-
-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds support for custom Security Group rules #8
Conversation
main.tf
Outdated
rules = [ | ||
{ | ||
type = "ingress" | ||
from_port = 22 | ||
to_port = 22 | ||
protocol = "tcp" | ||
cidr_blocks = var.allowed_cidrs | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nono, this goes against the spirit of the module. The objective is to expsoe the rules
variable so the caller has unfettered ability to add rules for ingress/egress.
variables.tf
Outdated
from_port = 22 | ||
to_port = 22 | ||
protocol = "tcp" | ||
cidr_blocks = ["10.0.0.0/16"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should this be an empty array by default?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Benbentwo I copied the pattern from this repo.
It also has the cidr_block
array populated with 0.0.0.0/0
but I don't like having it open to the world so leaving cidr_block
with []
will show an error explaining it needs to be set. Not the greatest UX unfortunately but I think security should take precedence over UX. Unless there's a better way.
|
||
variable "security_group_rules" { | ||
type = list(any) | ||
default = [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or this be an empty array by default?
what
why
references