data aws_caller_identity self {}

variable sg1 {}

resource "aws_security_group" "sg1" {
  name        = var.sg1.name
  description = var.sg1.description
  vpc_id      = data.aws_caller_identity.self.id

  dynamic "ingress" {
    for_each = var.sg1.cidrs
    content {
      description = ingress.key
      cidr_blocks = [ingress.value]
      from_port   = var.sg1.from_port
      to_port     = var.sg1.to_port
      protocol    = "tcp"
    }
  }
}