-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaws_security_group.default.tf
59 lines (51 loc) · 2.22 KB
/
aws_security_group.default.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
###############################################################################
### SECURITY GROUP (DEFAULT) ###
###############################################################################
# DEFAULT SECURITY GROUP FOR VPC
resource "aws_default_security_group" "main" {
count = var.manage_default_security_group ? 1 : 0
vpc_id = aws_vpc.main.id
dynamic "ingress" {
for_each = var.default_security_group_ingress
content {
self = lookup(ingress.value, "self", null)
cidr_blocks = compact(split(",", lookup(ingress.value, "cidr_blocks", "")))
ipv6_cidr_blocks = compact(split(",", lookup(ingress.value, "ipv6_cidr_blocks", "")))
prefix_list_ids = compact(split(",", lookup(ingress.value, "prefix_list_ids", "")))
security_groups = compact(split(",", lookup(ingress.value, "security_groups", "")))
description = lookup(ingress.value, "description", null)
from_port = lookup(ingress.value, "from_port", 0)
to_port = lookup(ingress.value, "to_port", 0)
protocol = lookup(ingress.value, "protocol", "-1")
}
}
dynamic "egress" {
for_each = var.default_security_group_egress
content {
self = lookup(egress.value, "self", null)
cidr_blocks = compact(split(",", lookup(egress.value, "cidr_blocks", "")))
ipv6_cidr_blocks = compact(split(",", lookup(egress.value, "ipv6_cidr_blocks", "")))
prefix_list_ids = compact(split(",", lookup(egress.value, "prefix_list_ids", "")))
security_groups = compact(split(",", lookup(egress.value, "security_groups", "")))
description = lookup(egress.value, "description", null)
from_port = lookup(egress.value, "from_port", 0)
to_port = lookup(egress.value, "to_port", 0)
protocol = lookup(egress.value, "protocol", "-1")
}
}
tags = merge(
{
"Name" = format(
"%s-${terraform.workspace}-default-sg",
var.name,
)
},
var.tags,
)
}
#######################################
# OUTPUTS
#######################################
output "default_security_group_id" {
value = aws_default_security_group.main[0].id
}