├── versions.tf
├── examples
├── disabled
│ ├── outputs.tf
│ ├── README.md
│ └── main.tf
├── existing
│ ├── outputs.tf
│ ├── README.md
│ └── main.tf
├── complete
│ ├── tfvars
│ │ └── 01-update.tfvars
│ ├── outputs.tf
│ ├── variables.tf
│ ├── README.md
│ └── main.tf
├── dynamic
│ ├── outputs.tf
│ ├── README.md
│ └── main.tf
├── http
│ ├── outputs.tf
│ ├── README.md
│ └── main.tf
├── computed
│ ├── outputs.tf
│ ├── README.md
│ └── main.tf
└── enterprise-group
│ ├── outputs.tf
│ ├── main.tf
│ └── README.md
├── .gitignore
├── modules
├── nfs
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── ntp
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── rdp
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── ssh
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── web
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── kafka
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── ldaps
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── mssql
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── mysql
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── nomad
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── redis
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── squid
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── storm
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── winrm
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── consul
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── http-80
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── mongodb
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── openvpn
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── puppet
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── splunk
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── zipkin
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── rabbitmq
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── redshift
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── cassandra
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── http-8080
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── https-443
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── ipsec-500
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── memcached
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── oracle-db
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── zookeeper
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── https-8443
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── ipsec-4500
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── postgresql
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── elasticsearch
│ ├── README.md
│ ├── auto_values.tf
│ ├── outputs.tf
│ └── main.tf
├── carbon-relay-ng
│ ├── README.md
│ ├── outputs.tf
│ ├── auto_values.tf
│ └── main.tf
├── _templates
│ ├── outputs.tf
│ └── main.tf
└── README.md
├── locals.tf
├── outputs.tf
├── LICENSE
├── .github
└── workflows
│ ├── release.yml
│ └── weekly_e2e.yml
├── .releaserc.json
├── scripts
├── curl_fc_trigger.go
├── terraform-test.sh
└── e2e_check.go
└── CHANGELOG.md
/versions.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.13"
3 | }
--------------------------------------------------------------------------------
/examples/disabled/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.complete_sg_disabled.this_security_group_id
4 | }
--------------------------------------------------------------------------------
/examples/existing/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.complete_sg_using_existing.this_security_group_id
4 | }
--------------------------------------------------------------------------------
/examples/complete/tfvars/01-update.tfvars:
--------------------------------------------------------------------------------
1 | #################
2 | # security-group
3 | #################
4 | name = "update-tf-testacc-sg"
5 | description = "update-tf-testacc-description"
6 | tags = {
7 | Name = "updateSG"
8 | }
9 |
10 | #################
11 | # ingress_rules
12 | #################
13 | rule_description = "update-tf-testacc-rulw-description"
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Compiled files
2 | *.tfstate
3 | *.tfstate.backup
4 | *.terraform.*
5 |
6 | # Module directory
7 | .terraform/
8 |
9 | # terraform log
10 | *.log
11 |
12 | # auto-generated key pair file
13 | *.pem
14 |
15 | # tools files
16 | .DS_Store
17 | .idea
18 |
19 | # others
20 | *.bak
21 | *.bk
22 | **/.terraform/*
23 | .terraform.lock.hcl
24 | .terraform.tfstate.lock.info
--------------------------------------------------------------------------------
/modules/nfs/README.md:
--------------------------------------------------------------------------------
1 | # nfs - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "nfs_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/nfs"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/ntp/README.md:
--------------------------------------------------------------------------------
1 | # ntp - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "ntp_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/ntp"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/rdp/README.md:
--------------------------------------------------------------------------------
1 | # rdp - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "rdp_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/rdp"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/ssh/README.md:
--------------------------------------------------------------------------------
1 | # ssh - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "ssh_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/ssh"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/web/README.md:
--------------------------------------------------------------------------------
1 | # web - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "web_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/web"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/kafka/README.md:
--------------------------------------------------------------------------------
1 | # kafka - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "kafka_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/kafka"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/ldaps/README.md:
--------------------------------------------------------------------------------
1 | # ldaps - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "ldaps_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/ldaps"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/mssql/README.md:
--------------------------------------------------------------------------------
1 | # mssql - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "mssql_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/mssql"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/mysql/README.md:
--------------------------------------------------------------------------------
1 | # mysql - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "mysql_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/mysql"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/nomad/README.md:
--------------------------------------------------------------------------------
1 | # nomad - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "nomad_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/nomad"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/redis/README.md:
--------------------------------------------------------------------------------
1 | # redis - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "redis_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/redis"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/squid/README.md:
--------------------------------------------------------------------------------
1 | # squid - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "squid_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/squid"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/storm/README.md:
--------------------------------------------------------------------------------
1 | # storm - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "storm_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/storm"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/winrm/README.md:
--------------------------------------------------------------------------------
1 | # winrm - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "winrm_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/winrm"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/consul/README.md:
--------------------------------------------------------------------------------
1 | # consul - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "consul_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/consul"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/http-80/README.md:
--------------------------------------------------------------------------------
1 | # http-80 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "http_80_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/http-80"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/mongodb/README.md:
--------------------------------------------------------------------------------
1 | # mongodb - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "mongodb_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/mongodb"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/openvpn/README.md:
--------------------------------------------------------------------------------
1 | # openvpn - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "openvpn_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/openvpn"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/puppet/README.md:
--------------------------------------------------------------------------------
1 | # puppet - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "puppet_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/puppet"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/splunk/README.md:
--------------------------------------------------------------------------------
1 | # splunk - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "splunk_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/splunk"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/zipkin/README.md:
--------------------------------------------------------------------------------
1 | # zipkin - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "zipkin_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/zipkin"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/rabbitmq/README.md:
--------------------------------------------------------------------------------
1 | # rabbitmq - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "rabbitmq_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/rabbitmq"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/redshift/README.md:
--------------------------------------------------------------------------------
1 | # redshift - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "redshift_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/redshift"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/cassandra/README.md:
--------------------------------------------------------------------------------
1 | # cassandra - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "cassandra_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/cassandra"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/http-8080/README.md:
--------------------------------------------------------------------------------
1 | # http-8080 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "http_8080_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/http-8080"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/https-443/README.md:
--------------------------------------------------------------------------------
1 | # https-443 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "https_443_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/https-443"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/ipsec-500/README.md:
--------------------------------------------------------------------------------
1 | # ipsec-500 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "ipsec_500_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/ipsec-500"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/memcached/README.md:
--------------------------------------------------------------------------------
1 | # memcached - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "memcached_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/memcached"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/oracle-db/README.md:
--------------------------------------------------------------------------------
1 | # oracle-db - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "oracle_db_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/oracle-db"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/zookeeper/README.md:
--------------------------------------------------------------------------------
1 | # zookeeper - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "zookeeper_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/zookeeper"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/https-8443/README.md:
--------------------------------------------------------------------------------
1 | # https-8443 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "https_8443_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/https-8443"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/ipsec-4500/README.md:
--------------------------------------------------------------------------------
1 | # ipsec-4500 - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "ipsec_4500_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/ipsec-4500"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/postgresql/README.md:
--------------------------------------------------------------------------------
1 | # postgresql - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "postgresql_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/postgresql"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/elasticsearch/README.md:
--------------------------------------------------------------------------------
1 | # elasticsearch - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "elasticsearch_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/elasticsearch"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/carbon-relay-ng/README.md:
--------------------------------------------------------------------------------
1 | # carbon-relay-ng - Alibaba Cloud Security Group Terraform module
2 |
3 | ## Usage
4 |
5 | ```hcl
6 | module "carbon_relay-ng_security_group" {
7 | source = "alibaba/security-group/alicloud//modules/carbon-relay-ng"
8 | version = "~> 2.0"
9 |
10 | # omitted...
11 | }
12 | ```
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/modules/nfs/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["nfs-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/ntp/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["ntp-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/ssh/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["ssh-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/locals.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | # set a default sg name
3 | default_name = "terraform-sg-${replace(random_uuid.this.result, "-", "")}"
4 | group_name = var.group_name != "" ? var.group_name : var.this_module_name != "" ? var.this_module_name : var.name != "" ? var.name : local.default_name
5 | description = var.group_description != "" ? var.group_description : var.description
6 |
7 | # Get ID of created Security Group
8 | this_sg_id = var.existing_group_id != "" ? var.existing_group_id : concat(alicloud_security_group.this.*.id, [""])[0]
9 | }
10 |
11 | resource "random_uuid" "this" {
12 | }
--------------------------------------------------------------------------------
/modules/ldaps/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["ldaps-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/mysql/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["mysql-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/redis/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["redis-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/http-80/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["http-80-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/kafka/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["kafka-broker-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/rdp/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["rdp-tcp", "rdp-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/redshift/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["redshift-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/squid/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["squid-proxy-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/http-8080/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["http-8080-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/https-443/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["https-443-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/https-8443/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["https-8443-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/ipsec-4500/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["ipsec-4500-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/ipsec-500/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["ipsec-500-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/memcached/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["memcached-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/oracle-db/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["oracle-db-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/postgresql/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["postgresql-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/puppet/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["puppet-tcp", "puppetdb-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/winrm/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["winrm-http-tcp", "winrm-https-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/openvpn/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["openvpn-udp", "openvpn-tcp", "openvpn-https-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/elasticsearch/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["elasticsearch-rest-tcp", "elasticsearch-java-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/storm/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["storm-nimbus-tcp", "storm-ui-tcp", "storm-supervisor-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/mongodb/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["mongodb-27017-tcp", "mongodb-27018-tcp", "mongodb-27019-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/web/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["http-80-tcp", "http-8080-tcp", "https-443-tcp", "web-jmx-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/mssql/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["mssql-tcp", "mssql-udp", "mssql-analytics-tcp", "mssql-broker-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/nfs/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/ntp/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/rdp/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/ssh/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/web/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/cassandra/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/consul/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/http-80/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/http-8080/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/https-443/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/ipsec-500/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/kafka/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/ldaps/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/memcached/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/mongodb/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/mssql/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/mysql/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/nomad/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["nomad-http-tcp", "nomad-rpc-tcp", "nomad-serf-tcp", "nomad-serf-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/nomad/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/openvpn/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/oracle-db/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/puppet/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/rabbitmq/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/redis/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/redshift/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/splunk/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/squid/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/storm/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/winrm/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/zipkin/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/zookeeper/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/_templates/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/elasticsearch/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/https-8443/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/ipsec-4500/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/postgresql/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/carbon-relay-ng/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.sg.this_security_group_description
19 | }
20 |
--------------------------------------------------------------------------------
/modules/cassandra/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["cassandra-clients-tcp", "cassandra-thrift-clients-tcp", "cassandra-jmx-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/splunk/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["splunk-indexer-tcp", "splunk-clients-tcp", "splunk-splunkd-tcp", "splunk-hec-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/zookeeper/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["zookeeper-2181-tcp", "zookeeper-2888-tcp", "zookeeper-3888-tcp", "zookeeper-jmx-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/examples/dynamic/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.http_sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.http_sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.http_sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.http_sg.this_security_group_description
19 | }
20 |
21 |
--------------------------------------------------------------------------------
/examples/http/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.http_sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.http_sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.http_sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.http_sg.this_security_group_description
19 | }
20 |
21 |
--------------------------------------------------------------------------------
/outputs.tf:
--------------------------------------------------------------------------------
1 | // Output the ID of the new VPC and Security Group created
2 | output "this_security_group_id" {
3 | description = "The ID of the security group"
4 | value = local.this_sg_id
5 | }
6 |
7 | output "this_security_group_vpc_id" {
8 | description = "The VPC ID"
9 | value = var.vpc_id
10 | }
11 |
12 | output "this_security_group_name" {
13 | description = "The name of the security group"
14 | value = alicloud_security_group.this.*.security_group_name
15 | }
16 |
17 | output "this_security_group_description" {
18 | description = "The description of the security group"
19 | value = alicloud_security_group.this.*.description
20 | }
21 |
--------------------------------------------------------------------------------
/examples/complete/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.complete_sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.complete_sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.complete_sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.complete_sg.this_security_group_description
19 | }
--------------------------------------------------------------------------------
/examples/computed/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.http_sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.http_sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.http_sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.http_sg.this_security_group_description
19 | }
20 |
21 |
--------------------------------------------------------------------------------
/modules/rabbitmq/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["rabbitmq-4369-tcp", "rabbitmq-5671-tcp", "rabbitmq-5672-tcp", "rabbitmq-15672-tcp", "rabbitmq-25672-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/zipkin/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["zipkin-admin-tcp", "zipkin-admin-query-tcp", "zipkin-admin-web-tcp", "zipkin-query-tcp", "zipkin-web-tcp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/modules/carbon-relay-ng/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["carbon-line-in-tcp", "carbon-line-in-udp", "carbon-pickle-tcp", "carbon-pickle-udp", "carbon-gui-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/examples/enterprise-group/outputs.tf:
--------------------------------------------------------------------------------
1 | output "this_security_group_id" {
2 | description = "The ID of the security group"
3 | value = module.enterprise_sg.this_security_group_id
4 | }
5 |
6 | output "this_security_group_vpc_id" {
7 | description = "The VPC ID"
8 | value = module.enterprise_sg.this_security_group_vpc_id
9 | }
10 |
11 | output "this_security_group_name" {
12 | description = "The name of the security group"
13 | value = module.enterprise_sg.this_security_group_name
14 | }
15 |
16 | output "this_security_group_description" {
17 | description = "The description of the security group"
18 | value = module.enterprise_sg.this_security_group_description
19 | }
--------------------------------------------------------------------------------
/modules/consul/auto_values.tf:
--------------------------------------------------------------------------------
1 | # This file was generated from values defined in rules.tf using update_groups.sh.
2 | ###################################
3 | # DO NOT CHANGE THIS FILE MANUALLY
4 | ###################################
5 |
6 | variable "auto_ingress_rules" {
7 | description = "List of ingress rules to add automatically"
8 | type = list(string)
9 | default = ["consul-tcp", "consul-cli-rpc-tcp", "consul-webui-tcp", "consul-dns-tcp", "consul-dns-udp", "consul-serf-lan-tcp", "consul-serf-lan-udp", "consul-serf-wan-tcp", "consul-serf-wan-udp"]
10 | }
11 |
12 | variable "auto_egress_rules" {
13 | description = "List of egress rules to add automatically"
14 | type = list(string)
15 | default = ["all-all"]
16 | }
17 |
18 |
19 |
--------------------------------------------------------------------------------
/examples/enterprise-group/main.tf:
--------------------------------------------------------------------------------
1 | variable "region" {
2 | default = "cn-hangzhou"
3 | }
4 |
5 | variable "profile" {
6 | default = "default"
7 | }
8 |
9 | provider "alicloud" {
10 | region = var.region
11 | profile = var.profile
12 | }
13 |
14 | #######################################
15 | # Create an enterprise security group
16 | #######################################
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | module "enterprise_sg" {
22 | source = "../../"
23 | profile = var.profile
24 | region = var.region
25 | vpc_id = data.alicloud_vpcs.default.ids.0
26 | security_group_type = "enterprise"
27 | description = "enterprise security group"
28 | }
29 |
30 |
--------------------------------------------------------------------------------
/examples/complete/variables.tf:
--------------------------------------------------------------------------------
1 | #################
2 | # Security group
3 | #################
4 | variable "name" {
5 | description = "Name of security group. It is used to create a new security group. A random name prefixed with 'terraform-sg-' will be set if it is empty."
6 | type = string
7 | default = "tf-testacc-sg"
8 | }
9 |
10 | variable "description" {
11 | description = "Description of security group"
12 | type = string
13 | default = "tf-testacc-description"
14 | }
15 |
16 | variable "tags" {
17 | description = "A mapping of tags to assign to security group"
18 | type = map(string)
19 | default = {
20 | Name = "SG"
21 | }
22 | }
23 |
24 | ##########
25 | # Ingress
26 | ##########
27 | variable "rule_description" {
28 | description = "The description of the security group rule."
29 | type = string
30 | default = "tf-testacc-rulw-description"
31 | }
--------------------------------------------------------------------------------
/examples/disabled/README.md:
--------------------------------------------------------------------------------
1 | # Disabled Security Group example
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | This example aims to show setting `create = false` will not create a new security group.
8 |
9 | ## Usage
10 |
11 | To run this example you need to execute:
12 |
13 | ```bash
14 | $ terraform init
15 | $ terraform plan
16 | $ terraform apply
17 | ```
18 |
19 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
20 |
21 |
22 | ## Outputs
23 |
24 | | Name | Description |
25 | |------|-------------|
26 | | this\_security\_group\_id | The ID of the security group |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/examples/existing/README.md:
--------------------------------------------------------------------------------
1 | # Existing Security Group example
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | This example aims to show that if setting `create = false`, can use an existing security group to create rules.
8 |
9 | ## Usage
10 |
11 | To run this example you need to execute:
12 |
13 | ```bash
14 | $ terraform init
15 | $ terraform plan
16 | $ terraform apply
17 | ```
18 |
19 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
20 |
21 |
22 | ## Outputs
23 |
24 | | Name | Description |
25 | |------|-------------|
26 | | this\_security\_group\_id | The ID of the security group |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/examples/enterprise-group/README.md:
--------------------------------------------------------------------------------
1 | # Enterprise Security Group example
2 |
3 | Configuration in this directory creates an enterprise Security Group.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | ## Usage
8 |
9 | To run this example you need to execute:
10 |
11 | ```bash
12 | $ terraform init
13 | $ terraform plan
14 | $ terraform apply
15 | ```
16 |
17 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
18 |
19 |
20 | ## Outputs
21 |
22 | | Name | Description |
23 | |------|-------------|
24 | | this\_security\_group\_description | The description of the security group |
25 | | this\_security\_group\_id | The ID of the security group |
26 | | this\_security\_group\_name | The name of the security group |
27 | | this\_security\_group\_vpc\_id | The VPC ID |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/examples/http/README.md:
--------------------------------------------------------------------------------
1 | # HTTP Security Group example
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination to for `http` scenario.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | ## Usage
8 |
9 | To run this example you need to execute:
10 |
11 | ```bash
12 | $ terraform init
13 | $ terraform plan
14 | $ terraform apply
15 | ```
16 |
17 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
18 |
19 |
20 | ## Outputs
21 |
22 | | Name | Description |
23 | |------|-------------|
24 | | this\_security\_group\_description | The description of the security group |
25 | | this\_security\_group\_id | The ID of the security group |
26 | | this\_security\_group\_name | The name of the security group |
27 | | this\_security\_group\_vpc\_id | The VPC ID |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/examples/complete/README.md:
--------------------------------------------------------------------------------
1 | # Complete
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources.
4 |
5 | ## Usage
6 |
7 | To run this example you need to execute:
8 |
9 | ```bash
10 | $ terraform init
11 | $ terraform plan
12 | $ terraform apply
13 | ```
14 |
15 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
16 |
17 | This example provides the tf variables file in the folder `tfvars`. If you want to create or update this example,
18 | you can run this example as the following commands:
19 | ```bash
20 | $ terraform plan -var-file=tfvars/01-update.tfvars
21 | $ terraform apply -var-file=tfvars/01-update.tfvars
22 | ```
23 |
24 | Also, you can add more variables files in the folder `tfvars`.
25 |
26 |
27 | ## Requirements
28 |
29 | | Name | Version |
30 | |------|---------|
31 | | [terraform](#requirement\_terraform) | >= 0.13.0 |
32 | | [alicloud](#requirement\_alicloud) | >= 1.56.0 |
--------------------------------------------------------------------------------
/examples/dynamic/README.md:
--------------------------------------------------------------------------------
1 | # Dynamic Security Group example
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | This example aims to show rules' `source_security_group_id` can come from a dynamic source, like data source.
8 |
9 | ## Usage
10 |
11 | To run this example you need to execute:
12 |
13 | ```bash
14 | $ terraform init
15 | $ terraform plan
16 | $ terraform apply
17 | ```
18 |
19 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
20 |
21 |
22 | ## Outputs
23 |
24 | | Name | Description |
25 | |------|-------------|
26 | | this\_security\_group\_description | The description of the security group |
27 | | this\_security\_group\_id | The ID of the security group |
28 | | this\_security\_group\_name | The name of the security group |
29 | | this\_security\_group\_vpc\_id | The VPC ID |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 Terraform Alibaba Cloud Modules
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/examples/computed/README.md:
--------------------------------------------------------------------------------
1 | # Computed Security Group example
2 |
3 | Configuration in this directory creates set of Security Group and Security Group Rules resources in various combination.
4 |
5 | Data sources are used to discover existing VPC resources (VPC and default security group).
6 |
7 | This example aims to show rules' `source_security_group_id` can come from another security group module or resource.
8 |
9 | ## Usage
10 |
11 | To run this example you need to execute:
12 |
13 | ```bash
14 | $ terraform init
15 | $ terraform plan
16 | $ terraform apply
17 | ```
18 |
19 | Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
20 |
21 |
22 | ## Outputs
23 |
24 | | Name | Description |
25 | |------|-------------|
26 | | this\_security\_group\_description | The description of the security group |
27 | | this\_security\_group\_id | The ID of the security group |
28 | | this\_security\_group\_name | The name of the security group |
29 | | this\_security\_group\_vpc\_id | The VPC ID |
30 |
31 |
32 |
--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
1 | name: Release
2 |
3 | on:
4 | workflow_dispatch:
5 |
6 | jobs:
7 | release:
8 | name: Release
9 | runs-on: ubuntu-latest
10 | if: github.repository_owner == 'alibabacloud-automation' && github.actor == 'shanye997'
11 | steps:
12 | - name: Checkout
13 | uses: actions/checkout@v4
14 | with:
15 | persist-credentials: false
16 | fetch-depth: 0
17 |
18 | - name: Release
19 | id: semantic
20 | uses: cycjimmy/semantic-release-action@v4
21 | with:
22 | semantic_version: 23.0.2
23 | extra_plugins: |
24 | @semantic-release/changelog@6.0.3
25 | @semantic-release/git@10.0.1
26 | conventional-changelog-conventionalcommits@7.0.2
27 | env:
28 | GITHUB_TOKEN: ${{ secrets.SEMANTIC_RELEASE_TOKEN }}
29 |
30 | - name: Trigger Metadata Upload
31 | if: steps.semantic.outputs.new_release_published == 'true'
32 | run: |
33 | url="${{ secrets.FC_UPLOAD_META_ENDPOINT }}/?from=git&syncModuleMeta=true&moduleName=${{ github.event.repository.name }}&moduleVersion=${{ steps.semantic.outputs.new_release_version }}"
34 | echo "Uploading metadata to $url"
35 | curl -H "X-Fc-Invocation-Type:Async" \
36 | -s "$url"
37 |
--------------------------------------------------------------------------------
/examples/dynamic/main.tf:
--------------------------------------------------------------------------------
1 | variable "profile" {
2 | default = "default"
3 | }
4 | variable "region" {
5 | default = "cn-hangzhou"
6 | }
7 |
8 | provider "alicloud" {
9 | region = var.region
10 | profile = var.profile
11 | }
12 |
13 | #############################################################
14 | # Data sources to get VPC and default security group details
15 | #############################################################
16 |
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | resource "alicloud_security_group" "default" {
22 | vpc_id = data.alicloud_vpcs.default.ids.0
23 | }
24 | ###########################
25 | # Security groups examples
26 | ###########################
27 |
28 | #######
29 | # HTTP
30 | #######
31 | module "http_sg" {
32 | source = "../../modules/http-80"
33 | profile = var.profile
34 | region = var.region
35 |
36 | name = "dynamic-http-sg"
37 | description = "Security group with HTTP port open for everyone, and HTTPS open just for the default security group"
38 | vpc_id = data.alicloud_vpcs.default.ids.0
39 |
40 | ingress_cidr_blocks = ["0.0.0.0/0"]
41 |
42 | ingress_with_source_security_group_id = [
43 | {
44 | rule = "https-443-tcp"
45 | source_security_group_id = alicloud_security_group.default.id
46 | },
47 | ]
48 | }
--------------------------------------------------------------------------------
/.releaserc.json:
--------------------------------------------------------------------------------
1 | {
2 | "branches": [
3 | "main",
4 | "master"
5 | ],
6 | "plugins": [
7 | [
8 | "@semantic-release/commit-analyzer",
9 | {
10 | "preset": "conventionalcommits",
11 | "releaseRules": [
12 | {
13 | "type": "docs",
14 | "release": "patch"
15 | }
16 | ]
17 | }
18 | ],
19 | [
20 | "@semantic-release/release-notes-generator",
21 | {
22 | "preset": "conventionalcommits"
23 | }
24 | ],
25 | [
26 | "@semantic-release/github",
27 | {
28 | "successComment": false,
29 | "labels": false,
30 | "releasedLabels": false
31 | }
32 | ],
33 | [
34 | "@semantic-release/changelog",
35 | {
36 | "changelogFile": "CHANGELOG.md"
37 | }
38 | ],
39 | [
40 | "@semantic-release/git",
41 | {
42 | "assets": [
43 | "CHANGELOG.md"
44 | ],
45 | "message": "chore(release): CHANGELOG v${nextRelease.version}"
46 | }
47 | ]
48 | ]
49 | }
--------------------------------------------------------------------------------
/scripts/curl_fc_trigger.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "crypto/rand"
5 | "encoding/json"
6 | "fmt"
7 | "io"
8 | "log"
9 | "math/big"
10 | "net/http"
11 | "os"
12 | "strings"
13 | )
14 |
15 | var urlPrefix = "https://terraform-fc-test-for-example-module.oss-ap-southeast-1.aliyuncs.com"
16 |
17 | func main() {
18 | if len(os.Args)!=4{
19 | log.Println("[ERROR] invalid args")
20 | return
21 | }
22 | branch := strings.TrimSpace(os.Args[1])
23 | repoName := strings.TrimSpace(os.Args[2])
24 | ossObjectPath := strings.TrimSpace(os.Args[3])
25 |
26 | // get trigger url
27 | fcTriggerUrl := urlPrefix + "/fcUrls.json"
28 | response, err := http.Get(fcTriggerUrl)
29 | if err != nil {
30 | log.Println("[ERROR] get fc trigger url failed")
31 | }
32 | defer response.Body.Close()
33 |
34 | content, _ := io.ReadAll(response.Body)
35 | var data interface{}
36 | json.Unmarshal(content, &data)
37 | triggerMap := data.(map[string]interface{})
38 |
39 | n, _ := rand.Int(rand.Reader, big.NewInt(100))
40 | index := int(n.Int64()) % len(triggerMap)
41 | triggerUrl := triggerMap[fmt.Sprintf("%d", index)]
42 | fmt.Println(triggerUrl)
43 |
44 | // curl
45 | client := &http.Client{}
46 | req, err := http.NewRequest("GET", triggerUrl.(string),
47 | nil)
48 | if err != nil {
49 | panic(err)
50 | }
51 | req.Header.Add("X-Fc-Invocation-Type", "Async")
52 |
53 | query := req.URL.Query()
54 | query.Add("branch", branch)
55 | query.Add("repo_name", repoName)
56 | query.Add("oss_object_path", ossObjectPath)
57 | req.URL.RawQuery = query.Encode()
58 |
59 | if _, err := client.Do(req); err != nil {
60 | log.Printf("[ERROR] fail to trigger fc test, err: %s", err)
61 | }
62 |
63 | }
64 |
--------------------------------------------------------------------------------
/examples/disabled/main.tf:
--------------------------------------------------------------------------------
1 | variable "profile" {
2 | default = "default"
3 | }
4 | variable "region" {
5 | default = "cn-hangzhou"
6 | }
7 |
8 | provider "alicloud" {
9 | region = var.region
10 | profile = var.profile
11 | }
12 |
13 | #############################################################
14 | # Data sources to get VPC and default security group details
15 | #############################################################
16 |
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | resource "alicloud_security_group" "default" {
22 | vpc_id = data.alicloud_vpcs.default.ids.0
23 | }
24 |
25 | ########################################################
26 | # Security groups WILL NOT be created by these examples
27 | ########################################################
28 | module "complete_sg_disabled" {
29 | source = "../../"
30 | profile = var.profile
31 | region = var.region
32 |
33 | existing_group_id = alicloud_security_group.default.id
34 |
35 | create = false
36 | name = "complete-sg"
37 | description = "Security group with all available arguments set (this is just an example)"
38 | vpc_id = data.alicloud_vpcs.default.ids.0
39 |
40 | ingress_cidr_blocks = ["0.0.0.0/0"]
41 | }
42 |
43 | module "http_sg_disabled" {
44 | source = "../../modules/http-80"
45 | profile = var.profile
46 | region = var.region
47 |
48 | existing_group_id = alicloud_security_group.default.id
49 |
50 | create = false
51 | name = "http-sg"
52 | description = "Security group with HTTP ports open for everybody (IPv4 CIDR), egress ports are all world open"
53 | vpc_id = data.alicloud_vpcs.default.ids.0
54 |
55 | ingress_cidr_blocks = ["0.0.0.0/0"]
56 | }
57 |
--------------------------------------------------------------------------------
/examples/existing/main.tf:
--------------------------------------------------------------------------------
1 | variable "profile" {
2 | default = "default"
3 | }
4 | variable "region" {
5 | default = "cn-hangzhou"
6 | }
7 |
8 | provider "alicloud" {
9 | region = var.region
10 | profile = var.profile
11 | }
12 |
13 | #############################################################
14 | # Data sources to get VPC and default security group details
15 | #############################################################
16 |
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | resource "alicloud_security_group" "default" {
22 | vpc_id = data.alicloud_vpcs.default.ids.0
23 | }
24 |
25 | ########################################################
26 | # Security groups WILL NOT be created and WILL use a existing one by these examples
27 | ########################################################
28 | module "complete_sg_using_existing" {
29 | source = "../../"
30 | profile = var.profile
31 | region = var.region
32 |
33 | existing_group_id = alicloud_security_group.default.id
34 |
35 | create = false
36 | name = "complete-sg"
37 | description = "Security group with all available arguments set (this is just an example)"
38 | vpc_id = data.alicloud_vpcs.default.ids.0
39 |
40 | ingress_cidr_blocks = ["0.0.0.0/0"]
41 | }
42 |
43 | module "http_sg_using_existing" {
44 | source = "../../modules/http-80"
45 | profile = var.profile
46 | region = var.region
47 |
48 | existing_group_id = alicloud_security_group.default.id
49 |
50 | create = false
51 | name = "http-sg"
52 | description = "Security group with HTTP ports open for everybody (IPv4 CIDR), egress ports are all world open"
53 | vpc_id = data.alicloud_vpcs.default.ids.0
54 |
55 | ingress_cidr_blocks = ["0.0.0.0/0"]
56 | }
--------------------------------------------------------------------------------
/examples/computed/main.tf:
--------------------------------------------------------------------------------
1 | variable "profile" {
2 | default = "default"
3 | }
4 | variable "region" {
5 | default = "cn-hangzhou"
6 | }
7 |
8 | provider "alicloud" {
9 | region = var.region
10 | profile = var.profile
11 | }
12 |
13 | #############################################################
14 | # Data sources to get VPC and default security group details
15 | #############################################################
16 |
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | resource "alicloud_security_group" "default" {
22 | vpc_id = data.alicloud_vpcs.default.ids.0
23 | }
24 |
25 | ###########################
26 | # Security groups examples
27 | ###########################
28 | module "http_sg" {
29 | source = "../../modules/https-443"
30 | profile = "Your-Profile-Name"
31 | region = var.region
32 |
33 | name = "computed-http-sg"
34 | description = "Security group with HTTP port open for everyone, and HTTPS open just for the default security group"
35 | vpc_id = data.alicloud_vpcs.default.ids.0
36 |
37 | ingress_cidr_blocks = ["0.0.0.0/0"]
38 |
39 | ingress_with_source_security_group_id = [
40 | {
41 | rule = "https-443-tcp"
42 | source_security_group_id = alicloud_security_group.default.id
43 | },
44 | ]
45 | }
46 |
47 | module "mysql_sg" {
48 | source = "../../modules/mysql"
49 | profile = "Your-Profile-Name"
50 | region = var.region
51 |
52 | name = "computed-mysql-sg"
53 | description = "Security group with MySQL/Aurora port open for HTTP security group created above (computed)"
54 | vpc_id = data.alicloud_vpcs.default.ids.0
55 |
56 | ingress_cidr_blocks = ["0.0.0.0/0"]
57 |
58 | ingress_with_source_security_group_id = [
59 | {
60 | rule = "mysql-tcp"
61 | source_security_group_id = module.http_sg.this_security_group_id
62 | },
63 | ]
64 | }
--------------------------------------------------------------------------------
/modules/nfs/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/ntp/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/rdp/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/ssh/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/web/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/cassandra/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/consul/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/http-80/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/http-8080/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/https-443/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/ipsec-500/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/kafka/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/ldaps/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/memcached/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/mongodb/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/mssql/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/mysql/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/nomad/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/openvpn/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/oracle-db/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/puppet/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/rabbitmq/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/redis/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/redshift/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/splunk/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/squid/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/storm/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/winrm/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/zipkin/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/zookeeper/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/_templates/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/elasticsearch/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/https-8443/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/ipsec-4500/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/postgresql/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/modules/carbon-relay-ng/main.tf:
--------------------------------------------------------------------------------
1 | module "sg" {
2 | source = "../../"
3 | region = var.region
4 | profile = var.profile
5 | shared_credentials_file = var.shared_credentials_file
6 | skip_region_validation = var.skip_region_validation
7 | create = var.create
8 | vpc_id = var.vpc_id
9 | name = var.name
10 | description = var.description
11 | existing_group_id = var.existing_group_id
12 | tags = var.tags
13 | security_group_type = var.security_group_type
14 |
15 |
16 | ##########
17 | # Ingress
18 | ##########
19 | # Rules by names - open for default CIDR
20 | ingress_rules = sort(compact(distinct(concat(var.auto_ingress_rules, var.ingress_rules, [""]))))
21 |
22 | # A priority is used when setting `ingress_rules`.
23 | priority_for_ingress_rules = var.priority_for_ingress_rules
24 |
25 | # Open to IPv4 cidr blocks with a cidr block list
26 | ingress_with_cidr_blocks = var.ingress_with_cidr_blocks
27 |
28 | # Open for security group id
29 | ingress_with_source_security_group_id = var.ingress_with_source_security_group_id
30 |
31 | # Open to IPv4 cidr blocks and ports with a cidr block port list
32 | ingress_with_cidr_blocks_and_ports = var.ingress_with_cidr_blocks_and_ports
33 |
34 | # The ingress port list
35 | ingress_ports = var.ingress_with_ports
36 |
37 | # The IPv4 CIDR ranges list to use on ingress cidrs rules.
38 | ingress_cidr_blocks = var.ingress_cidr_blocks
39 |
40 | # A default ingress priority.
41 | default_ingress_priority = var.default_ingress_priority
42 |
43 | #########
44 | # Egress
45 | #########
46 | # Rules by names - open for default CIDR
47 | egress_rules = sort(compact(distinct(concat(var.auto_egress_rules, var.egress_rules, [""]))))
48 |
49 | # A priority is used when setting `egress_rules`.
50 | priority_for_egress_rules = var.priority_for_egress_rules
51 |
52 | # Open to IPv4 cidr blocks with a cidr block list
53 | egress_with_cidr_blocks = var.egress_with_cidr_blocks
54 |
55 | # Open for security group id
56 | egress_with_source_security_group_id = var.egress_with_source_security_group_id
57 |
58 | # Open to IPv4 cidr blocks and ports with a cidr block port list
59 | egress_with_cidr_blocks_and_ports = var.egress_with_cidr_blocks_and_ports
60 |
61 | # The ingress port list
62 | egress_ports = var.egress_with_ports
63 |
64 | # The IPv4 CIDR ranges list to use on egress cidrs rules.
65 | egress_cidr_blocks = var.egress_cidr_blocks
66 |
67 | # A default egress priority.
68 | default_egress_priority = var.default_egress_priority
69 | }
70 |
--------------------------------------------------------------------------------
/.github/workflows/weekly_e2e.yml:
--------------------------------------------------------------------------------
1 | name: Weekly E2E Test Check
2 | on:
3 | workflow_dispatch:
4 | schedule:
5 | - cron: '0 0 * * 0'
6 |
7 | jobs:
8 | weekly-e2e-check:
9 | if: github.repository_owner == 'alibabacloud-automation'
10 | name: 'weekly e2e check'
11 | runs-on: ubuntu-latest
12 | permissions: write-all
13 | steps:
14 | - name: checkout
15 | uses: actions/checkout@v3
16 | - name: set id
17 | id: set-job-id
18 | uses: ayachensiyuan/get-action-job-id@v1.6
19 | env:
20 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
21 | with:
22 | job-name: 'weekly e2e check'
23 | - name: Get job id
24 | run: |
25 | echo "The current job id is ${{ steps.set-job-id.outputs.jobId }}"
26 | - name: Extract branch name
27 | shell: bash
28 | run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
29 | id: extract_branch
30 | - name: weekly e2e test
31 | run: |
32 | objectPath="github-action/${{github.repository}}/weekly-e2e/Action-${{github.run_number}}-${{github.run_id}}-${{ steps.set-job-id.outputs.jobId }}"
33 | echo "default branch: ${{ steps.extract_branch.outputs.branch }}"
34 | go run scripts/curl_fc_trigger.go ${{ steps.extract_branch.outputs.branch }} ${{github.repository}} ${objectPath}
35 | go run scripts/e2e_check.go ${objectPath}
36 | - name: whether to upload test record
37 | id: whether-to-upload-test-record
38 | run: |
39 | REPO_NAME=$(echo $GITHUB_REPOSITORY | cut -d'/' -f2)
40 | modules=$(curl -sL "https://terraform-fc-test-for-example-module.oss-ap-southeast-1.aliyuncs.com/testRecordReleased.json")
41 | if echo "$modules" | jq --arg key "$REPO_NAME" -re 'has($key)' | grep -q true; then
42 | echo "The key exists at the JSON object."
43 | echo "::set-output name=output_value::0"
44 | else
45 | echo "The key does not exist at the JSON object."
46 | echo "::set-output name=output_value::1"
47 | fi
48 | - name: update test record
49 | if: steps.whether-to-upload-test-record.outputs.output_value == 1
50 | run: |
51 | git add TestRecord.md
52 | cd .git
53 | sudo chmod -R a+rwX .
54 | sudo find . -type d -exec chmod g+s '{}' +
55 | - name: Commit & Push changes
56 | if: steps.whether-to-upload-test-record.outputs.output_value == 1
57 | uses: actions-js/push@master
58 | with:
59 | github_token: ${{ secrets.GITHUB_TOKEN }}
60 | message: 'Update TestRecord'
61 | branch: ${{ steps.extract_branch.outputs.branch }}
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | ## 2.5.0 (Unreleased)
2 | ## 2.4.1 (June 26, 2025)
3 |
4 | - fix: Add variable create_rules for security_group_rules [GH-42](https://github.com/alibabacloud-automation/terraform-alicloud-security-group/pull/42)
5 |
6 | ## 2.4.0 (August 29, 2021)
7 |
8 | IMPROVEMENTS:
9 | - Removes the provider setting and improves the Readme [GH-34](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/34)
10 |
11 | ## 2.3.0 (March 30, 2020)
12 |
13 | IMPROVEMENTS:
14 |
15 | - Supports `security_group_type` parameter.[GH-32](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/32)
16 |
17 | ## 2.2.1 (February 24, 2020)
18 |
19 | IMPROVEMENTS:
20 |
21 | - add profile for readme and examples [GH-31](https://github.com/terraform-alicloud-modules/terraform-alicloud-vpc/pull/31)
22 |
23 | ## 2.2.0 (February 19, 2020)
24 |
25 | IMPROVEMENTS:
26 |
27 | - improve(security group): modify provider version issues [GH-30](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/30)
28 |
29 | ## 2.1.0 (February 2, 2020)
30 |
31 | IMPROVEMENTS:
32 |
33 | - rollback random uuid [GH-28](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/28)
34 | - update modules using the latest parameters [GH-27](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/27)
35 | - improve with_cidr_blocks and with_ports [GH-26](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/26)
36 |
37 | ## 2.0.1 (December 24, 2019)
38 |
39 | IMPROVEMENTS:
40 |
41 | - improve variables' description [GH-24](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/24)
42 |
43 | ## 2.0.0 (December 23, 2019)
44 |
45 | - **Added:** `examples` [GH-18](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/18)
46 | - **Added:** `sub module` [GH-15](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/15)
47 | - **Added:** `sub module` [GH-12](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/12)
48 |
49 | IMPROVEMENTS:
50 |
51 | - improve README-CN [GH-23](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/23)
52 | - improve(security group): added changelog and modify the docs. [GH-22](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/22)
53 | - correct summodule source url [GH-21](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/21)
54 | - improve README [GH-20](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/20)
55 | - improve README [GH-19](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/19)
56 | - merge module ingress and egress [GH-17](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/17)
57 | - improve(security group): completed this module. [GH-16](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/16)
58 | - improve(security group): modified the source to absolute address. [GH-14](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/14)
59 | - improve(security group): supported use multi port list/multi cidr list to create rules. [GH-13](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/pull/13)
60 |
--------------------------------------------------------------------------------
/examples/http/main.tf:
--------------------------------------------------------------------------------
1 | variable "profile" {
2 | default = "default"
3 | }
4 | variable "region" {
5 | default = "cn-hangzhou"
6 | }
7 |
8 | provider "alicloud" {
9 | region = var.region
10 | profile = var.profile
11 | }
12 |
13 | #############################################################
14 | # Data sources to get VPC and default security group details
15 | #############################################################
16 |
17 | data "alicloud_vpcs" "default" {
18 | is_default = true
19 | }
20 |
21 | data "alicloud_security_groups" "default" {
22 | name_regex = "default"
23 | vpc_id = data.alicloud_vpcs.default.ids.0
24 | }
25 |
26 | ###########################
27 | # Security groups examples
28 | ###########################
29 |
30 | #######
31 | # HTTP
32 | #######
33 | module "http_sg" {
34 | source = "../../modules/http-80"
35 | profile = var.profile
36 | region = var.region
37 |
38 | name = "http-sg"
39 | description = "Security group with HTTP ports open for everybody (IPv4 CIDR), egress ports are all world open"
40 | vpc_id = data.alicloud_vpcs.default.ids.0
41 |
42 | ingress_cidr_blocks = ["0.0.0.0/0"]
43 | }
44 |
45 | #####################
46 | # HTTP with MySQL #1
47 | #####################
48 | module "http_mysql_1_sg" {
49 | source = "../../modules/http-80"
50 | profile = var.profile
51 | region = var.region
52 |
53 | name = "http-mysql-1"
54 |
55 | description = "Security group with HTTP and MySQL ports open for everybody (IPv4 CIDR)"
56 | vpc_id = data.alicloud_vpcs.default.ids.0
57 |
58 | ingress_cidr_blocks = ["0.0.0.0/0"]
59 |
60 | # Add MySQL rules
61 | ingress_rules = ["mysql-tcp"]
62 | }
63 |
64 | #####################
65 | # HTTP with MySQL #2
66 | #####################
67 | module "http_mysql_2_sg" {
68 | source = "../../modules/http-80"
69 | profile = var.profile
70 | region = var.region
71 |
72 | name = "http-mysql-2"
73 | description = "Security group with HTTP and MySQL ports open within current VPC"
74 | vpc_id = data.alicloud_vpcs.default.ids.0
75 |
76 | # Add mysql rules
77 | ingress_rules = ["mysql-tcp"]
78 |
79 | # Allow ingress rules to be accessed only within current VPC
80 | ingress_cidr_blocks = [data.alicloud_vpcs.default.vpcs.0.cidr_block]
81 | }
82 |
83 | ###########################
84 | # HTTP with egress minimal
85 | ###########################
86 | module "http_with_egress_minimal_sg" {
87 | source = "../../modules/http-80"
88 | profile = var.profile
89 | region = var.region
90 |
91 | name = "http-with-egress-minimal"
92 | description = "Security group with HTTP ports open within current VPC, and allow egress access to HTTP ports to the whole world"
93 | vpc_id = data.alicloud_vpcs.default.ids.0
94 |
95 | # Allow ingress rules to be accessed only within current VPC
96 | ingress_cidr_blocks = [data.alicloud_vpcs.default.vpcs.0.cidr_block]
97 |
98 | # Allow all rules for all protocols
99 | egress_rules = ["http-80-tcp"]
100 | }
101 |
102 | ###########################
103 | # HTTP with egress limited
104 | ###########################
105 | module "http_with_egress_sg" {
106 | source = "../../modules/http-80"
107 | profile = var.profile
108 | region = var.region
109 |
110 | name = "http-with-egress"
111 | description = "Security group with HTTP ports open within current VPC, and allow egress access just to small subnet"
112 | vpc_id = data.alicloud_vpcs.default.ids.0
113 |
114 | # Add mysql rules
115 | ingress_rules = ["mysql-tcp"]
116 |
117 | # Allow ingress rules to be accessed only within current VPC
118 | ingress_cidr_blocks = [data.alicloud_vpcs.default.vpcs.0.cidr_block]
119 |
120 | # Allow egress rules to access anything (empty list means everything)
121 | egress_cidr_blocks = ["10.10.10.0/28"]
122 | }
--------------------------------------------------------------------------------
/scripts/terraform-test.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 |
3 | version=""
4 | updateFolder="examples/complete"
5 | tfvars="tfvars/01-update.tfvars"
6 | f=${1}
7 | success=true
8 | # echo $f
9 | exitCode=0
10 | terraformVersionFile="tfversion.md"
11 |
12 | if [ $# -ge 2 ]; then
13 | echo "" > $terraformVersionFile
14 | fi
15 |
16 | echo ""
17 | echo "====> Terraform testing in" $f
18 | # init
19 | terraform -chdir=$f init -upgrade >/dev/null
20 | if [[ $? -ne 0 ]]; then
21 | success=false
22 | exitCode=1
23 | echo -e "\033[31m[ERROR]\033[0m: running terraform init failed."
24 | else
25 | # plan
26 | echo ""
27 | echo -e "----> Plan Testing\n"
28 | terraform -chdir=$f plan >/dev/null
29 | if [[ $? -ne 0 ]]; then
30 | success=false
31 | exitCode=2
32 | echo -e "\033[31m[ERROR]\033[0m: running terraform plan failed."
33 | else
34 | echo -e "\033[32m - plan check: success\033[0m"
35 | # apply
36 | echo ""
37 | echo -e "----> Apply Testing\n"
38 | terraform -chdir=$f apply -auto-approve >/dev/null
39 | if [[ $? -ne 0 ]]; then
40 | success=false
41 | exitCode=3
42 | echo -e "\033[31m[ERROR]\033[0m: running terraform apply failed."
43 | else
44 | echo -e "\033[32m - apply check: success\033[0m"
45 | # update & check diff
46 | if [ $f == $updateFolder ] && [ -f "${updateFolder}/${tfvars}" ];then
47 | # if example is complete and has tfvars folder
48 | echo ""
49 | echo -e " ----> Apply Update Testing\n"
50 | terraform -chdir=$f apply -auto-approve -var-file=$tfvars >/dev/null
51 | if [[ $? -ne 0 ]]; then
52 | success=false
53 | exitCode=3
54 | echo -e "\033[31m[ERROR]\033[0m: running terraform apply update failed."
55 | else
56 | echo -e "\033[32m - apply update check: success\033[0m"
57 | echo ""
58 | echo -e " ----> Apply Diff Checking\n"
59 | terraform -chdir=$f plan -var-file=$tfvars -detailed-exitcode
60 | if [[ $? -ne 0 ]]; then
61 | success=false
62 | if [[ $exitCode -eq 0 ]]; then
63 | exitCode=4
64 | fi
65 | echo -e "\033[31m[ERROR]\033[0m: running terraform plan for checking diff failed."
66 | else
67 | echo -e "\033[32m - apply diff check: success\033[0m"
68 | fi
69 | fi
70 | else
71 | # if example is no need to update
72 | echo ""
73 | echo -e " ----> Apply Diff Checking\n"
74 | terraform -chdir=$f plan -detailed-exitcode
75 | if [[ $? -ne 0 ]]; then
76 | success=false
77 | exitCode=4
78 | echo -e "\033[31m[ERROR]\033[0m: running terraform plan for checking diff failed."
79 | else
80 | echo -e "\033[32m - apply diff check: success\033[0m"
81 | fi
82 | fi
83 | fi
84 | # destroy
85 | echo ""
86 | echo -e " ----> Destroying\n"
87 | terraform -chdir=$f destroy -auto-approve >/dev/null
88 | if [[ $? -ne 0 ]]; then
89 | success=false
90 | if [[ $exitCode -eq 0 ]]; then
91 | exitCode=5
92 | fi
93 | echo -e "\033[31m[ERROR]\033[0m: running terraform destroy failed."
94 | else
95 | echo -e "\033[32m - destroy: success\033[0m"
96 | fi
97 | fi
98 | fi
99 |
100 | version=$(terraform -chdir=$f version)
101 | row=`echo -e "$version" | sed -n '/^$/='`
102 | if [ -n "$row" ]; then
103 | version=`echo -e "$version" | sed -n "1,${row}p"`
104 | fi
105 |
106 | if [[ $exitCode -ne 1 ]]; then
107 | rm -rf $f/.terraform
108 | rm -rf $f/.terraform.lock.hcl
109 | fi
110 |
111 | if [ $# -ge 2 ]; then
112 | echo -e "### Versions\n" >> $terraformVersionFile
113 | echo -e "${version}" >> $terraformVersionFile
114 | fi
115 |
116 | exit $exitCode
--------------------------------------------------------------------------------
/examples/complete/main.tf:
--------------------------------------------------------------------------------
1 | data "alicloud_zones" "default" {
2 | }
3 |
4 | module "vpc" {
5 | source = "alibaba/vpc/alicloud"
6 | create = true
7 | vpc_cidr = "172.16.0.0/16"
8 | vswitch_cidrs = ["172.16.0.0/21"]
9 | availability_zones = [data.alicloud_zones.default.zones.0.id]
10 | }
11 |
12 | module "security_group" {
13 | source = "../.."
14 |
15 | create = true
16 |
17 | name = var.name
18 | vpc_id = module.vpc.this_vpc_id
19 | description = var.description
20 | security_group_type = "normal"
21 | tags = var.tags
22 |
23 | }
24 |
25 | module "complete_sg" {
26 | source = "../.."
27 |
28 | #alicloud_security_group
29 | create = true
30 |
31 | name = var.name
32 | vpc_id = module.vpc.this_vpc_id
33 | description = var.description
34 | security_group_type = "normal"
35 | tags = var.tags
36 |
37 | #alicloud_security_group_rule
38 | ingress_rules = ["https-443-tcp"]
39 | ingress_cidr_blocks = ["10.10.0.0/16"]
40 | priority_for_ingress_rules = 1
41 | default_ingress_priority = 50
42 |
43 | ingress_with_cidr_blocks = [
44 | {
45 | cidr_blocks = "10.10.0.0/20"
46 | priority = 1
47 | rule = "dns-udp"
48 | },
49 | {
50 | priority = 2
51 | from_port = 53
52 | to_port = 53
53 | protocol = "tcp"
54 | description = var.rule_description
55 | }
56 | ]
57 | ingress_with_cidr_blocks_and_ports = [
58 | {
59 | cidr_blocks = "10.11.0.0/20"
60 | priority = 1
61 | ports = "10"
62 | protocol = "tcp"
63 | },
64 | {
65 | cidr_blocks = "172.10.0.0/20"
66 | protocol = "udp"
67 | description = var.rule_description
68 | }
69 | ]
70 | ingress_ports = [50]
71 | ingress_with_source_security_group_id = [
72 | {
73 | source_security_group_id = module.security_group.this_security_group_id
74 | priority = 1
75 | rule = "mysql-tcp"
76 | },
77 | {
78 | source_security_group_id = module.security_group.this_security_group_id
79 | priority = 2
80 | from_port = 10
81 | to_port = 10
82 | protocol = "tcp"
83 | description = var.rule_description
84 | },
85 | ]
86 |
87 | egress_rules = ["http-80-tcp"]
88 | egress_cidr_blocks = ["10.10.0.0/16"]
89 | priority_for_egress_rules = 1
90 | default_egress_priority = 50
91 | egress_with_cidr_blocks = [
92 | {
93 | cidr_blocks = "10.10.0.0/20"
94 | priority = 1
95 | rule = "ipsec-500-udp"
96 | },
97 | {
98 | priority = 2
99 | from_port = 10
100 | to_port = 20
101 | protocol = "udp"
102 | description = var.rule_description
103 | }
104 | ]
105 | egress_with_cidr_blocks_and_ports = [
106 | {
107 | cidr_blocks = "10.10.0.0/20"
108 | priority = 1
109 | ports = "50"
110 | protocol = "tcp"
111 | },
112 | {
113 | cidr_blocks = "172.10.0.0/20"
114 | protocol = "udp"
115 | description = var.rule_description
116 | }
117 | ]
118 | egress_ports = [90]
119 | egress_with_source_security_group_id = [
120 | {
121 | source_security_group_id = module.security_group.this_security_group_id
122 | priority = 1
123 | rule = "mysql-tcp"
124 | },
125 | {
126 | source_security_group_id = module.security_group.this_security_group_id
127 | priority = 2
128 | from_port = 10
129 | to_port = 10
130 | protocol = "tcp"
131 | description = var.rule_description
132 | }
133 | ]
134 |
135 | }
--------------------------------------------------------------------------------
/scripts/e2e_check.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "fmt"
5 | "io"
6 | "log"
7 | "net/http"
8 | "os"
9 | "strings"
10 | "time"
11 | )
12 |
13 | var urlPrefix = "https://terraform-fc-test-for-example-module.oss-ap-southeast-1.aliyuncs.com"
14 |
15 | func main() {
16 | ossObjectPath := strings.TrimSpace(os.Args[1])
17 | log.Println("run log path:", ossObjectPath)
18 | runLogFileName := "terraform.run.log"
19 | runResultFileName := "terraform.run.result.log"
20 | runLogUrl := urlPrefix + "/" + ossObjectPath + "/" + runLogFileName
21 | runResultUrl := urlPrefix + "/" + ossObjectPath + "/" + runResultFileName
22 | lastLineNum := 0
23 | deadline := time.Now().Add(time.Duration(24) * time.Hour)
24 | finish := false
25 | exitCode := 0
26 | log.Println(runLogUrl)
27 | errResultMessage := ""
28 | for !time.Now().After(deadline) {
29 | runLogResponse, err := http.Get(runLogUrl)
30 | if err != nil || runLogResponse.StatusCode != 200 {
31 | log.Println("waiting for job running...")
32 | time.Sleep(5 * time.Second)
33 | continue
34 | }
35 | defer runLogResponse.Body.Close()
36 |
37 | s, er := io.ReadAll(runLogResponse.Body)
38 | if er != nil && fmt.Sprint(er) != "EOF" {
39 | log.Println("[ERROR] reading run log response failed:", err)
40 | }
41 | lineNum := len(s)
42 | if runLogResponse.StatusCode == 200 {
43 | if lineNum > lastLineNum {
44 | fmt.Printf("%s", s[lastLineNum:lineNum])
45 | lastLineNum = lineNum
46 | }
47 | }
48 | if finish {
49 | log.Println("run log path:", ossObjectPath)
50 | log.Println("run log url:", runLogUrl)
51 | if strings.Contains(ossObjectPath, "weekly") {
52 | updateTestRecord(ossObjectPath)
53 | exitCode = 0
54 | }
55 | if errResultMessage != "" {
56 | log.Println("[ERROR] run result:", errResultMessage)
57 | }
58 | os.Exit(exitCode)
59 | }
60 | runResultResponse, err := http.Get(runResultUrl)
61 | if err != nil || runResultResponse.StatusCode != 200 {
62 | time.Sleep(5 * time.Second)
63 | continue
64 | }
65 | defer runResultResponse.Body.Close()
66 | runResultContent := make([]byte, 100000)
67 | _, err = runResultResponse.Body.Read(runResultContent)
68 | if err != nil && fmt.Sprint(err) != "EOF" {
69 | log.Println("[ERROR] reading run result response failed:", err)
70 | }
71 | finish = true
72 | if !strings.HasPrefix(string(runResultContent), "PASS") {
73 | errResultMessage = string(runResultContent)
74 | exitCode = 1
75 | }
76 | }
77 | log.Println("[ERROR] Timeout: waiting for job finished timeout after 24 hours.")
78 | }
79 |
80 | func updateTestRecord(ossObjectPath string) {
81 | currentTestRecordFileName := "TestRecord.md"
82 | currentTestRecordFileUrl := urlPrefix + "/" + ossObjectPath + "/" + currentTestRecordFileName
83 | response, err := http.Get(currentTestRecordFileUrl)
84 | if err != nil {
85 | log.Println("[ERROR] failed to get test record from oss")
86 | return
87 | }
88 | defer response.Body.Close()
89 | data, _ := io.ReadAll(response.Body)
90 | if response.StatusCode != 200 || len(data) == 0 {
91 | return
92 | }
93 | currentTestRecord := string(data) + "\n"
94 |
95 | testRecordFileName := "TestRecord.md"
96 | var testRecordFile *os.File
97 | oldTestRecord := ""
98 | if _, err := os.Stat(testRecordFileName); os.IsNotExist(err) {
99 | testRecordFile, err = os.Create(testRecordFileName)
100 | if err != nil {
101 | log.Println("[ERROR] failed to create test record file")
102 | }
103 | } else {
104 | data, err := os.ReadFile(testRecordFileName)
105 | if err != nil {
106 | log.Println("[ERROR] failed to read test record file")
107 | return
108 | }
109 | oldTestRecord = string(data)
110 |
111 | testRecordFile, err = os.OpenFile(testRecordFileName, os.O_TRUNC|os.O_RDWR, 0666)
112 | if err != nil {
113 | log.Println("[ERROR] failed to open test record file")
114 | }
115 | }
116 | defer testRecordFile.Close()
117 |
118 | currentTestRecord += oldTestRecord
119 | testRecordFile.WriteString(currentTestRecord)
120 | }
121 |
--------------------------------------------------------------------------------
/modules/README.md:
--------------------------------------------------------------------------------
1 | List of Security Groups implemented as Terraform modules
2 | ========================================================
3 |
4 |
5 | * [carbon-relay-ng](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/carbon-relay-ng)
6 | * [cassandra](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/cassandra)
7 | * [consul](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/consul)
8 | * [elasticsearch](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/elasticsearch)
9 | * [http-80](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/http-80)
10 | * [http-8080](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/http-8080)
11 | * [https-443](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/https-443)
12 | * [https-8443](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/https-8443)
13 | * [ipsec-4500](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/ipsec-4500)
14 | * [ipsec-500](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/ipsec-500)
15 | * [kafka](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/kafka)
16 | * [ldaps](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/ldaps)
17 | * [memcached](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/memcached)
18 | * [mongodb](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/mongodb)
19 | * [mssql](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/mssql)
20 | * [mysql](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/mysql)
21 | * [nfs](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/nfs)
22 | * [nomad](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/nomad)
23 | * [ntp](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/ntp)
24 | * [openvpn](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/openvpn)
25 | * [oracle-db](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/oracle-db)
26 | * [postgresql](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/postgresql)
27 | * [puppet](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/puppet)
28 | * [rabbitmq](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/rabbitmq)
29 | * [rdp](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/rdp)
30 | * [redis](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/redis)
31 | * [redshift](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/redshift)
32 | * [splunk](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/splunk)
33 | * [squid](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/squid)
34 | * [ssh](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/ssh)
35 | * [storm](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/storm)
36 | * [web](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/web)
37 | * [winrm](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/winrm)
38 | * [zipkin](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/zipkin)
39 | * [zookeeper](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/zookeeper)
40 | * [_templates](https://github.com/terraform-alicloud-modules/terraform-alicloud-security-group/tree/master/modules/_templates) - Source templates for all other modules. Change carefully, test thoughtfully!
41 |
42 |
--------------------------------------------------------------------------------