Skip to content

Commit

Permalink
feat: Added etcd ports (2379, 2380) (#235)
Browse files Browse the repository at this point in the history
  • Loading branch information
antonbabenko authored Nov 25, 2021
1 parent 1dd6ae9 commit 8b26b16
Show file tree
Hide file tree
Showing 10 changed files with 711 additions and 8 deletions.
4 changes: 2 additions & 2 deletions README.md

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions modules/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ List of Security Groups implemented as Terraform modules
* [consul](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/consul)
* [docker-swarm](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/docker-swarm)
* [elasticsearch](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/elasticsearch)
* [etcd](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/etcd)
* [grafana](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/grafana)
* [graphite-statsd](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/graphite-statsd)
* [http-80](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/http-80)
Expand Down Expand Up @@ -53,3 +54,4 @@ List of Security Groups implemented as Terraform modules
* [zipkin](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/zipkin)
* [zookeeper](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/zookeeper)
* [_templates](https://github.com/terraform-aws-modules/terraform-aws-security-group/tree/master/modules/_templates) - Source templates for all other modules. Change carefully, test thoughtfully!

119 changes: 119 additions & 0 deletions modules/etcd/README.md

Large diffs are not rendered by default.

78 changes: 78 additions & 0 deletions modules/etcd/auto_values.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
# This file was generated from values defined in rules.tf using update_groups.sh.
###################################
# DO NOT CHANGE THIS FILE MANUALLY
###################################

variable "auto_ingress_rules" {
description = "List of ingress rules to add automatically"
type = list(string)
default = ["etcd-client-tcp", "etcd-peer-tcp"]
}

variable "auto_ingress_with_self" {
description = "List of maps defining ingress rules with self to add automatically"
type = list(map(string))
default = [{ "rule" = "all-all" }]
}

variable "auto_egress_rules" {
description = "List of egress rules to add automatically"
type = list(string)
default = ["all-all"]
}

variable "auto_egress_with_self" {
description = "List of maps defining egress rules with self to add automatically"
type = list(map(string))
default = []
}

# Computed
variable "auto_computed_ingress_rules" {
description = "List of ingress rules to add automatically"
type = list(string)
default = []
}

variable "auto_computed_ingress_with_self" {
description = "List of maps defining computed ingress rules with self to add automatically"
type = list(map(string))
default = []
}

variable "auto_computed_egress_rules" {
description = "List of computed egress rules to add automatically"
type = list(string)
default = []
}

variable "auto_computed_egress_with_self" {
description = "List of maps defining computed egress rules with self to add automatically"
type = list(map(string))
default = []
}

# Number of computed rules
variable "auto_number_of_computed_ingress_rules" {
description = "Number of computed ingress rules to create by name"
type = number
default = 0
}

variable "auto_number_of_computed_ingress_with_self" {
description = "Number of computed ingress rules to create where 'self' is defined"
type = number
default = 0
}

variable "auto_number_of_computed_egress_rules" {
description = "Number of computed egress rules to create by name"
type = number
default = 0
}

variable "auto_number_of_computed_egress_with_self" {
description = "Number of computed egress rules to create where 'self' is defined"
type = number
default = 0
}
115 changes: 115 additions & 0 deletions modules/etcd/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
module "sg" {
source = "../../"

create = var.create
name = var.name
use_name_prefix = var.use_name_prefix
description = var.description
vpc_id = var.vpc_id
revoke_rules_on_delete = var.revoke_rules_on_delete
tags = var.tags

##########
# Ingress
##########
# Rules by names - open for default CIDR
ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))

# Open for self
ingress_with_self = concat(var.auto_ingress_with_self, var.ingress_with_self)

# Open to IPv4 cidr blocks
ingress_with_cidr_blocks = var.ingress_with_cidr_blocks

# Open to IPv6 cidr blocks
ingress_with_ipv6_cidr_blocks = var.ingress_with_ipv6_cidr_blocks

# Open for security group id
ingress_with_source_security_group_id = var.ingress_with_source_security_group_id

# Default ingress CIDR blocks
ingress_cidr_blocks = var.ingress_cidr_blocks
ingress_ipv6_cidr_blocks = var.ingress_ipv6_cidr_blocks

# Default prefix list ids
ingress_prefix_list_ids = var.ingress_prefix_list_ids

###################
# Computed Ingress
###################
# Rules by names - open for default CIDR
computed_ingress_rules = sort(compact(distinct(concat(var.auto_computed_ingress_rules, var.computed_ingress_rules, [""]))))

# Open for self
computed_ingress_with_self = concat(var.auto_computed_ingress_with_self, var.computed_ingress_with_self)

# Open to IPv4 cidr blocks
computed_ingress_with_cidr_blocks = var.computed_ingress_with_cidr_blocks

# Open to IPv6 cidr blocks
computed_ingress_with_ipv6_cidr_blocks = var.computed_ingress_with_ipv6_cidr_blocks

# Open for security group id
computed_ingress_with_source_security_group_id = var.computed_ingress_with_source_security_group_id

#############################
# Number of computed ingress
#############################
number_of_computed_ingress_rules = var.auto_number_of_computed_ingress_rules + var.number_of_computed_ingress_rules
number_of_computed_ingress_with_self = var.auto_number_of_computed_ingress_with_self + var.number_of_computed_ingress_with_self
number_of_computed_ingress_with_cidr_blocks = var.number_of_computed_ingress_with_cidr_blocks
number_of_computed_ingress_with_ipv6_cidr_blocks = var.number_of_computed_ingress_with_ipv6_cidr_blocks
number_of_computed_ingress_with_source_security_group_id = var.number_of_computed_ingress_with_source_security_group_id

#########
# Egress
#########
# Rules by names - open for default CIDR
egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))

# Open for self
egress_with_self = concat(var.auto_egress_with_self, var.egress_with_self)

# Open to IPv4 cidr blocks
egress_with_cidr_blocks = var.egress_with_cidr_blocks

# Open to IPv6 cidr blocks
egress_with_ipv6_cidr_blocks = var.egress_with_ipv6_cidr_blocks

# Open for security group id
egress_with_source_security_group_id = var.egress_with_source_security_group_id

# Default egress CIDR blocks
egress_cidr_blocks = var.egress_cidr_blocks
egress_ipv6_cidr_blocks = var.egress_ipv6_cidr_blocks

# Default prefix list ids
egress_prefix_list_ids = var.egress_prefix_list_ids

##################
# Computed Egress
##################
# Rules by names - open for default CIDR
computed_egress_rules = sort(compact(distinct(concat(var.auto_computed_egress_rules, var.computed_egress_rules, [""]))))

# Open for self
computed_egress_with_self = concat(var.auto_computed_egress_with_self, var.computed_egress_with_self)

# Open to IPv4 cidr blocks
computed_egress_with_cidr_blocks = var.computed_egress_with_cidr_blocks

# Open to IPv6 cidr blocks
computed_egress_with_ipv6_cidr_blocks = var.computed_egress_with_ipv6_cidr_blocks

# Open for security group id
computed_egress_with_source_security_group_id = var.computed_egress_with_source_security_group_id

#############################
# Number of computed egress
#############################
number_of_computed_egress_rules = var.auto_number_of_computed_egress_rules + var.number_of_computed_egress_rules
number_of_computed_egress_with_self = var.auto_number_of_computed_egress_with_self + var.number_of_computed_egress_with_self
number_of_computed_egress_with_cidr_blocks = var.number_of_computed_egress_with_cidr_blocks
number_of_computed_egress_with_ipv6_cidr_blocks = var.number_of_computed_egress_with_ipv6_cidr_blocks
number_of_computed_egress_with_source_security_group_id = var.number_of_computed_egress_with_source_security_group_id
}
24 changes: 24 additions & 0 deletions modules/etcd/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
output "security_group_id" {
description = "The ID of the security group"
value = module.sg.security_group_id
}

output "security_group_vpc_id" {
description = "The VPC ID"
value = module.sg.security_group_vpc_id
}

output "security_group_owner_id" {
description = "The owner ID"
value = module.sg.security_group_owner_id
}

output "security_group_name" {
description = "The name of the security group"
value = module.sg.security_group_name
}

output "security_group_description" {
description = "The description of the security group"
value = module.sg.security_group_description
}
Loading

0 comments on commit 8b26b16

Please sign in to comment.