-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
bfb492c
commit d29295c
Showing
9 changed files
with
712 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
# This file was generated from values defined in rules.tf using update_groups.sh. | ||
################################### | ||
# DO NOT CHANGE THIS FILE MANUALLY | ||
################################### | ||
|
||
variable "auto_ingress_rules" { | ||
description = "List of ingress rules to add automatically" | ||
type = list(string) | ||
default = ["zabbix-server", "zabbix-proxy", "zabbix-agent"] | ||
} | ||
|
||
variable "auto_ingress_with_self" { | ||
description = "List of maps defining ingress rules with self to add automatically" | ||
type = list(map(string)) | ||
default = [{ "rule" = "all-all" }] | ||
} | ||
|
||
variable "auto_egress_rules" { | ||
description = "List of egress rules to add automatically" | ||
type = list(string) | ||
default = ["all-all"] | ||
} | ||
|
||
variable "auto_egress_with_self" { | ||
description = "List of maps defining egress rules with self to add automatically" | ||
type = list(map(string)) | ||
default = [] | ||
} | ||
|
||
# Computed | ||
variable "auto_computed_ingress_rules" { | ||
description = "List of ingress rules to add automatically" | ||
type = list(string) | ||
default = [] | ||
} | ||
|
||
variable "auto_computed_ingress_with_self" { | ||
description = "List of maps defining computed ingress rules with self to add automatically" | ||
type = list(map(string)) | ||
default = [] | ||
} | ||
|
||
variable "auto_computed_egress_rules" { | ||
description = "List of computed egress rules to add automatically" | ||
type = list(string) | ||
default = [] | ||
} | ||
|
||
variable "auto_computed_egress_with_self" { | ||
description = "List of maps defining computed egress rules with self to add automatically" | ||
type = list(map(string)) | ||
default = [] | ||
} | ||
|
||
# Number of computed rules | ||
variable "auto_number_of_computed_ingress_rules" { | ||
description = "Number of computed ingress rules to create by name" | ||
type = number | ||
default = 0 | ||
} | ||
|
||
variable "auto_number_of_computed_ingress_with_self" { | ||
description = "Number of computed ingress rules to create where 'self' is defined" | ||
type = number | ||
default = 0 | ||
} | ||
|
||
variable "auto_number_of_computed_egress_rules" { | ||
description = "Number of computed egress rules to create by name" | ||
type = number | ||
default = 0 | ||
} | ||
|
||
variable "auto_number_of_computed_egress_with_self" { | ||
description = "Number of computed egress rules to create where 'self' is defined" | ||
type = number | ||
default = 0 | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
module "sg" { | ||
source = "../../" | ||
|
||
create = var.create | ||
name = var.name | ||
use_name_prefix = var.use_name_prefix | ||
description = var.description | ||
vpc_id = var.vpc_id | ||
revoke_rules_on_delete = var.revoke_rules_on_delete | ||
tags = var.tags | ||
|
||
########## | ||
# Ingress | ||
########## | ||
# Rules by names - open for default CIDR | ||
ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""])))) | ||
|
||
# Open for self | ||
ingress_with_self = concat(var.auto_ingress_with_self, var.ingress_with_self) | ||
|
||
# Open to IPv4 cidr blocks | ||
ingress_with_cidr_blocks = var.ingress_with_cidr_blocks | ||
|
||
# Open to IPv6 cidr blocks | ||
ingress_with_ipv6_cidr_blocks = var.ingress_with_ipv6_cidr_blocks | ||
|
||
# Open for security group id | ||
ingress_with_source_security_group_id = var.ingress_with_source_security_group_id | ||
|
||
# Default ingress CIDR blocks | ||
ingress_cidr_blocks = var.ingress_cidr_blocks | ||
ingress_ipv6_cidr_blocks = var.ingress_ipv6_cidr_blocks | ||
|
||
# Default prefix list ids | ||
ingress_prefix_list_ids = var.ingress_prefix_list_ids | ||
|
||
################### | ||
# Computed Ingress | ||
################### | ||
# Rules by names - open for default CIDR | ||
computed_ingress_rules = sort(compact(distinct(concat(var.auto_computed_ingress_rules, var.computed_ingress_rules, [""])))) | ||
|
||
# Open for self | ||
computed_ingress_with_self = concat(var.auto_computed_ingress_with_self, var.computed_ingress_with_self) | ||
|
||
# Open to IPv4 cidr blocks | ||
computed_ingress_with_cidr_blocks = var.computed_ingress_with_cidr_blocks | ||
|
||
# Open to IPv6 cidr blocks | ||
computed_ingress_with_ipv6_cidr_blocks = var.computed_ingress_with_ipv6_cidr_blocks | ||
|
||
# Open for security group id | ||
computed_ingress_with_source_security_group_id = var.computed_ingress_with_source_security_group_id | ||
|
||
############################# | ||
# Number of computed ingress | ||
############################# | ||
number_of_computed_ingress_rules = var.auto_number_of_computed_ingress_rules + var.number_of_computed_ingress_rules | ||
number_of_computed_ingress_with_self = var.auto_number_of_computed_ingress_with_self + var.number_of_computed_ingress_with_self | ||
number_of_computed_ingress_with_cidr_blocks = var.number_of_computed_ingress_with_cidr_blocks | ||
number_of_computed_ingress_with_ipv6_cidr_blocks = var.number_of_computed_ingress_with_ipv6_cidr_blocks | ||
number_of_computed_ingress_with_source_security_group_id = var.number_of_computed_ingress_with_source_security_group_id | ||
|
||
######### | ||
# Egress | ||
######### | ||
# Rules by names - open for default CIDR | ||
egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""])))) | ||
|
||
# Open for self | ||
egress_with_self = concat(var.auto_egress_with_self, var.egress_with_self) | ||
|
||
# Open to IPv4 cidr blocks | ||
egress_with_cidr_blocks = var.egress_with_cidr_blocks | ||
|
||
# Open to IPv6 cidr blocks | ||
egress_with_ipv6_cidr_blocks = var.egress_with_ipv6_cidr_blocks | ||
|
||
# Open for security group id | ||
egress_with_source_security_group_id = var.egress_with_source_security_group_id | ||
|
||
# Default egress CIDR blocks | ||
egress_cidr_blocks = var.egress_cidr_blocks | ||
egress_ipv6_cidr_blocks = var.egress_ipv6_cidr_blocks | ||
|
||
# Default prefix list ids | ||
egress_prefix_list_ids = var.egress_prefix_list_ids | ||
|
||
################## | ||
# Computed Egress | ||
################## | ||
# Rules by names - open for default CIDR | ||
computed_egress_rules = sort(compact(distinct(concat(var.auto_computed_egress_rules, var.computed_egress_rules, [""])))) | ||
|
||
# Open for self | ||
computed_egress_with_self = concat(var.auto_computed_egress_with_self, var.computed_egress_with_self) | ||
|
||
# Open to IPv4 cidr blocks | ||
computed_egress_with_cidr_blocks = var.computed_egress_with_cidr_blocks | ||
|
||
# Open to IPv6 cidr blocks | ||
computed_egress_with_ipv6_cidr_blocks = var.computed_egress_with_ipv6_cidr_blocks | ||
|
||
# Open for security group id | ||
computed_egress_with_source_security_group_id = var.computed_egress_with_source_security_group_id | ||
|
||
############################# | ||
# Number of computed egress | ||
############################# | ||
number_of_computed_egress_rules = var.auto_number_of_computed_egress_rules + var.number_of_computed_egress_rules | ||
number_of_computed_egress_with_self = var.auto_number_of_computed_egress_with_self + var.number_of_computed_egress_with_self | ||
number_of_computed_egress_with_cidr_blocks = var.number_of_computed_egress_with_cidr_blocks | ||
number_of_computed_egress_with_ipv6_cidr_blocks = var.number_of_computed_egress_with_ipv6_cidr_blocks | ||
number_of_computed_egress_with_source_security_group_id = var.number_of_computed_egress_with_source_security_group_id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
output "security_group_arn" { | ||
description = "The ARN of the security group" | ||
value = module.sg.security_group_arn | ||
} | ||
|
||
output "security_group_id" { | ||
description = "The ID of the security group" | ||
value = module.sg.security_group_id | ||
} | ||
|
||
output "security_group_vpc_id" { | ||
description = "The VPC ID" | ||
value = module.sg.security_group_vpc_id | ||
} | ||
|
||
output "security_group_owner_id" { | ||
description = "The owner ID" | ||
value = module.sg.security_group_owner_id | ||
} | ||
|
||
output "security_group_name" { | ||
description = "The name of the security group" | ||
value = module.sg.security_group_name | ||
} | ||
|
||
output "security_group_description" { | ||
description = "The description of the security group" | ||
value = module.sg.security_group_description | ||
} |
Oops, something went wrong.