54 lines
1.4 KiB
Terraform
54 lines
1.4 KiB
Terraform
resource "aws_security_group" "sg" {
|
|
count = length(var.security-groups)
|
|
name = var.security-groups[count.index].name
|
|
description = var.security-groups[count.index].description
|
|
vpc_id = var.vpcid
|
|
tags = {
|
|
Name = var.security-groups[count.index].name
|
|
}
|
|
}
|
|
|
|
// see https://www.terraform.io/docs/configuration/functions/flatten.html
|
|
|
|
locals {
|
|
rules = flatten([
|
|
for sg_key, sg in var.security-groups : [
|
|
for rule_key, rule in lookup(sg, "rules") : {
|
|
sg_key = sg_key
|
|
rule_key = rule_key
|
|
sg_name = sg.name
|
|
protocol = rule[0]
|
|
cidr_blocks = rule[1]
|
|
from_port = rule[2]
|
|
to_port = rule[3]
|
|
type = rule[4]
|
|
description = rule[5]
|
|
}
|
|
]
|
|
])
|
|
|
|
|
|
}
|
|
|
|
resource "aws_security_group_rule" "rules" {
|
|
for_each = {
|
|
for rule in local.rules : "${rule.sg_key}.${rule.rule_key}" => rule
|
|
}
|
|
|
|
security_group_id = matchkeys(aws_security_group.sg.*.id, aws_security_group.sg.*.name, [each.value.sg_name])[0]
|
|
protocol = each.value.protocol
|
|
cidr_blocks = [each.value.cidr_blocks]
|
|
from_port = each.value.from_port
|
|
to_port = each.value.to_port
|
|
type = each.value.type
|
|
description = each.value.description
|
|
}
|
|
|
|
output sg-id-name {
|
|
value = [
|
|
for id, name in zipmap(
|
|
sort(aws_security_group.sg.*.id),
|
|
sort(aws_security_group.sg.*.name)) :
|
|
map("id", id, "name", name)
|
|
]
|
|
} |