initial commit

modules/compute/security_group/example/main.tf

@@ -0,0 +1,32 @@
+module "example-sg" {
+  source      = "../"
+  name        = "bastion-sg"
+  description = "SG of EC2 bastion instances"
+  vpc-id      = "vpc-12345678"
+  ingress = {
+    r1 = "tcp,4750,4750,1.2.3.4/32,Patch Management Tool"
+    r2 = "tcp,22,22,1.2.3.4/32,Patch Management Tool"
+    r3 = "tcp,52311,52311,${aws_ec2_managed_prefix_list.example.id},BigFix server to client"
+  }
+  egress = {
+    r1 = "-1,-1,-1,0.0.0.0/0,Allow Ingress from all"
+  }
+}
+
+
+resource "aws_ec2_managed_prefix_list" "example" {
+  name           = "Omprem subnets"
+  address_family = "IPv4"
+  max_entries    = 5
+
+  dynamic "entry" {
+    for_each = toset([
+      "192.168.99.0/24",
+      "192.168.100.0/24"
+    ])
+    content {
+      cidr        = entry.value
+      description = "Onprem management subnets"
+    }
+  }
+}