License GitHub release (latest tag) Release Validate Lint Test
Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests
Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests
Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests Infrastructure Tests
Terraform module to create a Security Group with ingress and egress rules in one go.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| description | Description of the Security Group. | string |
null |
no |
| egress_rules | Egress rules to add to the Security Group. See examples for usage. | list(object({ |
[] |
no |
| ingress_rules | Ingress rules to add to the Security Group. See examples for usage. | list(object({ |
[] |
no |
| name | Name of the Security Group and Prefix. | string |
n/a | yes |
| name_prefix | Whether to use the name as prefix or regular name. | bool |
true |
no |
| revoke_rules_on_delete | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed. | bool |
false |
no |
| tags | Tags to add to the Security Group. | map(any) |
{} |
no |
| vpc_id | The VPC ID where resources are created. | string |
n/a | yes |
| Name | Description |
|---|---|
| security_group_id | Security Group ID |
| Name | Version |
|---|---|
| aws | >= 4.36 |
- resource.aws_security_group.main (main.tf#6)
- resource.aws_security_group_rule.main_egress (main.tf#35)
- resource.aws_security_group_rule.main_ingress (main.tf#18)
module "vpc" { source = "registry.terraform.io/terraform-aws-modules/vpc/aws" version = "~> 5.0.0" name = "${var.name}-main" cidr = "10.100.0.0/16" } module "source_security_group" { source = "../../" name = var.name vpc_id = module.vpc.vpc_id } resource "aws_ec2_managed_prefix_list" "test" { name = "All VPC CIDR-s" address_family = "IPv4" max_entries = 5 entry { cidr = "10.100.0.0/16" description = "Primary" } } module "full" { source = "../../" vpc_id = module.vpc.vpc_id name = var.name description = "Testing Terraform full example" ingress_rules = [ # To/From ports are the same { port = 3306 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] }, # Different To/From ports { from_port = 3306 to_port = 54321 protocol = "tcp" cidr_blocks = ["127.0.0.0/8", "10.0.0.0/8"] }, # Allow other SG instead of CIDR { port = 3306 protocol = "udp" source_security_group_id = module.source_security_group.security_group_id }, # Using self { port = 3306 protocol = "udp" self = true } ] egress_rules = [ # To/From ports are the same { port = 3306 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] }, # Different To/From ports { from_port = 3306 to_port = 54321 protocol = "tcp" cidr_blocks = ["127.0.0.0/8", "10.0.0.0/8"] }, # Allow other SG instead of CIDR { port = 3306 protocol = "udp" source_security_group_id = module.source_security_group.security_group_id }, # Using self { port = 3306 protocol = "udp" self = true }, # Using prefix list { port = 443 protocol = "tcp" prefix_list_ids = [aws_ec2_managed_prefix_list.test.id] } ] }