fix

common/ports.tf

@@ -9,12 +9,12 @@ locals {
 
   p_fields = ["from", "to", "proto", "description", "cidr"]
   #  p_map    = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map
-  p_map    = length(var.ingress_port_list) > 0 ? [for p in compress(concat(local.ports, var.ingress_port_list)) : zipmap(local.p_fields, p)] : [for p in local.ports : zipmap(local.p_fields, p)]
-  port_map = { "external" = compress(concat(local.p_map, var.ingress_port_map)) }
+  p_map    = length(var.ingress_port_list) > 0 ? [for p in collapse(concat(local.ports, var.ingress_port_list)) : zipmap(local.p_fields, p)] : [for p in local.ports : zipmap(local.p_fields, p)]
+  port_map = { "external" = collapse(concat(local.p_map, var.ingress_port_map)) }
 
   p_self_fields  = ["from", "to", "proto", "description"]
   self_port_list = length(var.ingress_self_port_list) > 0 ? [for p in var.ingress_self_port_list : zipmap(local.p_self_fields, p)] : local._defaults["self_port_list"]
-  self_port_map  = compress(concat(local.self_port_list, var.ingress_self_port_map))
+  self_port_map  = collapse(concat(local.self_port_list, var.ingress_self_port_map))
 }
 
 # locals {

custom/ports.tf

@@ -9,9 +9,9 @@ locals {
 
   p_fields = ["from", "to", "proto", "description", "cidr"]
   p_map    = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map
-  port_map = { "external" = compress(concat(local.p_map, var.ingress_port_map)) }
+  port_map = { "external" = collapse(concat(local.p_map, var.ingress_port_map)) }
 
   p_self_fields  = ["from", "to", "proto", "description"]
   self_port_list = length(var.ingress_self_port_list) > 0 ? [for p in var.ingress_self_port_list : zipmap(local.p_self_fields, p)] : local._defaults["self_port_list"]
-  self_port_map  = compress(concat(local.self_port_list, var.ingress_self_port_map))
+  self_port_map  = collapse(concat(local.self_port_list, var.ingress_self_port_map))
 }

sas/ports.tf

@@ -33,19 +33,19 @@ locals {
     [9831, 9841, "tcp", "Data Remediation", local.networks["all"], ["external"]],
   ]
 
+
   ingress_networks = var.ingress_networks
   egress_networks  = var.egress_networks
 
-  # these are ignored
   ingress_sg = var.ingress_security_groups
   egress_sg  = var.egress_security_groups
 
-  p_fields = ["from", "to", "proto", "description", "cidr", "source_group"]
-  p_map    = [for p in local.ports : zipmap(local.p_fields, p)]
-  port_map = { for s in local.source_groups :
-    s => [for p in local.p_map : p if contains(p["source_group"], s)]
-  }
+  p_fields = ["from", "to", "proto", "description", "cidr"]
+  #  p_map    = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map
+  p_map    = length(var.ingress_port_list) > 0 ? [for p in concat(local.ports, var.ingress_port_list) : zipmap(local.p_fields, p)] : [for p in local.ports : zipmap(local.p_fields, p)]
+  port_map = { "external" = collapse(concat(local.p_map, var.ingress_port_map)) }
 
-  self_port_list = [{ from = 0, to = 0, proto = -1, description = "all" }]
-  self_ports     = local.self_port_list
+  p_self_fields  = ["from", "to", "proto", "description"]
+  self_port_list = length(var.ingress_self_port_list) > 0 ? [for p in var.ingress_self_port_list : zipmap(local.p_self_fields, p)] : local._defaults["self_port_list"]
+  self_port_map  = collapse(concat(local.self_port_list, var.ingress_self_port_map))
 }