))
* Named groups of rules with ingress (inbound) and egress (outbound) ports open for common scenarios (eg, [ssh](modules/ssh), [http-80](modules/http-80), [mysql](modules/mysql), see the whole list [here](modules/README.md)).
Code in this module aims to implement **ALL** combinations of arguments (IPV4/IPV6 CIDR blocks, [VPC endpoint prefix lists](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html), source security groups, self), named rules. Ingress and egress rules can be configured in a variety of ways as listed on [the registry documentation](https://registry.terraform.io/modules/terraform-aws-modules/security-group/aws/?tab=inputs).
If there is something missing - [open an issue](https://github.com/terraform-aws-modules/terraform-aws-security-group/issues/new). If there is a missing feature or a bug - [open an issue](https://github.com/terraform-aws-modules/terraform-aws-security-group/issues/new).
Usage Usage
----- -----
There are two ways to create security groups using this module: There are two ways to create security groups using this module:
##### 1. Security group with pre-defined rules ##### 1. Security group with custom rules
```hcl
module "web_server_sg" {
source = "terraform-aws-modules/security-group/aws//modules/http"
name = "web-server"
description = "Security group for web-server with HTTP ports open within VPC"
vpc_id = "vpc-12345678"
ingress_cidr_blocks = ["10.10.0.0/16"]
}
```
##### 2. Security group with custom rules
```hcl ```hcl
module "vote_service_sg" { module "vote_service_sg" {
...@@ -46,33 +38,47 @@ module "vote_service_sg" { ...@@ -46,33 +38,47 @@ module "vote_service_sg" {
vpc_id = "vpc-12345678" vpc_id = "vpc-12345678"
ingress_cidr_blocks = ["10.10.0.0/16"] ingress_cidr_blocks = ["10.10.0.0/16"]
ingress_rules = ["mysql"] ingress_rules = ["https-443-tcp"]
ingress_with_cidr_blocks = [ ingress_with_cidr_blocks = [
{ {
from_port = 8080 from_port = 8080
to_port = 8090 to_port = 8090
protocol = 6 protocol = "tcp"
description = "User-service ports" description = "User-service ports"
cidr_blocks = "10.10.0.0/16" cidr_blocks = "10.10.0.0/16"
}, },
{ {
rule = "postgres" rule = "postgresql-tcp"
cidr_blocks = "0.0.0.0/0" cidr_blocks = "0.0.0.0/0"
}, },
] ]
} }
``` ```
Parameters ##### 2. Security group with pre-defined rules (NOTE: This is not working with any available version of Terraform, but should be possible in 0.11)
----------
```hcl
module "web_server_sg" {
source = "terraform-aws-modules/security-group/aws//modules/http"
name = "web-server"
description = "Security group for web-server with HTTP ports open within VPC"
vpc_id = "vpc-12345678"
Ingress and egress rules can be configured in a variety of ways as listed on [the registry](https://registry.terraform.io/modules/terraform-aws-modules/security-group/aws/?tab=inputs). ingress_cidr_blocks = ["10.10.0.0/16"]
}
```
Examples Examples
-------- --------
* [Complete Security Group example](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/examples/complete) * [Complete Security Group example](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/examples/complete) shows all available parameters to configure security group.
* [HTTP Security Group example](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/examples/http) * [HTTP Security Group example](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/examples/http) shows more applicable security groups for common web-servers.
How to add/update rules/groups?
-------------------------------
Rules and groups are defined in [rules.tf](rules.tf). Run `update_groups.sh` when content of that file has changed to recreate content of all automatic modules.
Authors Authors
------- -------
......
examples/complete/main.tf
View file @ abb27a84
...@@ -39,16 +39,16 @@ module "complete_sg" { ...@@ -39,16 +39,16 @@ module "complete_sg" {
# ingress_prefix_list_ids = ["pl-123456"] # ingress_prefix_list_ids = ["pl-123456"]
# Open for all CIDRs defined in ingress_cidr_blocks # Open for all CIDRs defined in ingress_cidr_blocks
ingress_rules = ["http"] ingress_rules = ["https-443-tcp"]
# Open to CIDRs blocks (rule or from_port+to_port+protocol+description) # Open to CIDRs blocks (rule or from_port+to_port+protocol+description)
ingress_with_cidr_blocks = [ ingress_with_cidr_blocks = [
{ {
rule = "postgres" rule = "postgresql-tcp"
cidr_blocks = "0.0.0.0/0,2.2.2.2/32" cidr_blocks = "0.0.0.0/0,2.2.2.2/32"
ipv6_cidr_blocks = "2001:db8::/60" ipv6_cidr_blocks = "2001:db8::/60"
}, },
{ {
rule = "postgres" rule = "postgresql-tcp"
cidr_blocks = "30.30.30.30/32" cidr_blocks = "30.30.30.30/32"
}, },
{ {
...@@ -62,7 +62,7 @@ module "complete_sg" { ...@@ -62,7 +62,7 @@ module "complete_sg" {
# Open for security group id (rule or from_port+to_port+protocol+description) # Open for security group id (rule or from_port+to_port+protocol+description)
ingress_with_source_security_group_id = [ ingress_with_source_security_group_id = [
{ {
rule = "mysql" rule = "mysql-tcp"
source_security_group_id = "${data.aws_security_group.default.id}" source_security_group_id = "${data.aws_security_group.default.id}"
}, },
{ {
...@@ -101,16 +101,16 @@ module "complete_sg" { ...@@ -101,16 +101,16 @@ module "complete_sg" {
# egress_prefix_list_ids = ["pl-123456"] # egress_prefix_list_ids = ["pl-123456"]
# Open for all CIDRs defined in egress_cidr_blocks # Open for all CIDRs defined in egress_cidr_blocks
egress_rules = ["http"] egress_rules = ["http-80-tcp"]
# Open to CIDRs blocks (rule or from_port+to_port+protocol+description) # Open to CIDRs blocks (rule or from_port+to_port+protocol+description)
egress_with_cidr_blocks = [ egress_with_cidr_blocks = [
{ {
rule = "postgres" rule = "postgresql-tcp"
cidr_blocks = "0.0.0.0/0,2.2.2.2/32" cidr_blocks = "0.0.0.0/0,2.2.2.2/32"
ipv6_cidr_blocks = "2001:db8::/60" ipv6_cidr_blocks = "2001:db8::/60"
}, },
{ {
rule = "postgres" rule = "postgresql-tcp"
cidr_blocks = "30.30.30.30/32" cidr_blocks = "30.30.30.30/32"
}, },
{ {
...@@ -124,7 +124,7 @@ module "complete_sg" { ...@@ -124,7 +124,7 @@ module "complete_sg" {
# Open for security group id (rule or from_port+to_port+protocol+description) # Open for security group id (rule or from_port+to_port+protocol+description)
egress_with_source_security_group_id = [ egress_with_source_security_group_id = [
{ {
rule = "mysql" rule = "mysql-tcp"
source_security_group_id = "${data.aws_security_group.default.id}" source_security_group_id = "${data.aws_security_group.default.id}"
}, },
{ {
...@@ -143,7 +143,7 @@ module "complete_sg" { ...@@ -143,7 +143,7 @@ module "complete_sg" {
{ {
from_port = 30 from_port = 30
to_port = 40 to_port = 40
protocol = 6 protocol = "tcp"
description = "Service name" description = "Service name"
self = true self = true
}, },
......
examples/http/README.md
View file @ abb27a84
Complete Security Group example HTTP Security Group example
=============================== ===========================
Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination. Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination.
......
examples/http/main.tf
View file @ abb27a84
...@@ -22,7 +22,7 @@ data "aws_security_group" "default" { ...@@ -22,7 +22,7 @@ data "aws_security_group" "default" {
# HTTP # HTTP
####### #######
module "http_sg" { module "http_sg" {
source = "../../modules/http" source = "../../modules/http-80"
name = "http-sg" name = "http-sg"
description = "Security group with HTTP ports open for everybody, egress ports are all world open" description = "Security group with HTTP ports open for everybody, egress ports are all world open"
...@@ -33,28 +33,28 @@ module "http_sg" { ...@@ -33,28 +33,28 @@ module "http_sg" {
# HTTP with MySQL #1 # HTTP with MySQL #1
##################### #####################
module "http_mysql_1_sg" { module "http_mysql_1_sg" {
source = "../../modules/http" source = "../../modules/http-80"
name = "http-mysql-1" name = "http-mysql-1"
description = "Security group with HTTP and MySQL ports open for everybody globally" description = "Security group with HTTP and MySQL ports open for everybody globally"
vpc_id = "${data.aws_vpc.default.id}" vpc_id = "${data.aws_vpc.default.id}"
# Add MySQL rules # Add MySQL rules
ingress_rules = ["mysql"] ingress_rules = ["mysql-tcp"]
} }
##################### #####################
# HTTP with MySQL #2 # HTTP with MySQL #2
##################### #####################
module "http_mysql_2_sg" { module "http_mysql_2_sg" {
source = "../../modules/http" source = "../../modules/http-80"
name = "http-mysql-2" name = "http-mysql-2"
description = "Security group with HTTP and MySQL ports open within current VPC" description = "Security group with HTTP and MySQL ports open within current VPC"
vpc_id = "${data.aws_vpc.default.id}" vpc_id = "${data.aws_vpc.default.id}"
# Add mysql rules # Add mysql rules
ingress_rules = ["mysql"] ingress_rules = ["mysql-tcp"]
# Allow ingress rules to be accessed only within current VPC # Allow ingress rules to be accessed only within current VPC
ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"] ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"]
...@@ -65,7 +65,7 @@ module "http_mysql_2_sg" { ...@@ -65,7 +65,7 @@ module "http_mysql_2_sg" {
# HTTP with egress minimal # HTTP with egress minimal
########################### ###########################
module "http_with_egress_minimal_sg" { module "http_with_egress_minimal_sg" {
source = "../../modules/http" source = "../../modules/http-80"
name = "http-with-egress-minimal" name = "http-with-egress-minimal"
description = "Security group with HTTP ports open within current VPC, and allow egress access to HTTP ports to the whole world" description = "Security group with HTTP ports open within current VPC, and allow egress access to HTTP ports to the whole world"
...@@ -75,21 +75,21 @@ module "http_with_egress_minimal_sg" { ...@@ -75,21 +75,21 @@ module "http_with_egress_minimal_sg" {
ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"] ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"]
# Allow all rules for all protocols # Allow all rules for all protocols
egress_rules = ["http"] egress_rules = ["http-80-tcp"]
} }
########################### ###########################
# HTTP with egress limited # HTTP with egress limited
########################### ###########################
module "http_with_egress_sg" { module "http_with_egress_sg" {
source = "../../modules/http" source = "../../modules/http-80"
name = "http-with-egress" name = "http-with-egress"
description = "Security group with HTTP ports open within current VPC, and allow egress access just to small subnet" description = "Security group with HTTP ports open within current VPC, and allow egress access just to small subnet"
vpc_id = "${data.aws_vpc.default.id}" vpc_id = "${data.aws_vpc.default.id}"
# Add mysql rules # Add mysql rules
ingress_rules = ["mysql"] ingress_rules = ["mysql-tcp"]
# Allow ingress rules to be accessed only within current VPC # Allow ingress rules to be accessed only within current VPC
ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"] ingress_cidr_blocks = ["${data.aws_vpc.default.cidr_block}"]
......
modules/README.md
View file @ abb27a84
...@@ -2,5 +2,24 @@ List of Security Groups implemented as Terraform modules ...@@ -2,5 +2,24 @@ List of Security Groups implemented as Terraform modules
======================================================== ========================================================
* [http](http) * [carbon-relay-ng](carbon-relay-ng)
* [cassandra](cassandra)
* [consul](consul)
* [docker-swarm](docker-swarm)
* [elasticsearch](elasticsearch)
* [http-80](http-80)
* [https-443](https-443)
* [kafka](kafka)
* [ldaps](ldaps)
* [memcached](memcached)
* [mssql](mssql)
* [mysql](mysql)
* [nomad](nomad)
* [openvpn](openvpn)
* [postgresql](postgresql)
* [redis](redis)
* [ssh](ssh) * [ssh](ssh)
* [storm](storm)
* [web](web)
* [zipkin](zipkin)
* [zookeeper](zookeeper)
modules/carbon-relay-ng/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["carbon-line-in-tcp", "carbon-line-in-udp", "carbon-pickle-tcp", "carbon-pickle-udp", "carbon-gui-udp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/cassandra/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["cassandra-clients-tcp", "cassandra-thrift-clients-tcp", "cassandra-jmx-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/cassandra/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/cassandra/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/cassandra/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/consul/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["consul-tcp", "consul-webui-tcp", "consul-dns-tcp", "consul-dns-udp", "consul-serf-lan-tcp", "consul-serf-lan-udp", "consul-serf-wan-tcp", "consul-serf-wan-udp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/consul/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/consul/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/consul/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/docker-swarm/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["docker-swarm-mngmt-tcp", "docker-swarm-node-tcp", "docker-swarm-node-udp", "docker-swarm-overlay-udp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/docker-swarm/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/docker-swarm/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/docker-swarm/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/elasticsearch/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["elasticsearch-rest-tcp", "elasticsearch-java-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/elasticsearch/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/elasticsearch/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/elasticsearch/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/http-80/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["http-80-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/http-80/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/http-80/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/http-80/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/https-443/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["https-443-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/https-443/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/https-443/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/https-443/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/kafka/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["kafka-broker-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/kafka/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/kafka/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/kafka/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/http/auto_values.tf modules/ldaps/auto_values.tf
View file @ abb27a84
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
variable "auto_ingress_rules" { variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically" description = "List of ingress rules to add automatically"
type = "list" type = "list"
default = ["http"] default = ["ldaps-tcp"]
} }
variable "auto_ingress_with_self" { variable "auto_ingress_with_self" {
......
modules/ldaps/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/ldaps/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/ldaps/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/memcached/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["memcached-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/memcached/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/memcached/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/memcached/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/mssql/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["mssql-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/mssql/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/mssql/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/mssql/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/mysql/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["mysql-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/mysql/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/mysql/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/mysql/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/nomad/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["nomad-http-tcp", "nomad-rpc-tcp", "nomad-serf-tcp", "nomad-serf-udp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/nomad/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/nomad/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/nomad/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/openvpn/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["openvpn-udp", "openvpn-tcp", "openvpn-443-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/openvpn/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/openvpn/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/openvpn/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/postgresql/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["postgresql-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/postgresql/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/postgresql/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/postgresql/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/redis/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["redis-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/redis/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/redis/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/redis/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/ssh/auto_values.tf
View file @ abb27a84
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
variable "auto_ingress_rules" { variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically" description = "List of ingress rules to add automatically"
type = "list" type = "list"
default = ["http", "ssh"] default = ["ssh-tcp"]
} }
variable "auto_ingress_with_self" { variable "auto_ingress_with_self" {
......
modules/storm/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["storm-nimbus-tcp", "storm-ui-tcp", "storm-supervisor-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/storm/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/storm/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/storm/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/web/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["http-80-tcp", "http-8080-tcp", "https-443-tcp", "web-jmx-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/web/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/web/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/web/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/zipkin/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["zipkin-admin-tcp", "zipkin-admin-query-tcp", "zipkin-admin-web-tcp", "zipkin-query-tcp", "zipkin-web-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/zipkin/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/zipkin/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/zipkin/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
modules/zookeeper/auto_values.tf 0 → 100644
View file @ abb27a84
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################
variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = "list"
default = ["zookeeper-2181-tcp", "zookeeper-2888-tcp", "zookeeper-3888-tcp", "zookeeper-jmx-tcp"]
}
variable "auto_ingress_with_self" {
description = "List of ingress rules with self to add automatically"
type = "list"
default = []
}
variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = "list"
default = ["all-all"]
}
variable "auto_egress_with_self" {
description = "List of egress rules with self to add automatically"
type = "list"
default = []
}
modules/zookeeper/main.tf 0 → 100644
View file @ abb27a84
module "sg" {
source = "../../"
name = "${var.name}"
description = "${var.description}"
vpc_id = "${var.vpc_id}"
tags = "${var.tags}"
##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = ["${sort(distinct(concat(var.auto_ingress_rules, var.ingress_rules)))}"]
# Open for self
ingress_with_self = ["${concat(var.auto_ingress_with_self, var.ingress_with_self)}"]
# Open to cidr_blocks
ingress_with_cidr_blocks = ["${var.ingress_with_cidr_blocks}"]
# Open for security group id
ingress_with_source_security_group_id = ["${var.ingress_with_source_security_group_id}"]
# Default ingress CIDR blocks
ingress_cidr_blocks = ["${var.ingress_cidr_blocks}"]
ingress_ipv6_cidr_blocks = ["${var.ingress_ipv6_cidr_blocks}"]
# Default prefix list ids
ingress_prefix_list_ids = ["${var.ingress_prefix_list_ids}"]
#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = ["${sort(distinct(concat(var.auto_egress_rules, var.egress_rules)))}"]
# Open for self
egress_with_self = ["${concat(var.auto_egress_with_self, var.egress_with_self)}"]
# Open to cidr_blocks
egress_with_cidr_blocks = ["${var.egress_with_cidr_blocks}"]
# Open for security group id
egress_with_source_security_group_id = ["${var.egress_with_source_security_group_id}"]
# Default egress CIDR blocks
egress_cidr_blocks = ["${var.egress_cidr_blocks}"]
egress_ipv6_cidr_blocks = ["${var.egress_ipv6_cidr_blocks}"]
# Default prefix list ids
egress_prefix_list_ids = ["${var.egress_prefix_list_ids}"]
}
modules/zookeeper/outputs.tf 0 → 100644
View file @ abb27a84
output "this_security_group_id" {
description = "The ID of the security group"
value = "${module.sg.this_security_group_id}"
}
output "this_security_group_vpc_id" {
description = "The VPC ID"
value = "${module.sg.this_security_group_vpc_id}"
}
output "this_security_group_owner_id" {
description = "The owner ID"
value = "${module.sg.this_security_group_owner_id}"
}
output "this_security_group_name" {
description = "The name of the security group"
value = "${module.sg.this_security_group_name}"
}
output "this_security_group_description" {
description = "The description of the security group"
value = "${module.sg.this_security_group_description}"
}
output "this_security_group_ingress" {
description = "The ingress rules"
value = "${module.sg.this_security_group_ingress}"
}
output "this_security_group_egress" {
description = "The egress rules"
value = "${module.sg.this_security_group_egress}"
}
modules/zookeeper/variables.tf 0 → 100644
View file @ abb27a84
#################
# Security group
#################
variable "vpc_id" {
description = "ID of VPC to create security group into"
}
variable "name" {
description = "Name of security group"
}
variable "description" {
description = "Description of security group"
default = "Security Group managed by Terraform"
}
variable "tags" {
description = "A mapping of tags to assign to security group"
default = {}
}
##########
# Ingress
##########
variable "ingress_rules" {
description = "List of ingress rules to create by name"
default = []
}
variable "ingress_with_self" {
description = "List of ingress rules to create where 'self' is defined"
default = []
}
variable "ingress_with_cidr_blocks" {
description = "List of ingress rules to create where 'cidr_blocks' is used"
default = []
}
variable "ingress_with_source_security_group_id" {
description = "List of ingress rules to create where 'source_security_group_id' is used"
default = []
}
variable "ingress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all ingress rules"
default = ["0.0.0.0/0"]
}
variable "ingress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all ingress rules"
default = ["::/0"]
}
variable "ingress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all ingress rules"
default = []
}
#########
# Egress
#########
variable "egress_rules" {
description = "List of egress rules to create by name"
default = []
}
variable "egress_with_self" {
description = "List of egress rules to create where 'self' is defined"
default = []
}
variable "egress_with_cidr_blocks" {
description = "List of egress rules to create where 'cidr_blocks' is used"
default = []
}
variable "egress_with_source_security_group_id" {
description = "List of egress rules to create where 'source_security_group_id' is used"
default = []
}
variable "egress_cidr_blocks" {
description = "List of IPv4 CIDR ranges to use on all egress rules"
default = ["0.0.0.0/0"]
}
variable "egress_ipv6_cidr_blocks" {
description = "List of IPv6 CIDR ranges to use on all egress rules"
default = ["::/0"]
}
variable "egress_prefix_list_ids" {
description = "List of prefix list IDs (for allowing access to VPC endpoints) to use on all egress rules"
default = []
}
rules.tf
View file @ abb27a84
This diff is collapsed.
update_groups.sh
View file @ abb27a84
#!/usr/bin/env bash #!/usr/bin/env bash
# @todo: generate content of each public module (eg, "http") from the json list. # This script generates each public module (eg, "http-80", "ssh") and specify rules required for each group.
# This script should be run after rules.tf is changed to refresh all related modules.
# outputs.tf and variables.tf for all group modules are the same for all # outputs.tf and variables.tf for all group modules are the same for all
set -e set -e
...@@ -8,13 +9,6 @@ set -e ...@@ -8,13 +9,6 @@ set -e
# Change location to the directory where this script it located # Change location to the directory where this script it located
cd "$(dirname "${BASH_SOURCE[0]}")" cd "$(dirname "${BASH_SOURCE[0]}")"
# Assert that a given binary is installed
function assert_is_installed {
local readonly name="$1"
}
check_dependencies() { check_dependencies() {
if [[ ! $(command -v json2hcl) ]]; then if [[ ! $(command -v json2hcl) ]]; then
echo "ERROR: The binary 'json2hcl' is required by this script but is not installed or in the system's PATH." echo "ERROR: The binary 'json2hcl' is required by this script but is not installed or in the system's PATH."
...@@ -34,17 +28,17 @@ auto_groups_data() { ...@@ -34,17 +28,17 @@ auto_groups_data() {
} }
auto_groups_keys() { auto_groups_keys() {
local readonly data=$1 local data=$1
echo $data | jq -r ".|keys|@sh" | tr -d "'" echo "$data" | jq -r ".|keys|@sh" | tr -d "'"
} }
get_auto_value() { get_auto_value() {
local readonly data=$1 local data=$1
local readonly group=$2 local group=$2
local readonly var=$3 local var=$3
echo $data | jq -rc '.[$group][0][$var]' --arg group "$group" --arg var "$var" echo "$data" | jq -rc '.[$group][0][$var]' --arg group "$group" --arg var "$var"
} }
set_list_if_null() { set_list_if_null() {
...@@ -128,9 +122,9 @@ variable "auto_egress_with_self" { ...@@ -128,9 +122,9 @@ variable "auto_egress_with_self" {
} }
EOF EOF
local list_of_modules=$(echo "$list_of_modules"; echo "* [$group]($group)") list_of_modules=$(echo "$list_of_modules"; echo "* [$group]($group)")
# terraform fmt -diff=true "modules/$group" terraform fmt "modules/$group"
done done
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment