fix(variable): new variable for deafult sg added (#25)

cyberlabrs · Nov 23, 2023 · 251bef5 · 251bef5
1 parent b834a82
commit 251bef5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -179,6 +179,7 @@ No modules.
 | <a name="input_volume_size"></a> [volume\_size](#input\_volume\_size) | Volume size of ebs storage. | `number` | `10` | no |
 | <a name="input_volume_type"></a> [volume\_type](#input\_volume\_type) | Volume type of ebs storage. | `string` | `"gp2"` | no |
 | <a name="input_vpc"></a> [vpc](#input\_vpc) | VPC ID | `string` | `""` | no |
+| <a name="input_create_default_sg"></a> [create_default_sg](#input\_create_default_sg) | Creates default security group if value is true | `bool` | `true` | no |
 | <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | Route 53 Zone id. | `string` | `""` | no |
 
 ## Outputs

diff --git a/main.tf b/main.tf
@@ -29,7 +29,7 @@ resource "aws_ssm_parameter" "opensearch_master_user" {
 }
 
 resource "aws_security_group" "es" {
-  count       = var.inside_vpc ? 1 : 0
+  count       = var.inside_vpc && var.create_default_sg ? 1 : 0
   name        = var.default_security_group_name == "" ? "${var.vpc}-elasticsearch" : var.default_security_group_name
   description = "Managed by Terraform"
   vpc_id      = data.aws_vpc.selected[0].id
@@ -83,7 +83,7 @@ resource "aws_opensearch_domain" "opensearch" {
     for_each = var.inside_vpc ? [1] : []
     content {
       subnet_ids         = var.subnet_ids
-      security_group_ids = concat(var.sg_ids == "" ? [] : [var.sg_ids], [aws_security_group.es[0].id])
+      security_group_ids = concat(var.sg_ids == "" ? [] : [var.sg_ids], var.create_default_sg == true ?  [aws_security_group.es[0].id] : [])
     }
   }
 

diff --git a/variables.tf b/variables.tf
@@ -253,4 +253,10 @@ variable "default_security_group_name" {
   type        = string
   default     = ""
   description = "Default security group name"
+}
+
+variable "create_default_sg" {
+  type        = bool
+  default     = true
+  description = "Creates default security group if value is true"
 }