Description
The initial release of the security group module.
Changelog available here.
TL; DR
A new terraform module to allow creation of n
security groups with a VPC, along with easy definition of rules for each group.
NEW
- For each dictionary provided, this module:
- Creates an AWS security group
- For each dictionary in
rules
:- Create a new rule as appropriate and associate with the newly created security group
Please see examples folder for example instantiation of module.
SUPPORTED MODULE DATA STRUCTURE
Data structure
---------------
A list of dictionaries, where each dictionary has the following attributes:
REQUIRED
---------
- suffix : Security group suffix to use for naming and unique identifiers
- description : Description to give to the security group
OPTIONAL
---------
- rules: A list of dictionaries, where each dictionary has the following values:
-- name : Friendly name used through Terraform for instantiation and cross-referencing
-- type : Ingress/egress
-- from_port : Start port
-- to_port : End port
-- protocol : Protocol. If not icmp, icmpv6, tcp, udp, or all use the protocol number.
-- description : Friendly description of the rule, required for auditing purposes.
In addition, the following optional args are available:
-- cidr_blocks : List of CIDR blocks. Cannot be specified with source_security_group_id or self.
-- ipv6_cidr_blocks : List of IPv6 CIDR blocks. Cannot be specified with source_security_group_id or self.
-- prefix_list_ids : List of Prefix List IDs.
-- self : Whether the security group itself will be added as a source to this ingress rule. Cannot be specified with cidr_blocks, ipv6_cidr_blocks, or source_security_group_id.
-- source_security_group_id : Security group id to allow access to/from, depending on the type. Cannot be specified with cidr_blocks, ipv6_cidr_blocks, or self.
FEEDBACK
Submit suggestions for improvements to [email protected].