generated from DNXLabs/terraform-aws-template
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsecurity_groups.tf
31 lines (28 loc) · 1.28 KB
/
security_groups.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
resource "aws_security_group" "default" {
name = format("%.255s", "tf-sg-ec-${var.name}-${var.env}-${var.vpc_id}")
description = "Terraform-managed ElastiCache security group for ${var.name}-${var.env}-${var.vpc_id}"
vpc_id = var.vpc_id
tags = {
Name = "tf-sg-ec-${var.name}-${var.env}-${var.vpc_id}"
}
}
resource "aws_security_group_rule" "inbound_from_sg" {
for_each = { for security_group_id in var.allow_security_group_ids : security_group_id.name => security_group_id }
type = "ingress"
from_port = var.port
to_port = var.port
protocol = "tcp"
source_security_group_id = each.value.security_group_id
security_group_id = aws_security_group.default.id
description = try(each.value.description, "From ${each.value.security_group_id}")
}
resource "aws_security_group_rule" "networks_ingress" {
for_each = { for cidr in var.allowed_cidr : cidr.name => cidr }
type = "ingress"
from_port = var.port
to_port = var.port
protocol = "tcp"
cidr_blocks = [each.value.cidr]
security_group_id = aws_security_group.default.id
description = try(each.value.description, "From ${each.value.cidr}")
}