Skip to content

v0.63.0
Compare
Choose a tag to compare
@cloudpossebot cloudpossebot released this 09 Feb 21:02
0.63.0
d97111f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Allow disabling the default Security Group @ento (#160)

what

  • This PR adds a new variable, security_group_enabled (default: true), that lets you disable the creation of aws_security_group.ecs_service

why

  • Currently there is no way to disable the creation of aws_security_group.ecs_service, even if you disable its security group rules through var.enable_all_egress_rule, var.enable_icmp_rule, var.use_alb_security_group, and var.use_nlb_cidr_blocks.
  • In my case, I wanted to use my own security group by specifying its id in var.security_group_ids. Not being able to disable the creation of aws_security_group.ecs_service led to clutter in the list of security groups in AWS console and potential confusion as to which ones were actually used
  • It would also be an option to not create aws_security_group.ecs_service when no security group rules would be created, but I thought it better to have an explicit variable for controlling it

Contributors

ento
Assets 2
Loading