Merge pull request #28 from Flaconi/OPS-0-sg-rules-as-var

OPS-0: Adjusted vars to rm default sg
Flaconi · Apr 2, 2024 · 3b89c64 · 3b89c64
2 parents 3c612e2 + 4e6aed2
commit 3b89c64
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -294,6 +294,44 @@ Type: `bool`
 
 Default: `true`
 
+### <a name="input_default_security_group_ingress"></a> [default\_security\_group\_ingress](#input\_default\_security\_group\_ingress)
+
+Description: List of maps of ingress rules to set on the default security group
+
+Type: `list(map(string))`
+
+Default:
+
+```json
+[
+  {
+    "from_port": 0,
+    "protocol": -1,
+    "self": true,
+    "to_port": 0
+  }
+]
+```
+
+### <a name="input_default_security_group_egress"></a> [default\_security\_group\_egress](#input\_default\_security\_group\_egress)
+
+Description: List of maps of egress rules to set on the default security group
+
+Type: `list(map(string))`
+
+Default:
+
+```json
+[
+  {
+    "from_port": 0,
+    "protocol": "-1",
+    "self": true,
+    "to_port": 0
+  }
+]
+```
+
 <!-- TFDOCS_INPUTS_END -->
 
 <!-- TFDOCS_OUTPUTS_START -->

diff --git a/main.tf b/main.tf
@@ -24,21 +24,11 @@ module "aws_vpc" {
 
   customer_gateways = var.vpc_customer_gateways
 
-  manage_default_route_table    = false
-  manage_default_network_acl    = false
-  manage_default_security_group = var.manage_default_security_group
-  default_security_group_ingress = [{
-    protocol  = -1
-    self      = true
-    from_port = 0
-    to_port   = 0
-  }]
-  default_security_group_egress = [{
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = "0.0.0.0/0"
-  }]
+  manage_default_route_table     = false
+  manage_default_network_acl     = false
+  manage_default_security_group  = var.manage_default_security_group
+  default_security_group_ingress = var.default_security_group_ingress
+  default_security_group_egress  = var.default_security_group_egress
 
   name     = var.name
   tags     = var.tags

diff --git a/variables.tf b/variables.tf
@@ -174,3 +174,25 @@ variable "manage_default_security_group" {
   type        = bool
   default     = true
 }
+
+variable "default_security_group_ingress" {
+  description = "List of maps of ingress rules to set on the default security group"
+  type        = list(map(string))
+  default = [{
+    protocol  = -1
+    self      = true
+    from_port = 0
+    to_port   = 0
+  }]
+}
+
+variable "default_security_group_egress" {
+  description = "List of maps of egress rules to set on the default security group"
+  type        = list(map(string))
+  default = [{
+    protocol  = "-1"
+    self      = true
+    from_port = 0
+    to_port   = 0
+  }]
+}