Merge pull request #28 from Aswin-Vijayan/TEC-56

techiescamp · web-flow · commit 36bc0060d8aa · 2023-08-07T15:21:23.000+05:30
[TEC-56][Change] - made changes in security group variables
diff --git a/environments/dev/alb-asg/main.tf b/environments/dev/alb-asg/main.tf
@@ -18,8 +18,7 @@ module "alb-sg" {
   environment                     = var.environment
   owner                           = var.owner
   cost_center                     = var.cost_center
-  application                     = var.application
-  sg_name                         = var.alb_sg_name
+  application                     = "${var.application}-alb"
   vpc_id                          = var.vpc_id
 
   ingress_cidr_from_port          = var.alb_ingress_cidr_from_port
@@ -31,7 +30,7 @@ module "alb-sg" {
   ingress_sg_from_port            = var.alb_ingress_sg_from_port
   ingress_sg_to_port              = var.alb_ingress_sg_to_port
   ingress_sg_protocol             = var.alb_ingress_sg_protocol
-  ingress_security_group_ids      = var.security_group_id
+  ingress_security_group_ids      = var.ingress_security_group_ids
   create_ingress_sg               = var.alb_create_ingress_sg
 
   egress_cidr_from_port           = var.alb_egress_cidr_from_port
@@ -43,7 +42,7 @@ module "alb-sg" {
   egress_sg_from_port             = var.alb_egress_sg_from_port
   egress_sg_to_port               = var.alb_egress_sg_to_port
   egress_sg_protocol              = var.alb_egress_sg_protocol
-  egress_security_group_ids       = var.security_group_id
+  egress_security_group_ids       = var.egress_security_group_ids
   create_egress_sg                = var.alb_create_egress_sg
 }
 
@@ -84,7 +83,6 @@ module "instance-sg" {
   owner                           = var.owner
   cost_center                     = var.cost_center
   application                     = var.application
-  sg_name                         = var.sg_name
   vpc_id                          = var.vpc_id
 
   ingress_cidr_from_port          = var.ingress_cidr_from_port
diff --git a/environments/dev/alb-asg/variables.tf b/environments/dev/alb-asg/variables.tf
@@ -170,14 +170,9 @@ variable "application" {
   description = "Name of the application"
 }
 
-variable "security_group_id" {
-  description = "List of security group IDs to attach"
-  type        = list(string)
-}
-
 variable "ingress_cidr_block" {
   type        = list(string)
-  description = "CIDR blocks for EC2 security group ingress rules"
+  description = "CIDR blocks for the security group ingress rules"
 }
 
 variable "ingress_cidr_from_port" {
@@ -215,6 +210,12 @@ variable "ingress_sg_protocol" {
   description = "List of protocols for sg ingress rules"
 }
 
+variable "ingress_security_group_ids" {
+  type        = list(string)
+  default     = [ "sg-0fe4363da3994c100" ]
+  description = "List of Security Group ids for sg ingress rules"
+}
+
 variable "create_ingress_sg" {
   type        = bool
   description = "Enable or disable Security Groups ingress rules."
@@ -260,6 +261,12 @@ variable "egress_sg_protocol" {
   type        = list(any)
 }
 
+variable "egress_security_group_ids" {
+  type        = list(string)
+  default     = [ "sg-0fe4363da3994c100" ]
+  description = "List of Security Group ids for sg egress rules"
+}
+
 variable "create_egress_sg" {
   type        = bool
   description = "Enable or disable CIDR block egress rules."
@@ -268,7 +275,7 @@ variable "create_egress_sg" {
 
 variable "alb_ingress_cidr_block" {
   type        = list(string)
-  description = "CIDR blocks for EC2 security group ingress rules"
+  description = "CIDR blocks for the security group ingress rules"
 }
 
 variable "alb_ingress_cidr_from_port" {
@@ -293,17 +300,17 @@ variable "alb_create_ingress_cidr" {
 
 variable "alb_ingress_sg_from_port" {
   type        = list(number)
-  description = "List of starting ports for sg ingress rules of the EC2 security group."
+  description = "List of starting ports for sg ingress rules"
 }
 
 variable "alb_ingress_sg_to_port" {
   type        = list(number)
-  description = "List of ending ports for sg ingress rules of the EC2 security group."
+  description = "List of ending ports for sg ingress rules"
 }
 
 variable "alb_ingress_sg_protocol" {
   type        = list(any)
-  description = "List of protocols for sg ingress rules of the EC2 security group."
+  description = "List of protocols for sg ingress rules"
 }
 
 variable "alb_create_ingress_sg" {
@@ -313,7 +320,7 @@ variable "alb_create_ingress_sg" {
 
 variable "alb_egress_cidr_block" {
   type        = list(string)
-  description = "CIDR blocks for EC2 security group egress rules"
+  description = "CIDR blocks for the security group egress rules"
 }
 
 variable "alb_egress_cidr_from_port" {
@@ -355,13 +362,3 @@ variable "alb_create_egress_sg" {
   type        = bool
   description = "Enable or disable CIDR block egress rules."
 }
-
-variable "sg_name" {
-  type        = string
-  description = "Name of the security group for the instance."
-}
-
-variable "alb_sg_name" {
-  type        = string
-  description = "Name of the security group for the instance."
-}
diff --git a/environments/dev/ec2/main.tf b/environments/dev/ec2/main.tf
@@ -5,7 +5,6 @@ provider "aws" {
 module "ec2" {
   source             = "../../../modules/ec2"
   region             = var.region
-  instance_name      = var.instance_name
   ami_id             = var.ami_id
   instance_type      = var.instance_type
   key_name           = var.key_name
@@ -28,7 +27,6 @@ module "security-group" {
   owner       = var.owner
   cost_center = var.cost_center
   application = var.application
-  sg_name     = var.sg_name
   vpc_id      = var.vpc_id
 
   ingress_cidr_from_port     = var.ingress_cidr_from_port
diff --git a/environments/dev/ec2/variables.tf b/environments/dev/ec2/variables.tf
@@ -3,11 +3,6 @@ variable "region" {
   description = "Region of the EC2 instance"
 }
 
-variable "instance_name" {
-  type        = string
-  description = "Name of the EC2 instance"
-}
-
 variable "ami_id" {
   type        = string
   description = "AMI ID of the EC2 instance"
@@ -33,11 +28,6 @@ variable "subnet_ids" {
   description = "Subnet IDs of the EC2 instance"
 }
 
-variable "sg_name" {
-  type        = string
-  description = "Security group name for the instance"
-}
-
 variable "vpc_id" {
   type        = string
   description = "VPC ID for the security group"
@@ -125,7 +115,7 @@ variable "egress_cidr_to_port" {
 }
 
 variable "egress_cidr_protocol" {
-  type        = list(string)
+  type        = list(any)
   description = "List of protocols for cidr egress rules of the EC2 security group."
 }
 
@@ -145,7 +135,7 @@ variable "egress_sg_to_port" {
 }
 
 variable "egress_sg_protocol" {
-  type        = list(string)
+  type        = list(any)
   description = "List of protocols for sg egress rules of the EC2 security group."
 }
 
diff --git a/modules/ec2/main.tf b/modules/ec2/main.tf
@@ -10,8 +10,8 @@ resource "aws_instance" "ec2_instance" {
 
   tags = merge(
     {
-      Name        = "${var.environment[0]}-${var.application}"
-      Environment = var.environment[0]
+      Name        = "${var.owner}-Instance"
+      Environment = var.environment
       Owner       = var.owner
       CostCenter  = var.cost_center
       Application = var.application
diff --git a/modules/ec2/variables.tf b/modules/ec2/variables.tf
@@ -3,11 +3,6 @@ variable "region" {
   description = "Region of the ec2 instance"
 }
 
-variable "instance_name" {
-  type        = string
-  description = "Name of the ec2 instance"
-}
-
 variable "ami_id" {
   type        = string
   description = "AMI Id of the ec2 instance"
@@ -45,7 +40,7 @@ variable "name" {
 }
 
 variable "environment" {
-  type        = list(string)
+  type        = string
   description = "The environment name for the resources."
 }
 
diff --git a/modules/security-group/main.tf b/modules/security-group/main.tf
@@ -1,5 +1,5 @@
 resource "aws_security_group" "instance_sg" {
-  name        = var.sg_name
+  name        = "${var.environment}-${var.application}"
   description = "Security Group for Instance"
   vpc_id      = var.vpc_id
 
@@ -49,11 +49,11 @@ resource "aws_security_group" "instance_sg" {
 
   tags = merge(
     {
-      "Name"        = "${var.name}-sg"
-      "Environment" = var.environment
-      "Owner"       = var.owner
-      "CostCenter"  = var.cost_center
-      "Application" = var.application
+      Name        = "${var.environment}-${var.application}"
+      Environment = var.environment
+      Owner       = var.owner
+      CostCenter  = var.cost_center
+      Application = var.application
     },
     var.tags
   )
diff --git a/modules/security-group/variables.tf b/modules/security-group/variables.tf
@@ -3,11 +3,6 @@ variable "region" {
   description = "Region of the security group."
 }
 
-variable "sg_name" {
-  type        = string
-  description = "Name of the security group for the instance."
-}
-
 variable "vpc_id" {
   type        = string
   description = "ID of the VPC associated with the security group."
@@ -81,6 +76,7 @@ variable "ingress_sg_protocol" {
 
 variable "ingress_security_group_ids" {
   type        = list(string)
+  default     = [ "sg-0fe4363da3994c100" ]
   description = "List of Security Group ids for sg ingress rules of the EC2 security group."
 }
 
@@ -95,7 +91,7 @@ variable "egress_cidr_to_port" {
 }
 
 variable "egress_cidr_protocol" {
-  type        = list(string)
+  type        = list(any)
   description = "List of protocols for cidr egress rules of the EC2 security group."
 }
 
@@ -115,12 +111,13 @@ variable "egress_sg_to_port" {
 }
 
 variable "egress_sg_protocol" {
-  type        = list(string)
+  type        = list(any)
   description = "List of protocols for sg egress rules of the EC2 security group."
 }
 
 variable "egress_security_group_ids" {
   type        = list(string)
+  default     = [ "sg-0fe4363da3994c100" ]
   description = "List of Security Group ids for sg egress rules of the EC2 security group."
 }
 
diff --git a/vars/dev/alb-asg.tfvars b/vars/dev/alb-asg.tfvars
@@ -6,7 +6,6 @@ loadbalancer_type              = "application"
 alb_subnets                    = ["subnet-058a7514ba8adbb07", "subnet-0dbcd1ac168414927", "subnet-032f5077729435858"]
 
 #alb-sg
-alb_sg_name                    = "alb-sg"
 alb_ingress_cidr_from_port     = [80]
 alb_ingress_cidr_to_port       = [80]
 alb_ingress_cidr_protocol      = ["tcp"]
@@ -29,10 +28,7 @@ alb_egress_sg_to_port          = [0]
 alb_egress_sg_protocol         = ["-1"]
 alb_create_egress_sg           = false
 
-security_group_id             = ["sg-0aa656667277a3e65"]
-
 # instance sg
-sg_name                        = "asg-sg"
 ingress_cidr_from_port         = [80]
 ingress_cidr_to_port           = [80]
 ingress_cidr_protocol          = ["tcp"]
diff --git a/vars/dev/ec2.tfvars b/vars/dev/ec2.tfvars
@@ -1,47 +1,45 @@
 # EC2 Instance Variables
-region         = "eu-north-1"
-instance_name  = "Instance"
-ami_id         = "ami-0989fb15ce71ba39e"
-instance_type  = "t3.micro"
+region         = "us-west-2"
+ami_id         = "ami-03f65b8614a860c29"
+instance_type  = "t2.micro"
 key_name       = "techiescamp"
 instance_count = 1
-subnet_ids = ["subnet-07fab58fa9620dfb9",
-  "subnet-051fbcbaa925b8c44",
-"subnet-0c46e29a23c5ba3b8"]
+subnet_ids     = ["subnet-058a7514ba8adbb07", "subnet-04b1f595ef8c29542", "subnet-032f5077729435858"]
 
 # EC2 Security Group Variables
-sg_name = "Instance_sg"
-vpc_id  = "vpc-07d73d0c9081754d0"
+vpc_id  = "vpc-0a5ca4a92c2e10163"
 
 # Tag Keys
-name        = "Instance"
-owner       = "Techiescamp"
-environment = "dev"
-cost_center = "project"
-application = "web-app"
+name        = ""
+owner       = "techiescamp"
+environment = ""
+cost_center = "techiescamp-commerce"
+application = ""
 
-# Security Group Ingress Variables
+# CIDR Ingress Variables
+create_ingress_cidr    = true
 ingress_cidr_from_port = [22]
 ingress_cidr_to_port   = [22]
 ingress_cidr_protocol  = ["tcp"]
 ingress_cidr_block     = ["10.10.0.0/16"]
-create_ingress_cidr    = false
 
+# Security Group Ingress Variables
+create_ingress_sg          = false
 ingress_sg_from_port       = [80]
 ingress_sg_to_port         = [80]
 ingress_sg_protocol        = ["tcp"]
-ingress_security_group_ids = ["sg-0aa656667277a3e65"]
-create_ingress_sg          = false
+ingress_security_group_ids = ["sg-0fe4363da3994c100"]
 
-# Security Group Egress Variables
-egress_cidr_from_port = [443]
-egress_cidr_to_port   = [443]
-egress_cidr_protocol  = ["tcp"]
-egress_cidr_block     = ["10.20.0.0/16"]
-create_egress_cidr    = false
+# CIDR Egress Variables
+create_egress_cidr    = true
+egress_cidr_from_port = [0]
+egress_cidr_to_port   = [0]
+egress_cidr_protocol  = ["-1"]
+egress_cidr_block     = ["0.0.0.0/0"]
 
-egress_sg_from_port       = [8080]
-egress_sg_to_port         = [8080]
-egress_sg_protocol        = ["tcp"]
-egress_security_group_ids = ["sg-0aa656667277a3e65"]
-create_egress_sg          = false
+# Security Group Egress Variables
+create_egress_sg          = false
+egress_sg_from_port       = [0]
+egress_sg_to_port         = [0]
+egress_sg_protocol        = ["-1"]
+egress_security_group_ids = ["sg-0fe4363da3994c100"]

Original file line number	Diff line number	Diff line change
`@@ -3,11 +3,6 @@ variable "region" {`
`3`	`3`	`description = "Region of the EC2 instance"`
`4`	`4`	`}`
`5`	`5`
`6`		`-variable "instance_name" {`
`7`		`- type = string`
`8`		`- description = "Name of the EC2 instance"`
`9`		`-}`
`10`		`-`
`11`	`6`	`variable "ami_id" {`
`12`	`7`	`type = string`
`13`	`8`	`description = "AMI ID of the EC2 instance"`
`@@ -33,11 +28,6 @@ variable "subnet_ids" {`
`33`	`28`	`description = "Subnet IDs of the EC2 instance"`
`34`	`29`	`}`
`35`	`30`
`36`		`-variable "sg_name" {`
`37`		`- type = string`
`38`		`- description = "Security group name for the instance"`
`39`		`-}`
`40`		`-`
`41`	`31`	`variable "vpc_id" {`
`42`	`32`	`type = string`
`43`	`33`	`description = "VPC ID for the security group"`
`@@ -125,7 +115,7 @@ variable "egress_cidr_to_port" {`
`125`	`115`	`}`
`126`	`116`
`127`	`117`	`variable "egress_cidr_protocol" {`
`128`		`- type = list(string)`
	`118`	`+ type = list(any)`
`129`	`119`	`description = "List of protocols for cidr egress rules of the EC2 security group."`
`130`	`120`	`}`
`131`	`121`
`@@ -145,7 +135,7 @@ variable "egress_sg_to_port" {`
`145`	`135`	`}`
`146`	`136`
`147`	`137`	`variable "egress_sg_protocol" {`
`148`		`- type = list(string)`
	`138`	`+ type = list(any)`
`149`	`139`	`description = "List of protocols for sg egress rules of the EC2 security group."`
`150`	`140`	`}`
`151`	`141`
Original file line number	Diff line number	Diff line change
`@@ -3,11 +3,6 @@ variable "region" {`
`3`	`3`	`description = "Region of the security group."`
`4`	`4`	`}`
`5`	`5`
`6`		`-variable "sg_name" {`
`7`		`- type = string`
`8`		`- description = "Name of the security group for the instance."`
`9`		`-}`
`10`		`-`
`11`	`6`	`variable "vpc_id" {`
`12`	`7`	`type = string`
`13`	`8`	`description = "ID of the VPC associated with the security group."`
`@@ -81,6 +76,7 @@ variable "ingress_sg_protocol" {`
`81`	`76`
`82`	`77`	`variable "ingress_security_group_ids" {`
`83`	`78`	`type = list(string)`
	`79`	`+ default = [ "sg-0fe4363da3994c100" ]`
`84`	`80`	`description = "List of Security Group ids for sg ingress rules of the EC2 security group."`
`85`	`81`	`}`
`86`	`82`
`@@ -95,7 +91,7 @@ variable "egress_cidr_to_port" {`
`95`	`91`	`}`
`96`	`92`
`97`	`93`	`variable "egress_cidr_protocol" {`
`98`		`- type = list(string)`
	`94`	`+ type = list(any)`
`99`	`95`	`description = "List of protocols for cidr egress rules of the EC2 security group."`
`100`	`96`	`}`
`101`	`97`
`@@ -115,12 +111,13 @@ variable "egress_sg_to_port" {`
`115`	`111`	`}`
`116`	`112`
`117`	`113`	`variable "egress_sg_protocol" {`
`118`		`- type = list(string)`
	`114`	`+ type = list(any)`
`119`	`115`	`description = "List of protocols for sg egress rules of the EC2 security group."`
`120`	`116`	`}`
`121`	`117`
`122`	`118`	`variable "egress_security_group_ids" {`
`123`	`119`	`type = list(string)`
	`120`	`+ default = [ "sg-0fe4363da3994c100" ]`
`124`	`121`	`description = "List of Security Group ids for sg egress rules of the EC2 security group."`
`125`	`122`	`}`
`126`	`123`