From 5077407b26d729bd58ffe9a33688516772be2390 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Tue, 8 Oct 2019 22:03:16 +0100 Subject: [PATCH 01/37] Added new code for sg cidr block --- security-groups.tf | 24 ++++++++++++++++++++++++ variables.tf | 20 ++++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 security-groups.tf create mode 100644 variables.tf diff --git a/security-groups.tf b/security-groups.tf new file mode 100644 index 0000000..ce85f52 --- /dev/null +++ b/security-groups.tf @@ -0,0 +1,24 @@ +resource "aws_security_group" "security_group" { + name_prefix = var.sg_name_prefix + description = var.sg_description + vpc_id = var.sg_vpc_id + + dynamic "ingress" { + for_each = var.sg_ingress_rules + content { + from_port = sg_ingress_rules.value["from_port"] + to_port = sg_ingress_rules.value["to_port"] + protocol = sg_ingress_rules.value["protocol"] + cidr_blocks = sg_ingress_rules.value["cidr_blocks"] + } + } + + egress { + from_port = 0 + to_port = 0 + protocol = -1 + cidr_blocks = ["0.0.0.0/0"] + } + + tags = merge(var.common_tags, map( "Name", "terraform-demo-security-group", )) +} \ No newline at end of file diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..5278706 --- /dev/null +++ b/variables.tf @@ -0,0 +1,20 @@ +variable "sg_name_prefix" { + description = "Creates a unique name beginning with the specified prefix." +} + +variable "sg_description" { + description = "The security group description. Defaults to Managed by Terraform." +} + +variable "sg_vpc_id" { + description = "The VPC ID." +} + +variable "common_tags" { + description = "A mapping of tags to assign to the resource." +} + +variable "sg_ingress_rules" { + description = "" + type = list(map(string)) +} \ No newline at end of file From 7dab6d36905e2854c0993283612020760f8ba53b Mon Sep 17 00:00:00 2001 From: nitin-das Date: Tue, 8 Oct 2019 22:05:20 +0100 Subject: [PATCH 02/37] Added new code for sg cidr block --- output.tf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 output.tf diff --git a/output.tf b/output.tf new file mode 100644 index 0000000..ab530c9 --- /dev/null +++ b/output.tf @@ -0,0 +1,3 @@ +output "security_group_id" { + value = aws_security_group.securoty_group.id +} \ No newline at end of file From 3a41af20fa0c898bb3f93117c96f6b1eb0ef3d8e Mon Sep 17 00:00:00 2001 From: nitin-das Date: Tue, 8 Oct 2019 22:14:12 +0100 Subject: [PATCH 03/37] Added new code for sg cidr block --- security-groups.tf | 1 + variables.tf | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index ce85f52..23c6e4a 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -10,6 +10,7 @@ resource "aws_security_group" "security_group" { to_port = sg_ingress_rules.value["to_port"] protocol = sg_ingress_rules.value["protocol"] cidr_blocks = sg_ingress_rules.value["cidr_blocks"] + description = sg_ingress_rules.value["description"] } } diff --git a/variables.tf b/variables.tf index 5278706..62d5879 100644 --- a/variables.tf +++ b/variables.tf @@ -15,6 +15,6 @@ variable "common_tags" { } variable "sg_ingress_rules" { - description = "" - type = list(map(string)) + description = "Ingress rules for security group" + type = list(map(string)) } \ No newline at end of file From 6e4ddbba9a6c24a515e4c5133c5afb0786e06c7e Mon Sep 17 00:00:00 2001 From: nitin-das Date: Wed, 9 Oct 2019 18:10:47 +0100 Subject: [PATCH 04/37] Modified output --- output.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/output.tf b/output.tf index ab530c9..521b130 100644 --- a/output.tf +++ b/output.tf @@ -1,3 +1,3 @@ output "security_group_id" { - value = aws_security_group.securoty_group.id + value = aws_security_group.security_group.id } \ No newline at end of file From edfea3f067449ee6679c58fc1e8b31769235b03a Mon Sep 17 00:00:00 2001 From: nitin-das Date: Wed, 9 Oct 2019 19:09:16 +0100 Subject: [PATCH 05/37] Modified output --- security-groups.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 23c6e4a..acdc011 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -6,11 +6,11 @@ resource "aws_security_group" "security_group" { dynamic "ingress" { for_each = var.sg_ingress_rules content { - from_port = sg_ingress_rules.value["from_port"] - to_port = sg_ingress_rules.value["to_port"] - protocol = sg_ingress_rules.value["protocol"] - cidr_blocks = sg_ingress_rules.value["cidr_blocks"] - description = sg_ingress_rules.value["description"] + from_port = ingress.value["from_port"] + to_port = ingress.value["to_port"] + protocol = ingress.value["protocol"] + cidr_blocks = ingress.value["cidr_blocks"] + description = ingress.value["description"] } } From efa5e46919eea4cab8c3da80db3b0e31ad20634d Mon Sep 17 00:00:00 2001 From: nitin-das Date: Wed, 9 Oct 2019 19:12:20 +0100 Subject: [PATCH 06/37] Modified output --- security-groups.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security-groups.tf b/security-groups.tf index acdc011..5a85703 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -9,7 +9,7 @@ resource "aws_security_group" "security_group" { from_port = ingress.value["from_port"] to_port = ingress.value["to_port"] protocol = ingress.value["protocol"] - cidr_blocks = ingress.value["cidr_blocks"] + cidr_blocks = [ingress.value["cidr_blocks"]] description = ingress.value["description"] } } From c7558e3d2951d0835541d1787f0407b24fe9de0c Mon Sep 17 00:00:00 2001 From: nitin-das Date: Wed, 9 Oct 2019 19:15:16 +0100 Subject: [PATCH 07/37] Modified output --- security-groups.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/security-groups.tf b/security-groups.tf index 5a85703..1d9540b 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -2,6 +2,7 @@ resource "aws_security_group" "security_group" { name_prefix = var.sg_name_prefix description = var.sg_description vpc_id = var.sg_vpc_id + revoke_rules_on_delete = true dynamic "ingress" { for_each = var.sg_ingress_rules From 1dc9970964503e3919baaf4f9441bfaeb5bfcfc2 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Tue, 12 Nov 2019 20:50:45 +0000 Subject: [PATCH 08/37] Modified code --- README.md | 115 ++++++++++++++++++++++++++++++++++++++++++++- security-groups.tf | 8 ++-- 2 files changed, 117 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 855db44..cb3d505 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,113 @@ -# terraform-module-aws-security-group -Terraform module for AWS Security Group +# Terraform Module Name: terraform-module-aws-security-group + + +## General + +This module may be used to create security group resources in AWS cloud provider.. + +--- + + +## Prerequisites + +This module needs Terraform 0.11.10 or newer. +You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html). + +This module deploys aws services details are in respective feature branches. + +--- + +## Features Branches + +Below we are able to check the resources that are being created as part of this module call: + +From branch : *terrform-12* + +- *Security Group (Terraform 12 supported code)* + + + +--- + +## Below are the resources that are launched by this module + +- *Security Group* + + +--- + +## Usage + +## Using this repo + +To use this module, add the following call to your code: + +```tf +module "-s3-" { + source = "git::https://github.com/nitinda/terraform-module-aws-security-group.git?ref=master" + + +} +``` +--- + +## Inputs + +The variables required in order for the module to be successfully called from the deployment repository are the following: + + +| Variable | Description | Type | +|-------------------------------|---------------------------------------------|-----------------| +| name_prefix | Name prefix | string | +| description | description | string | +| vpc_id | VPC ID | String | +| common_tags | Tag | map | +| revoke_rules_on_delete | Instruct Terraform to revoke | string | +| ingress | Ingress Rules | list of maps | +| egress | Egress Rules | list of maps | + + + + + +## Outputs + +- *id* +- *arn* +- *name* + + + + +### Usage +In order for the variables to be accessed on module level please use the syntax below: + +```tf +module.. +``` + +If an output variable needs to be exposed on root level in order to be accessed through terraform state file follow the steps below: + +- Include the syntax above in the network layer output terraform file. +- Add the code snippet below to the variables/global_variables file. + +```tf +data "terraform_remote_state" "" { + backend = "s3" + + config { + bucket = (i.e. "s3-webstack-terraform-state") + key = (i.e. "env:/${terraform.workspace}/4_Networking/terraform.tfstate") + region = (i.e. "eu-central-1") + } +} +``` + +- The output variable is able to be accessed through terraform state file using the syntax below: + +```tf +"${data.terraform_remote_state..}" +``` + +## Authors +Module maintained by Module maintained by the - Nitin Das \ No newline at end of file diff --git a/security-groups.tf b/security-groups.tf index 1d9540b..811a1ea 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -1,8 +1,8 @@ resource "aws_security_group" "security_group" { - name_prefix = var.sg_name_prefix - description = var.sg_description - vpc_id = var.sg_vpc_id - revoke_rules_on_delete = true + name_prefix = var.name_prefix + name_prefix = var.name_prefix + vpc_id = var.vpc_id + revoke_rules_on_delete = var.revoke_rules_on_delete dynamic "ingress" { for_each = var.sg_ingress_rules From 4f52c5d380c44f62e396ec6e142f6521ba82ccbb Mon Sep 17 00:00:00 2001 From: nitin-das Date: Tue, 12 Nov 2019 20:54:29 +0000 Subject: [PATCH 09/37] Modified code --- output.tf | 10 +++++++++- security-groups.tf | 2 +- variables.tf | 8 ++++---- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/output.tf b/output.tf index 521b130..b45023c 100644 --- a/output.tf +++ b/output.tf @@ -1,3 +1,11 @@ -output "security_group_id" { +output "id" { value = aws_security_group.security_group.id +} + +output "arn" { + value = aws_security_group.security_group.arn +} + +output "name" { + value = aws_security_group.security_group.name } \ No newline at end of file diff --git a/security-groups.tf b/security-groups.tf index 811a1ea..8801718 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -5,7 +5,7 @@ resource "aws_security_group" "security_group" { revoke_rules_on_delete = var.revoke_rules_on_delete dynamic "ingress" { - for_each = var.sg_ingress_rules + for_each = var.ingress_rules content { from_port = ingress.value["from_port"] to_port = ingress.value["to_port"] diff --git a/variables.tf b/variables.tf index 62d5879..5de89a6 100644 --- a/variables.tf +++ b/variables.tf @@ -1,12 +1,12 @@ -variable "sg_name_prefix" { +variable "name_prefix" { description = "Creates a unique name beginning with the specified prefix." } -variable "sg_description" { +variable "description" { description = "The security group description. Defaults to Managed by Terraform." } -variable "sg_vpc_id" { +variable "vpc_id" { description = "The VPC ID." } @@ -14,7 +14,7 @@ variable "common_tags" { description = "A mapping of tags to assign to the resource." } -variable "sg_ingress_rules" { +variable "ingress_rules" { description = "Ingress rules for security group" type = list(map(string)) } \ No newline at end of file From 6ef7c46e064a44602eb3a47a8f11a525a2849e52 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:11:34 +0000 Subject: [PATCH 10/37] Added new code --- README.md | 24 ++++++++++++------------ security-groups.tf | 43 +++++++++++++++++++++++++------------------ variables.tf | 6 ++++++ 3 files changed, 43 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index cb3d505..d6187dc 100644 --- a/README.md +++ b/README.md @@ -3,14 +3,14 @@ ## General -This module may be used to create security group resources in AWS cloud provider.. +This module may be used to create Security Group resources in AWS cloud provider.. --- ## Prerequisites -This module needs Terraform 0.11.10 or newer. +This module needs Terraform 0.12.16 or newer. You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html). This module deploys aws services details are in respective feature branches. @@ -21,9 +21,9 @@ This module deploys aws services details are in respective feature branches. Below we are able to check the resources that are being created as part of this module call: -From branch : *terrform-12* +From branch : **_terrform-12/master_** -- *Security Group (Terraform 12 supported code)* +- **_Security Group (Terraform 12 supported code)_** @@ -31,7 +31,7 @@ From branch : *terrform-12* ## Below are the resources that are launched by this module -- *Security Group* +- **_Security Group_** --- @@ -43,8 +43,8 @@ From branch : *terrform-12* To use this module, add the following call to your code: ```tf -module "-s3-" { - source = "git::https://github.com/nitinda/terraform-module-aws-security-group.git?ref=master" +module "-security-group-" { + source = "git::https://github.com/nitinda/terraform-module-aws-security-group.git?ref=terraform-12/master" } @@ -56,7 +56,7 @@ module "-s3-" { The variables required in order for the module to be successfully called from the deployment repository are the following: -| Variable | Description | Type | +| **_Variable_** | **_Description_** | **_Type_** | |-------------------------------|---------------------------------------------|-----------------| | name_prefix | Name prefix | string | | description | description | string | @@ -72,9 +72,9 @@ The variables required in order for the module to be successfully called from th ## Outputs -- *id* -- *arn* -- *name* +- **_id_** +- **_arn_** +- **_name_** @@ -110,4 +110,4 @@ data "terraform_remote_state" "" { ``` ## Authors -Module maintained by Module maintained by the - Nitin Das \ No newline at end of file +Module maintained by Module maintained by the - **_Nitin Das_** \ No newline at end of file diff --git a/security-groups.tf b/security-groups.tf index 8801718..b851869 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -1,26 +1,33 @@ resource "aws_security_group" "security_group" { name_prefix = var.name_prefix - name_prefix = var.name_prefix + description = var.description vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - dynamic "ingress" { - for_each = var.ingress_rules - content { - from_port = ingress.value["from_port"] - to_port = ingress.value["to_port"] - protocol = ingress.value["protocol"] - cidr_blocks = [ingress.value["cidr_blocks"]] - description = ingress.value["description"] - } - } + // dynamic "ingress" { + // for_each = var.ingress_rules + // content { + // from_port = ingress.value["from_port"] + // to_port = ingress.value["to_port"] + // protocol = ingress.value["protocol"] + // cidr_blocks = [ingress.value["cidr_blocks"]] + // description = ingress.value["description"] + // } + // } - egress { - from_port = 0 - to_port = 0 - protocol = -1 - cidr_blocks = ["0.0.0.0/0"] - } + ingress = var.ingress_rules + egress = var.egress_rules - tags = merge(var.common_tags, map( "Name", "terraform-demo-security-group", )) + // egress { + // from_port = 0 + // to_port = 0 + // protocol = -1 + // cidr_blocks = ["0.0.0.0/0"] + // } + + tags = var.common_tags + + lifecycle { + create_before_destroy = true + } } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 5de89a6..60e0acd 100644 --- a/variables.tf +++ b/variables.tf @@ -12,9 +12,15 @@ variable "vpc_id" { variable "common_tags" { description = "A mapping of tags to assign to the resource." + type = map(string) } variable "ingress_rules" { description = "Ingress rules for security group" type = list(map(string)) +} + +variable "egress_rules" { + description = "Egress rules for security group" + type = list(map(string)) } \ No newline at end of file From 4f6c255cd475e724a30f49e88a92cc0b59bd64db Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:13:57 +0000 Subject: [PATCH 11/37] Added new code --- variables.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/variables.tf b/variables.tf index 60e0acd..770620a 100644 --- a/variables.tf +++ b/variables.tf @@ -6,6 +6,10 @@ variable "description" { description = "The security group description. Defaults to Managed by Terraform." } +variable "revoke_rules_on_delete" { + description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself." +} + variable "vpc_id" { description = "The VPC ID." } From 7acd1f24796fb80b7521c2b16bc288084d26033e Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:19:26 +0000 Subject: [PATCH 12/37] Added new code --- variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/variables.tf b/variables.tf index 770620a..ff1a255 100644 --- a/variables.tf +++ b/variables.tf @@ -21,10 +21,10 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" - type = list(map(string)) + type = list(map) } variable "egress_rules" { description = "Egress rules for security group" - type = list(map(string)) + type = list(map) } \ No newline at end of file From 1976b86c69303aa84e64d80f18c6be69de12dcdb Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:24:33 +0000 Subject: [PATCH 13/37] Added new code --- variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/variables.tf b/variables.tf index ff1a255..c4d4d67 100644 --- a/variables.tf +++ b/variables.tf @@ -21,10 +21,10 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" - type = list(map) + type = list(map(object)) } variable "egress_rules" { description = "Egress rules for security group" - type = list(map) + type = list(map(object)) } \ No newline at end of file From 101a61a679f8ce79b848bac6ce2f399fcdcb10c2 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:34:50 +0000 Subject: [PATCH 14/37] Added new code --- security-groups.tf | 36 +++++++++++++++++------------------- variables.tf | 10 +++++----- 2 files changed, 22 insertions(+), 24 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index b851869..33ecaff 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -4,26 +4,24 @@ resource "aws_security_group" "security_group" { vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - // dynamic "ingress" { - // for_each = var.ingress_rules - // content { - // from_port = ingress.value["from_port"] - // to_port = ingress.value["to_port"] - // protocol = ingress.value["protocol"] - // cidr_blocks = [ingress.value["cidr_blocks"]] - // description = ingress.value["description"] - // } - // } - - ingress = var.ingress_rules - egress = var.egress_rules + dynamic "ingress" { + for_each = var.ingress_rules + content { + from_port = ingress.value["from_port"] + to_port = ingress.value["to_port"] + protocol = ingress.value["protocol"] + cidr_blocks = [ingress.value["cidr_blocks"]] + description = ingress.value["description"] + self = ingress.value["self"] + } + } - // egress { - // from_port = 0 - // to_port = 0 - // protocol = -1 - // cidr_blocks = ["0.0.0.0/0"] - // } + egress { + from_port = 0 + to_port = 0 + protocol = -1 + cidr_blocks = ["0.0.0.0/0"] + } tags = var.common_tags diff --git a/variables.tf b/variables.tf index c4d4d67..ff91350 100644 --- a/variables.tf +++ b/variables.tf @@ -21,10 +21,10 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" - type = list(map(object)) + type = list(map(string)) } -variable "egress_rules" { - description = "Egress rules for security group" - type = list(map(object)) -} \ No newline at end of file +// variable "egress_rules" { +// description = "Egress rules for security group" +// type = list(map(string)) +// } \ No newline at end of file From 6deacbf7ab870c4811587bc54a8ee9f5169e391f Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:45:07 +0000 Subject: [PATCH 15/37] Added new code --- security-groups.tf | 30 +++++++++++++++++++----------- variables.tf | 8 ++++---- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 33ecaff..187bdc3 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -7,20 +7,28 @@ resource "aws_security_group" "security_group" { dynamic "ingress" { for_each = var.ingress_rules content { - from_port = ingress.value["from_port"] - to_port = ingress.value["to_port"] - protocol = ingress.value["protocol"] - cidr_blocks = [ingress.value["cidr_blocks"]] - description = ingress.value["description"] - self = ingress.value["self"] + from_port = ingress.value["from_port"] + to_port = ingress.value["to_port"] + protocol = ingress.value["protocol"] + cidr_block = [ingress.value["cidr_blocks"]] + description = ingress.value["description"] + self = ingress.value["self"] + security_groups = [ingress.value["security_groups"]] } } - egress { - from_port = 0 - to_port = 0 - protocol = -1 - cidr_blocks = ["0.0.0.0/0"] + dynamic "egress" { + for_each = var.egress_rules + content { + from_port = egress.value["from_port"] + to_port = egress.value["to_port"] + protocol = egress.value["protocol"] + cidr_blocks = [egress.value["cidr_blocks"]] + description = egress.value["description"] + self = egress.value["self"] + self = egress.value["self"] + security_groups = [egress.value["security_groups"]] + } } tags = var.common_tags diff --git a/variables.tf b/variables.tf index ff91350..770620a 100644 --- a/variables.tf +++ b/variables.tf @@ -24,7 +24,7 @@ variable "ingress_rules" { type = list(map(string)) } -// variable "egress_rules" { -// description = "Egress rules for security group" -// type = list(map(string)) -// } \ No newline at end of file +variable "egress_rules" { + description = "Egress rules for security group" + type = list(map(string)) +} \ No newline at end of file From ae6ccc780714c103593db6e1d5339541dce422a5 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:45:47 +0000 Subject: [PATCH 16/37] Added new code --- security-groups.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/security-groups.tf b/security-groups.tf index 187bdc3..d836d85 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -26,7 +26,6 @@ resource "aws_security_group" "security_group" { cidr_blocks = [egress.value["cidr_blocks"]] description = egress.value["description"] self = egress.value["self"] - self = egress.value["self"] security_groups = [egress.value["security_groups"]] } } From 13def020877e2a3607b07376b81fc17eb2e26c49 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:47:12 +0000 Subject: [PATCH 17/37] Added new code --- security-groups.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/security-groups.tf b/security-groups.tf index d836d85..4f875fd 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -25,7 +25,6 @@ resource "aws_security_group" "security_group" { protocol = egress.value["protocol"] cidr_blocks = [egress.value["cidr_blocks"]] description = egress.value["description"] - self = egress.value["self"] security_groups = [egress.value["security_groups"]] } } From bdcaa67e4da59a32b5df0173b08e98ae61a24cc7 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:48:39 +0000 Subject: [PATCH 18/37] Added new code --- security-groups.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security-groups.tf b/security-groups.tf index 4f875fd..c5f38dc 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -10,7 +10,7 @@ resource "aws_security_group" "security_group" { from_port = ingress.value["from_port"] to_port = ingress.value["to_port"] protocol = ingress.value["protocol"] - cidr_block = [ingress.value["cidr_blocks"]] + cidr_blocks = [ingress.value["cidr_blocks"]] description = ingress.value["description"] self = ingress.value["self"] security_groups = [ingress.value["security_groups"]] From 961cec92cf6e2ed88f1b4e215438d77e20e82af5 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:50:19 +0000 Subject: [PATCH 19/37] Added new code --- security-groups.tf | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index c5f38dc..36ee697 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -17,17 +17,17 @@ resource "aws_security_group" "security_group" { } } - dynamic "egress" { - for_each = var.egress_rules - content { - from_port = egress.value["from_port"] - to_port = egress.value["to_port"] - protocol = egress.value["protocol"] - cidr_blocks = [egress.value["cidr_blocks"]] - description = egress.value["description"] - security_groups = [egress.value["security_groups"]] - } - } + // dynamic "egress" { + // for_each = var.egress_rules + // content { + // from_port = egress.value["from_port"] + // to_port = egress.value["to_port"] + // protocol = egress.value["protocol"] + // cidr_blocks = [egress.value["cidr_blocks"]] + // description = egress.value["description"] + // security_groups = [egress.value["security_groups"]] + // } + // } tags = var.common_tags From 29d98b0067df676e21a32aa457a2616130ca1099 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 14:53:48 +0000 Subject: [PATCH 20/37] Added new code --- security-groups.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security-groups.tf b/security-groups.tf index 36ee697..8b59dcf 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -13,7 +13,7 @@ resource "aws_security_group" "security_group" { cidr_blocks = [ingress.value["cidr_blocks"]] description = ingress.value["description"] self = ingress.value["self"] - security_groups = [ingress.value["security_groups"]] + security_groups = [split(",",ingress.value["security_groups"])] } } From 5cb1f220088bc81b2aca6239690b0d2f42ab4004 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 15:14:04 +0000 Subject: [PATCH 21/37] Added new code --- security-groups.tf | 26 ++++++++++++++------------ variables.tf | 12 +++++++++++- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 8b59dcf..a0975d8 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -4,19 +4,21 @@ resource "aws_security_group" "security_group" { vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - dynamic "ingress" { - for_each = var.ingress_rules - content { - from_port = ingress.value["from_port"] - to_port = ingress.value["to_port"] - protocol = ingress.value["protocol"] - cidr_blocks = [ingress.value["cidr_blocks"]] - description = ingress.value["description"] - self = ingress.value["self"] - security_groups = [split(",",ingress.value["security_groups"])] - } - } + // dynamic "ingress" { + // for_each = var.ingress_rules + // content { + // from_port = ingress.value["from_port"] + // to_port = ingress.value["to_port"] + // protocol = ingress.value["protocol"] + // cidr_blocks = [ingress.value["cidr_blocks"]] + // description = ingress.value["description"] + // self = ingress.value["self"] + // // security_groups = [split(",",ingress.value["security_groups"])] + // } + // } + ingress = var.ingress_rules + // dynamic "egress" { // for_each = var.egress_rules // content { diff --git a/variables.tf b/variables.tf index 770620a..85f2a79 100644 --- a/variables.tf +++ b/variables.tf @@ -21,9 +21,19 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" - type = list(map(string)) + type = list(object({ + from_port = string + to_port = number + protocol = string + cidr_blocks = list(string) + description = string + self = bool + security_groups = list(string) + })) } + + variable "egress_rules" { description = "Egress rules for security group" type = list(map(string)) From 8a6e8300cffde376bb32b7c914fb1d03c0112834 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 15:16:39 +0000 Subject: [PATCH 22/37] Added new code --- variables.tf | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/variables.tf b/variables.tf index 85f2a79..04d5af3 100644 --- a/variables.tf +++ b/variables.tf @@ -22,13 +22,15 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" type = list(object({ - from_port = string - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - self = bool - security_groups = list(string) + from_port = string + to_port = number + protocol = string + cidr_blocks = list(string) + description = string + self = bool + security_groups = list(string) + ipv6_cidr_blocks = list(string) + prefix_list_ids = list(string) })) } From e3813c9cd7248270743b386f2a573766731b157b Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 23:48:26 +0000 Subject: [PATCH 23/37] Added new code --- README.md | 51 ++++++++++++++++++++++++++++++++++++++++++++-- security-groups.tf | 32 +++-------------------------- 2 files changed, 52 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index d6187dc..befcd16 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,53 @@ To use this module, add the following call to your code: module "-security-group-" { source = "git::https://github.com/nitinda/terraform-module-aws-security-group.git?ref=terraform-12/master" + providers = { + aws = aws.services + } + + # Tags + common_tags = merge( + var.common_tags, + { + "Name" = "service-sg" + "ManagedBy" = "Terraform" + }, + ) + + # Security Groups + name_prefix = "service-sg-" + description = "Code Build EC2 Instance security group that allows traffic from whitelisted ips" + vpc_id = var.vpc_id + revoke_rules_on_delete = true + ingress_rules = [ + { + from_port = 22 + to_port = 22 + protocol = "tcp" + description = "Ingress rule that allows traffic from subnets" + cidr_blocks = [ var.vpc_cidr ] + self = false + security_groups = [] + ipv6_cidr_blocks = [] + prefix_list_ids = [] + } + ] + egress_rules = [ + { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + description = "The egress rule allows all ports" + security_groups = "" + self = false + security_groups = [] + ipv6_cidr_blocks = [] + prefix_list_ids = [] + }, + ] +} + } ``` @@ -63,8 +110,8 @@ The variables required in order for the module to be successfully called from th | vpc_id | VPC ID | String | | common_tags | Tag | map | | revoke_rules_on_delete | Instruct Terraform to revoke | string | -| ingress | Ingress Rules | list of maps | -| egress | Egress Rules | list of maps | +| ingress_rules | Ingress Rules | list of maps | +| egress_rules | Egress Rules | list of maps | diff --git a/security-groups.tf b/security-groups.tf index a0975d8..bb12780 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -3,35 +3,9 @@ resource "aws_security_group" "security_group" { description = var.description vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - - // dynamic "ingress" { - // for_each = var.ingress_rules - // content { - // from_port = ingress.value["from_port"] - // to_port = ingress.value["to_port"] - // protocol = ingress.value["protocol"] - // cidr_blocks = [ingress.value["cidr_blocks"]] - // description = ingress.value["description"] - // self = ingress.value["self"] - // // security_groups = [split(",",ingress.value["security_groups"])] - // } - // } - - ingress = var.ingress_rules - - // dynamic "egress" { - // for_each = var.egress_rules - // content { - // from_port = egress.value["from_port"] - // to_port = egress.value["to_port"] - // protocol = egress.value["protocol"] - // cidr_blocks = [egress.value["cidr_blocks"]] - // description = egress.value["description"] - // security_groups = [egress.value["security_groups"]] - // } - // } - - tags = var.common_tags + ingress = var.ingress_rules + egress = var.egress_rules + tags = var.common_tags lifecycle { create_before_destroy = true From c2a823be6dcceb42ef7f5911ff81d707f7c88a3e Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 23:50:03 +0000 Subject: [PATCH 24/37] Added new code --- variables.tf | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index 04d5af3..f381485 100644 --- a/variables.tf +++ b/variables.tf @@ -38,5 +38,15 @@ variable "ingress_rules" { variable "egress_rules" { description = "Egress rules for security group" - type = list(map(string)) + type = list(object({ + from_port = string + to_port = number + protocol = string + cidr_blocks = list(string) + description = string + self = bool + security_groups = list(string) + ipv6_cidr_blocks = list(string) + prefix_list_ids = list(string) + })) } \ No newline at end of file From 4e87586fe37e0ee6780b26d5f7d50e21483a328f Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 23:51:52 +0000 Subject: [PATCH 25/37] Added new code --- variables.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/variables.tf b/variables.tf index f381485..41a9cf7 100644 --- a/variables.tf +++ b/variables.tf @@ -34,8 +34,6 @@ variable "ingress_rules" { })) } - - variable "egress_rules" { description = "Egress rules for security group" type = list(object({ From 9ad805f72f03c495606fbc220878b72b48c0d9df Mon Sep 17 00:00:00 2001 From: nitin-das Date: Sat, 30 Nov 2019 23:52:39 +0000 Subject: [PATCH 26/37] Added new code --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index befcd16..26578fc 100644 --- a/README.md +++ b/README.md @@ -108,10 +108,10 @@ The variables required in order for the module to be successfully called from th | name_prefix | Name prefix | string | | description | description | string | | vpc_id | VPC ID | String | -| common_tags | Tag | map | +| common_tags | Tag | map(string) | | revoke_rules_on_delete | Instruct Terraform to revoke | string | -| ingress_rules | Ingress Rules | list of maps | -| egress_rules | Egress Rules | list of maps | +| ingress_rules | Ingress Rules | list(object) | +| egress_rules | Egress Rules | list(object) | From 8a32db066e2e5e3d1e866bc4c43468db095292cd Mon Sep 17 00:00:00 2001 From: nitin-das Date: Mon, 16 Dec 2019 17:32:20 +0000 Subject: [PATCH 27/37] Modified code --- security-groups.tf | 32 ++++++++++++++++++++++++++++++-- variables.tf | 24 ++---------------------- 2 files changed, 32 insertions(+), 24 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index bb12780..0b21255 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -3,11 +3,39 @@ resource "aws_security_group" "security_group" { description = var.description vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - ingress = var.ingress_rules - egress = var.egress_rules tags = var.common_tags lifecycle { create_before_destroy = true } + + dynamic "ingress" { + for_each = length(var.ingress_rules) == 0 ? [] : var.ingress_rules + content { + from_port = lookup(ingress.value, "from_port", null) + to_port = lookup(ingress.value, "to_port", null) + protocol = lookup(ingress.value, "protocol", null) + cidr_blocks = lookup(ingress.value, "cidr_blocks", []) + description = lookup(ingress.value, "description", null) + self = lookup(ingress.value, "self", false) + security_groups = lookup(ingress.value, "security_groups", []) + ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", []) + prefix_list_ids = lookup(ingress.value, "prefix_list_ids", []) + } + } + + dynamic "egress" { + for_each = length(var.egress_rules) == 0 ? [] : var.egress_rules + content { + from_port = lookup(egress.value, "from_port", null) + to_port = lookup(egress.value, "to_port", null) + protocol = lookup(egress.value, "protocol", null) + cidr_blocks = lookup(egress.value, "cidr_blocks", []) + description = lookup(egress.value, "description", null) + self = lookup(egress.value, "self", false) + security_groups = lookup(egress.value, "security_groups", []) + ipv6_cidr_blocks = lookup(egress.value, "ipv6_cidr_blocks", []) + prefix_list_ids = lookup(egress.value, "prefix_list_ids", []) + } + } } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 41a9cf7..b1c8821 100644 --- a/variables.tf +++ b/variables.tf @@ -21,30 +21,10 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" - type = list(object({ - from_port = string - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - self = bool - security_groups = list(string) - ipv6_cidr_blocks = list(string) - prefix_list_ids = list(string) - })) + type = any } variable "egress_rules" { description = "Egress rules for security group" - type = list(object({ - from_port = string - to_port = number - protocol = string - cidr_blocks = list(string) - description = string - self = bool - security_groups = list(string) - ipv6_cidr_blocks = list(string) - prefix_list_ids = list(string) - })) + type = any } \ No newline at end of file From 9b8d0628eae47d275ff1679b82c218b076c084fa Mon Sep 17 00:00:00 2001 From: nitin-das Date: Mon, 16 Dec 2019 17:34:17 +0000 Subject: [PATCH 28/37] Modified code --- README.md | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 26578fc..948fc75 100644 --- a/README.md +++ b/README.md @@ -3,14 +3,14 @@ ## General -This module may be used to create Security Group resources in AWS cloud provider.. +This module may be used to create **_Security Group_** resources in AWS cloud provider.. --- ## Prerequisites -This module needs Terraform 0.12.16 or newer. +This module needs **_Terraform 0.12.16_** or newer. You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html). This module deploys aws services details are in respective feature branches. @@ -71,10 +71,6 @@ module "-security-group-" { protocol = "tcp" description = "Ingress rule that allows traffic from subnets" cidr_blocks = [ var.vpc_cidr ] - self = false - security_groups = [] - ipv6_cidr_blocks = [] - prefix_list_ids = [] } ] egress_rules = [ @@ -84,12 +80,7 @@ module "-security-group-" { protocol = "-1" cidr_blocks = ["0.0.0.0/0"] description = "The egress rule allows all ports" - security_groups = "" - self = false - security_groups = [] - ipv6_cidr_blocks = [] - prefix_list_ids = [] - }, + } ] } @@ -103,15 +94,15 @@ module "-security-group-" { The variables required in order for the module to be successfully called from the deployment repository are the following: -| **_Variable_** | **_Description_** | **_Type_** | +| **_Variable_** | **_Description_** | **_Type_** | |-------------------------------|---------------------------------------------|-----------------| | name_prefix | Name prefix | string | | description | description | string | | vpc_id | VPC ID | String | | common_tags | Tag | map(string) | | revoke_rules_on_delete | Instruct Terraform to revoke | string | -| ingress_rules | Ingress Rules | list(object) | -| egress_rules | Egress Rules | list(object) | +| ingress_rules | Ingress Rules | any | +| egress_rules | Egress Rules | any | From 4eacf41b01d6e2c165489440e5562bc4b868d7ff Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:44:43 +0000 Subject: [PATCH 29/37] Modified Code --- README.md | 26 +++++++++++--------------- security-groups.tf | 2 +- variables.tf | 6 +++++- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 948fc75..c8ac9e0 100644 --- a/README.md +++ b/README.md @@ -21,9 +21,7 @@ This module deploys aws services details are in respective feature branches. Below we are able to check the resources that are being created as part of this module call: -From branch : **_terrform-12/master_** - -- **_Security Group (Terraform 12 supported code)_** +- **_Security Group_** @@ -51,7 +49,7 @@ module "-security-group-" { } # Tags - common_tags = merge( + tags = merge( var.common_tags, { "Name" = "service-sg" @@ -94,17 +92,15 @@ module "-security-group-" { The variables required in order for the module to be successfully called from the deployment repository are the following: -| **_Variable_** | **_Description_** | **_Type_** | -|-------------------------------|---------------------------------------------|-----------------| -| name_prefix | Name prefix | string | -| description | description | string | -| vpc_id | VPC ID | String | -| common_tags | Tag | map(string) | -| revoke_rules_on_delete | Instruct Terraform to revoke | string | -| ingress_rules | Ingress Rules | any | -| egress_rules | Egress Rules | any | - - +|**_Variable_** | **_Description_** | **_Type_** | **_Argument Status_** | +|:----|:----|-----:|-----:| +| **_name\_prefix_** | Name prefix | _string_ | **_Required_** | +| **_description_** | description | _string_ | **_Required_** | +| **_vpc\_id_** | VPC ID | _string_ | **_Required_** | +| **_tags_** | Resource Tag | _map(string)_ | **_Required_** | +| **_revoke\_rules\_on\_delete_** | Instruct Terraform to revoke | _string_ | **_Optional_** *(Default - **false**)* | +| **_ingress\_rules_** | Ingress Rules | _any_ | **_Optional_** *(Default - **[]**)* | +| **_egress\_rules_** | Egress Rules | _any_ | **_Optional_** *(Default - **[]**)* | diff --git a/security-groups.tf b/security-groups.tf index 0b21255..9f09921 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -3,7 +3,7 @@ resource "aws_security_group" "security_group" { description = var.description vpc_id = var.vpc_id revoke_rules_on_delete = var.revoke_rules_on_delete - tags = var.common_tags + tags = var.tags lifecycle { create_before_destroy = true diff --git a/variables.tf b/variables.tf index b1c8821..4d56da5 100644 --- a/variables.tf +++ b/variables.tf @@ -8,13 +8,15 @@ variable "description" { variable "revoke_rules_on_delete" { description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself." + type = bool + default = false } variable "vpc_id" { description = "The VPC ID." } -variable "common_tags" { +variable "tags" { description = "A mapping of tags to assign to the resource." type = map(string) } @@ -22,9 +24,11 @@ variable "common_tags" { variable "ingress_rules" { description = "Ingress rules for security group" type = any + default = [] } variable "egress_rules" { description = "Egress rules for security group" type = any + default = [] } \ No newline at end of file From 985b0342f68c72e66afc97c2449413d08e31bab1 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:45:21 +0000 Subject: [PATCH 30/37] Modified Code --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index c8ac9e0..12fb9c8 100644 --- a/README.md +++ b/README.md @@ -80,8 +80,6 @@ module "-security-group-" { description = "The egress rule allows all ports" } ] -} - } ``` From 8fe2fca2aae7bf1a5dcb8e6d4641ceea375c056a Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:46:20 +0000 Subject: [PATCH 31/37] Modified Code --- README.md | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 12fb9c8..7e94b4a 100644 --- a/README.md +++ b/README.md @@ -112,34 +112,17 @@ The variables required in order for the module to be successfully called from th ### Usage -In order for the variables to be accessed on module level please use the syntax below: +_In order for the variables to be accessed on module level please use the syntax below:_ ```tf module.. ``` -If an output variable needs to be exposed on root level in order to be accessed through terraform state file follow the steps below: - -- Include the syntax above in the network layer output terraform file. -- Add the code snippet below to the variables/global_variables file. - -```tf -data "terraform_remote_state" "" { - backend = "s3" - - config { - bucket = (i.e. "s3-webstack-terraform-state") - key = (i.e. "env:/${terraform.workspace}/4_Networking/terraform.tfstate") - region = (i.e. "eu-central-1") - } -} -``` - -- The output variable is able to be accessed through terraform state file using the syntax below: +_The output variable is able to be accessed through terraform state file using the syntax below:_ ```tf "${data.terraform_remote_state..}" ``` ## Authors -Module maintained by Module maintained by the - **_Nitin Das_** \ No newline at end of file +_Module maintained by Module maintained by the_ - **_Nitin Das_** \ No newline at end of file From e971b69dae9751b7e64701aa4eac03226751bf36 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:47:45 +0000 Subject: [PATCH 32/37] Modified Code --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 7e94b4a..8742435 100644 --- a/README.md +++ b/README.md @@ -3,23 +3,23 @@ ## General -This module may be used to create **_Security Group_** resources in AWS cloud provider.. +_This module may be used to create_ **_Security Group_** _resources in AWS cloud provider...._ --- ## Prerequisites -This module needs **_Terraform 0.12.16_** or newer. -You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html). +_This module needs_ **_Terraform 0.12.16_** _or newer._ +_You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html)._ -This module deploys aws services details are in respective feature branches. +_This module deploys aws services details are in respective feature branches._ --- ## Features Branches -Below we are able to check the resources that are being created as part of this module call: +_Below we are able to check the resources that are being created as part of this module call:_ - **_Security Group_** @@ -38,7 +38,7 @@ Below we are able to check the resources that are being created as part of this ## Using this repo -To use this module, add the following call to your code: +_To use this module, add the following call to your code:_ ```tf module "-security-group-" { @@ -87,7 +87,7 @@ module "-security-group-" { ## Inputs -The variables required in order for the module to be successfully called from the deployment repository are the following: +_The variables required in order for the module to be successfully called from the deployment repository are the following:_ |**_Variable_** | **_Description_** | **_Type_** | **_Argument Status_** | @@ -125,4 +125,4 @@ _The output variable is able to be accessed through terraform state file using t ``` ## Authors -_Module maintained by Module maintained by the_ - **_Nitin Das_** \ No newline at end of file +_Module maintained by Module maintained by the -_**_Nitin Das_** \ No newline at end of file From 120447ea82b639b57dd17aee33d8d9d1a9982323 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:48:17 +0000 Subject: [PATCH 33/37] Modified Code --- README.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 8742435..c97a415 100644 --- a/README.md +++ b/README.md @@ -17,17 +17,11 @@ _This module deploys aws services details are in respective feature branches._ --- -## Features Branches - -_Below we are able to check the resources that are being created as part of this module call:_ - -- **_Security Group_** - +## Below are the resources that are launched by this module ---- +_Below we are able to check the resources that are being created as part of this module call:_ -## Below are the resources that are launched by this module - **_Security Group_** From 1cc9eecbacb53ebb17fda5ce59df598e8de1dd18 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 10 Jan 2020 10:48:42 +0000 Subject: [PATCH 34/37] Modified Code --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c97a415..56f5348 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ _This module may be used to create_ **_Security Group_** _resources in AWS cloud ## Prerequisites -_This module needs_ **_Terraform 0.12.16_** _or newer._ +_This module needs_ **_Terraform 0.12.18_** _or newer._ _You can download the latest Terraform version from [here](https://www.terraform.io/downloads.html)._ _This module deploys aws services details are in respective feature branches._ From 3792709b3b0c0491ac8aaddf658111ce39428808 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 17 Jan 2020 16:52:37 +0000 Subject: [PATCH 35/37] Modified Code --- security-groups.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 9f09921..468dfbf 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -10,7 +10,7 @@ resource "aws_security_group" "security_group" { } dynamic "ingress" { - for_each = length(var.ingress_rules) == 0 ? [] : var.ingress_rules + for_each = length(var.ingress_rules) == 0 ? [] : [var.ingress_rules] content { from_port = lookup(ingress.value, "from_port", null) to_port = lookup(ingress.value, "to_port", null) @@ -25,7 +25,7 @@ resource "aws_security_group" "security_group" { } dynamic "egress" { - for_each = length(var.egress_rules) == 0 ? [] : var.egress_rules + for_each = length(var.egress_rules) == 0 ? [] : [var.egress_rules] content { from_port = lookup(egress.value, "from_port", null) to_port = lookup(egress.value, "to_port", null) From 9dac4f985f9a163f6e00e4218a99d1404f6fb521 Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 17 Jan 2020 16:53:52 +0000 Subject: [PATCH 36/37] Modified Code --- security-groups.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 468dfbf..9f09921 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -10,7 +10,7 @@ resource "aws_security_group" "security_group" { } dynamic "ingress" { - for_each = length(var.ingress_rules) == 0 ? [] : [var.ingress_rules] + for_each = length(var.ingress_rules) == 0 ? [] : var.ingress_rules content { from_port = lookup(ingress.value, "from_port", null) to_port = lookup(ingress.value, "to_port", null) @@ -25,7 +25,7 @@ resource "aws_security_group" "security_group" { } dynamic "egress" { - for_each = length(var.egress_rules) == 0 ? [] : [var.egress_rules] + for_each = length(var.egress_rules) == 0 ? [] : var.egress_rules content { from_port = lookup(egress.value, "from_port", null) to_port = lookup(egress.value, "to_port", null) From a470e86ad13f151bd49bbde95c7ba8160524e35a Mon Sep 17 00:00:00 2001 From: nitin-das Date: Fri, 17 Jan 2020 16:55:29 +0000 Subject: [PATCH 37/37] Modified Code --- security-groups.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security-groups.tf b/security-groups.tf index 9f09921..6dd701d 100644 --- a/security-groups.tf +++ b/security-groups.tf @@ -10,7 +10,7 @@ resource "aws_security_group" "security_group" { } dynamic "ingress" { - for_each = length(var.ingress_rules) == 0 ? [] : var.ingress_rules + for_each = var.ingress_rules content { from_port = lookup(ingress.value, "from_port", null) to_port = lookup(ingress.value, "to_port", null) @@ -25,7 +25,7 @@ resource "aws_security_group" "security_group" { } dynamic "egress" { - for_each = length(var.egress_rules) == 0 ? [] : var.egress_rules + for_each = var.egress_rules content { from_port = lookup(egress.value, "from_port", null) to_port = lookup(egress.value, "to_port", null)