@@ -44,85 +44,75 @@ usage: |-
4444 ```hcl
4545 # use this
4646 module "security_group" {
47- source = "clouddrove/security-group/aws"
48- version = "2.0.0"
49- name = local.name
50- environment = local.environment
47+ source = "clouddrove/security-group/aws"
48+ version = "2.0.0"
49+ name = "app"
50+ environment = "test"
5151 vpc_id = module.vpc.vpc_id
5252
5353 ## INGRESS Rules
5454 new_sg_ingress_rules_with_cidr_blocks = [{
55- rule_count = 1
56- from_port = 20
57- protocol = "udp"
58- to_port = 22
59- cidr_blocks = [module.vpc.vpc_cidr_block, "172.16.0.0/16"]
60- },
61- {
62- rule_count = 2
63- from_port = 27017
64- protocol = "tcp"
65- to_port = 27017
66- cidr_blocks = ["172.16.0.0/16"]
67- }
68- ]
69-
70- ## EGRESS Rules
71- new_sg_egress_rules_with_cidr_blocks = [{
7255 rule_count = 1
7356 from_port = 22
7457 protocol = "tcp"
7558 to_port = 22
7659 cidr_blocks = [module.vpc.vpc_cidr_block, "172.16.0.0/16"]
60+ description = "Allow ssh traffic."
7761 },
7862 {
7963 rule_count = 2
8064 from_port = 27017
8165 protocol = "tcp"
8266 to_port = 27017
8367 cidr_blocks = ["172.16.0.0/16"]
84- }]
68+ description = "Allow Mongodb traffic."
69+ }
70+ ]
8571 }
8672 ```
8773
8874 ### ONLY RULES
8975 module "security_group_rules" {
9076 source = "clouddrove/security-group/aws"
9177 version = "2.0.0"
92- name = local.name
93- environment = local.environment
78+ name = "app"
79+ environment = "test"
9480 vpc_id = "vpc-xxxxxxxxx"
9581 new_sg = false
9682 existing_sg_id = "sg-xxxxxxxxx"
9783
9884 ## INGRESS Rules
9985 existing_sg_ingress_rules_with_cidr_blocks = [{
10086 rule_count = 1
101- from_port = 20
102- protocol = "udp "
87+ from_port = 22
88+ protocol = "tcp "
10389 to_port = 22
10490 cidr_blocks = ["10.9.0.0/16"]
91+ description = "Allow ssh traffic."
10592 },
10693 {
10794 rule_count = 2
10895 from_port = 27017
10996 protocol = "tcp"
11097 to_port = 27017
11198 cidr_blocks = ["10.9.0.0/16"]
99+ description = "Allow Mongodb traffic."
112100 }
113101 ]
114102
115103 existing_sg_ingress_rules_with_self = [{
116- rule_count = 1
117- from_port = 20
118- protocol = "tcp"
119- to_port = 22
104+ rule_count = 1
105+ from_port = 22
106+ protocol = "tcp"
107+ to_port = 22
108+ description = "Allow ssh traffic."
120109 },
121110 {
122- rule_count = 2
123- from_port = 270
124- protocol = "tcp"
125- to_port = 270
111+ rule_count = 2
112+ from_port = 27017
113+ protocol = "tcp"
114+ to_port = 27017
115+ description = "Allow Mongodb traffic."
126116 }
127117 ]
128118
@@ -132,21 +122,16 @@ usage: |-
132122 protocol = "tcp"
133123 to_port = 22
134124 source_security_group_id = "sg-xxxxxxxxx"
125+ description = "Allow ssh traffic."
135126 },
136127 {
137128 rule_count = 2
138129 from_port = 27017
139130 protocol = "tcp"
140131 to_port = 27017
141132 source_security_group_id = "sg-xxxxxxxxx"
142- },
143- {
144- rule_count = 3
145- from_port = 22
146- protocol = "tcp"
147- to_port = 22
148- source_security_group_id = "sg-xxxxxxxxx"
149- }]
133+ description = "Allow Mongodb traffic."
134+ }]
150135
151136 ## EGRESS Rules
152137 existing_sg_egress_rules_with_cidr_blocks = [{
@@ -155,26 +140,30 @@ usage: |-
155140 protocol = "tcp"
156141 to_port = 22
157142 cidr_blocks = ["10.9.0.0/16"]
143+ description = "Allow ssh outbound traffic."
158144 },
159145 {
160146 rule_count = 2
161147 from_port = 27017
162148 protocol = "tcp"
163149 to_port = 27017
164150 cidr_blocks = ["10.9.0.0/16"]
151+ description = "Allow Mongodb outbound traffic."
165152 }]
166153
167154 existing_sg_egress_rules_with_self = [{
168- rule_count = 1
169- from_port = 20
170- protocol = "tcp"
171- to_port = 22
155+ rule_count = 1
156+ from_port = 22
157+ protocol = "tcp"
158+ to_port = 22
159+ description = "Allow ssh outbound traffic."
172160 },
173161 {
174- rule_count = 2
175- from_port = 270
176- protocol = "tcp"
177- to_port = 270
162+ rule_count = 2
163+ from_port = 27017
164+ protocol = "tcp"
165+ to_port = 27017
166+ description = "Allow Mongodb outbound traffic."
178167 }]
179168
180169 existing_sg_egress_rules_with_source_sg_id = [{
@@ -183,30 +172,25 @@ usage: |-
183172 protocol = "tcp"
184173 to_port = 22
185174 source_security_group_id = "sg-xxxxxxxxx"
175+ description = "Allow ssh outbound traffic."
186176 },
187177 {
188178 rule_count = 2
189179 from_port = 27017
190180 protocol = "tcp"
191181 to_port = 27017
192182 source_security_group_id = "sg-xxxxxxxxx"
193- },
194- {
195- rule_count = 3
196- from_port = 22
197- protocol = "tcp"
198- to_port = 22
199- source_security_group_id = "sg-xxxxxxxxx"
200- }]
183+ description = "Allow Mongodb outbound traffic."
184+ }]
201185 }
202186 ```
203187
204188 ### PREFIX LIST
205189 module "security_group" {
206190 source = "clouddrove/security-group/aws"
207191 version = "2.0.0"
208- name = local.name
209- environment = local.environment
192+ name = "app"
193+ environment = "test"
210194 vpc_id = module.vpc.vpc_id
211195 prefix_list_enabled = true
212196 entry = [{
@@ -215,30 +199,20 @@ usage: |-
215199
216200 ## INGRESS Rules
217201 new_sg_ingress_rules_with_prefix_list = [{
218- rule_count = 1
219- from_port = 22
220- protocol = "tcp"
221- to_port = 22
222- },
223- {
224- rule_count = 2
225- from_port = 20
226- protocol = "tcp"
227- to_port = 21
202+ rule_count = 1
203+ from_port = 22
204+ protocol = "tcp"
205+ to_port = 22
206+ description = "Allow ssh traffic."
228207 }
229208 ]
230209 ## EGRESS Rules
231210 new_sg_egress_rules_with_prefix_list = [{
232- rule_count = 1
233- from_port = 22
234- protocol = "tcp"
235- to_port = 22
236- },
237- {
238- rule_count = 2
239- from_port = 20
240- protocol = "tcp"
241- to_port = 21
211+ rule_count = 1
212+ from_port = 0
213+ protocol = "-1"
214+ to_port = 0
215+ description = "Allow all outbound traffic."
242216 }
243217 ]
244218 }
0 commit comments