forked from erozedguy/terraform-aws-vpc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
75 lines (74 loc) · 1.98 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
variable "networking" {
type = object({
cidr_block = string
region = string
vpc_name = string
azs = list(string)
public_subnets = list(string)
private_subnets = list(string)
nat_gateways = bool
})
default = {
cidr_block = "10.0.0.0/16"
region = "us-east-1"
vpc_name = "custom-vpc"
azs = ["us-east-1a", "us-east-1b"]
public_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
private_subnets = ["10.0.3.0/24", "10.0.4.0/24"]
nat_gateways = true
}
}
variable "security_groups" {
type = list(object({
name = string
description = string
ingress = list(object({
description = string
protocol = string
from_port = number
to_port = number
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
}))
egress = list(object({
description = string
protocol = string
from_port = number
to_port = number
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
}))
}))
default = [{
name = "custom-security-group"
description = "Inbound & Outbound traffic for custom-security-group"
ingress = [
{
description = "Allow HTTPS"
protocol = "tcp"
from_port = 443
to_port = 443
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = null
},
{
description = "Allow HTTP"
protocol = "tcp"
from_port = 80
to_port = 80
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = null
},
]
egress = [
{
description = "Allow all outbound traffic"
protocol = "-1"
from_port = 0
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
]
}]
}