Skip to content

Commit

Permalink
feat: added security-group-rule in ec2 module
Browse files Browse the repository at this point in the history
  • Loading branch information
@theprashantyadav
theprashantyadav committed Sep 27, 2023
1 parent 0b76406 commit d1f8236
Show file tree
Hide file tree
Showing 5 changed files with 95 additions and 78 deletions.
1 change: 1 addition & 0 deletions _example/anomaly_example/.terraform.tfstate.lock.info
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"ID":"ff25a4a8-5c64-35ad-0d25-970e35a6e032","Operation":"OperationTypeApply","Info":"","Who":"prashant@prashant","Version":"1.5.7","Created":"2023-09-27T12:24:29.546335369Z","Path":"terraform.tfstate"}
33 changes: 7 additions & 26 deletions _example/anomaly_example/example.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,32 +37,6 @@ module "public_subnets" {
igw_id = module.vpc.igw_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https.
##-----------------------------------------------------
module "http-https" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "alarm"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh.
##-----------------------------------------------------
module "ssh" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "alarmsg"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications.
##-----------------------------------------------------
Expand All @@ -74,6 +48,13 @@ module "ec2" {
environment = "test"
label_order = ["name", "environment"]

####----------------------------------------------------------------------------------
## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with.
####----------------------------------------------------------------------------------
vpc_id = module.vpc.vpc_id
allowed_ip = [module.vpc.vpc_cidr_block]
allowed_ports = [22, 80, 443]

instance_count = 1
ami = "ami-08d658f84a6d84a80"
ebs_optimized = "false"
Expand Down
33 changes: 7 additions & 26 deletions _example/basic_example/example.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,32 +37,6 @@ module "public_subnets" {
igw_id = module.vpc.igw_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https.
##-----------------------------------------------------
module "http-https" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "http-https"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh.
##-----------------------------------------------------
module "ssh" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "ssh"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications.
##-----------------------------------------------------
Expand All @@ -73,6 +47,13 @@ module "ec2" {
environment = "test"
label_order = ["name", "environment"]

####----------------------------------------------------------------------------------
## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with.
####----------------------------------------------------------------------------------
vpc_id = module.vpc.vpc_id
allowed_ip = [module.vpc.vpc_cidr_block]
allowed_ports = [22, 80, 443]

instance_count = 1
ami = "ami-08d658f84a6d84a80"
ebs_optimized = "false"
Expand Down
33 changes: 7 additions & 26 deletions _example/expression_example/example.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,32 +37,6 @@ module "public_subnets" {
igw_id = module.vpc.igw_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https.
##-----------------------------------------------------
module "http-https" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "http-https"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh.
##-----------------------------------------------------
module "ssh" {
source = "clouddrove/security-group/aws"
version = "2.0.0"

name = "ssh"
environment = "test"
label_order = ["name", "environment"]
vpc_id = module.vpc.vpc_id
}

##-----------------------------------------------------
## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications.
##-----------------------------------------------------
Expand All @@ -74,6 +48,13 @@ module "ec2" {
environment = "test"
label_order = ["name", "environment"]

####----------------------------------------------------------------------------------
## Below A security group controls the traffic that is allowed to reach and leave the resources that it is associated with.
####----------------------------------------------------------------------------------
vpc_id = module.vpc.vpc_id
allowed_ip = [module.vpc.vpc_cidr_block]
allowed_ports = [22, 80, 443]

instance_count = 1
ami = "ami-08d658f84a6d84a80"
ebs_optimized = "false"
Expand Down
73 changes: 73 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,4 +165,77 @@ variable "query_metrics" {
}
}]
description = "values for metric query metrics."
}

variable "enable_security_group" {

Check warning on line 170 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "enable_security_group" is declared but not used
type = bool
default = true
description = "Enable default Security Group with only Egress traffic allowed."
}

variable "sg_ids" {

Check warning on line 176 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "sg_ids" is declared but not used
type = list(any)
default = []
description = "of the security group id."
}

variable "vpc_id" {

Check warning on line 182 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "vpc_id" is declared but not used
type = string
default = ""
description = "The ID of the VPC that the instance security group belongs to."
sensitive = true
}

variable "sg_description" {

Check warning on line 189 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "sg_description" is declared but not used
type = string
default = "Instance default security group (only egress access is allowed)."
description = "The security group description."
}

variable "is_external" {

Check warning on line 195 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "is_external" is declared but not used
type = bool
default = false
description = "enable to udated existing security Group"
}

variable "egress_rule" {
type = bool
default = true
description = "Enable to create egress rule"
}

variable "sg_egress_description" {
type = string
default = "Description of the rule."
description = "Description of the egress and ingress rule"
}

variable "sg_egress_ipv6_description" {

Check warning on line 213 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "sg_egress_ipv6_description" is declared but not used
type = string
default = "Description of the rule."
description = "Description of the egress_ipv6 rule"
}

variable "allowed_ip" {

Check warning on line 219 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "allowed_ip" is declared but not used
type = list(any)
default = []
description = "List of allowed ip."
}

variable "allowed_ports" {

Check warning on line 225 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "allowed_ports" is declared but not used
type = list(any)
default = []
description = "List of allowed ingress ports"
}

variable "sg_ingress_description" {

Check warning on line 231 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "sg_ingress_description" is declared but not used
type = string
default = "Description of the ingress rule use elasticache."
description = "Description of the ingress rule"
}

variable "protocol" {

Check warning on line 237 in variables.tf

View workflow job for this annotation

GitHub Actions / tf-lint / tflint 

variable "protocol" is declared but not used
type = string
default = "tcp"
description = "The protocol. If not icmp, tcp, udp, or all use the."
}

0 comments on commit d1f8236

Please sign in to comment.