Skip to content

Releases: sudoblark/sudoblark.terraform.module.aws.security_group

Initial module setup

14 Sep 11:10
@benjaminlukeclark benjaminlukeclark
1.0.0
d8bd5d3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Initial module setup Latest
Latest

Description

The initial release of the security group module.

Changelog available here.

TL; DR

A new terraform module to allow creation of n security groups with a VPC, along with easy definition of rules for each group.

NEW

  • For each dictionary provided, this module:
    • Creates an AWS security group
    • For each dictionary in rules:
      • Create a new rule as appropriate and associate with the newly created security group

Please see examples folder for example instantiation of module.

SUPPORTED MODULE DATA STRUCTURE

Data structure
---------------
A list of dictionaries, where each dictionary has the following attributes:

REQUIRED
---------
- suffix                : Security group suffix to use for naming and unique identifiers
- description           : Description to give to the security group

OPTIONAL
---------
- rules: A list of dictionaries, where each dictionary has the following values:
-- name                 : Friendly name used through Terraform for instantiation and cross-referencing
-- type                 : Ingress/egress
-- from_port            : Start port
-- to_port              : End port
-- protocol             : Protocol. If not icmp, icmpv6, tcp, udp, or all use the protocol number.
-- description          : Friendly description of the rule, required for auditing purposes.

In addition, the following optional args are available:
-- cidr_blocks               : List of CIDR blocks. Cannot be specified with source_security_group_id or self.
-- ipv6_cidr_blocks          : List of IPv6 CIDR blocks. Cannot be specified with source_security_group_id or self.
-- prefix_list_ids           : List of Prefix List IDs.
-- self                      : Whether the security group itself will be added as a source to this ingress rule. Cannot be specified with cidr_blocks, ipv6_cidr_blocks, or source_security_group_id.
-- source_security_group_id  : Security group id to allow access to/from, depending on the type. Cannot be specified with cidr_blocks, ipv6_cidr_blocks, or self.

FEEDBACK

Submit suggestions for improvements to [email protected].

Assets 2
Loading