-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
37 lines (33 loc) · 1.25 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
locals {
extra_tags = {
role = "consul_client_vault_vpc"
route = "public"
}
name = var.name
security_group_id = length(aws_security_group.consul_client) > 0 ? aws_security_group.consul_client[0].id : null
}
resource "aws_security_group" "consul_client" {
count = var.create_vpc ? 1 : 0
name = local.name
description = "Security group for Consul Clients"
vpc_id = var.vpc_id
tags = merge(tomap({ "Name" : local.name }), var.common_tags, local.extra_tags)
}
module "security_group_rules" {
count = var.create_vpc ? 1 : 0
source = "github.com/hashicorp/terraform-aws-consul.git//modules/consul-client-security-group-rules?ref=v0.8.0"
allowed_inbound_security_group_ids = var.allowed_inbound_security_group_ids
allowed_inbound_security_group_count = var.allowed_inbound_security_group_count
allowed_inbound_cidr_blocks = var.allowed_inbound_cidr_blocks
security_group_id = local.security_group_id
}
resource "aws_security_group_rule" "allow_inbound" {
count = var.create_vpc ? 1 : 0
type = "ingress"
from_port = "0"
to_port = "0"
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
description = "all incoming traffic"
security_group_id = local.security_group_id
}