From 9d7fc62cb50886184d4177d7d7d965023605dff5 Mon Sep 17 00:00:00 2001 From: badra001 Date: Mon, 25 Oct 2021 11:29:19 -0400 Subject: [PATCH] fix --- common/README.md | 6 +++--- common/variables.port_list.tf | 6 +++--- custom/README.md | 6 +++--- custom/ports.tf | 5 +++-- 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/common/README.md b/common/README.md index f9076de..7eecd34 100644 --- a/common/README.md +++ b/common/README.md @@ -34,11 +34,11 @@ No modules. | [egress\_security\_groups](#input\_egress\_security\_groups) | List of egress security groups (all ports) | `list(string)` | `[]` | no | | [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no | | [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for access (with all pre-defined ingress ports) | `list(string)` | `[]` | no | -| [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | `[]` | no | -| [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
    cidr        = list(string)
  }))
| `[]` | no | +| [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | 
[
  []
]
| no | +| [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
    cidr        = list(string)
  }))
| 
[
  {}
]
| no | | [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no | | [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | 
[
  [
    0,
    0,
    -1,
    "all"
  ]
]
| no | -| [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
  }))
| `[]` | no | +| [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
  }))
| 
[
  {}
]
| no | | [tags](#input\_tags) | Extra security group tags | `map` | `{}` | no | | [use\_vpc\_cidr](#input\_use\_vpc\_cidr) | Enable\|Disable use of VPC CIDR block in the ingress\_networks | `bool` | `false` | no | | [vpc\_full\_name](#input\_vpc\_full\_name) | VPC Name | `string` | `""` | no | diff --git a/common/variables.port_list.tf b/common/variables.port_list.tf index b8ae4d8..93d0041 100644 --- a/common/variables.port_list.tf +++ b/common/variables.port_list.tf @@ -1,7 +1,7 @@ variable "ingress_port_list" { description = "Ingress port list of 5-tuple: from, to, proto, description, and cidr(list)" # type = list(tuple([number, number, any, string, list])) - default = [] + default = [[]] } variable "ingress_port_map" { @@ -13,7 +13,7 @@ variable "ingress_port_map" { description = string cidr = list(string) })) - default = [] + default = [{}] } variable "ingress_self_port_list" { @@ -30,6 +30,6 @@ variable "ingress_self_port_map" { proto = any description = string })) - default = [] + default = [{}] } diff --git a/custom/README.md b/custom/README.md index 88c7003..609dea7 100644 --- a/custom/README.md +++ b/custom/README.md @@ -101,11 +101,11 @@ No modules. | [egress\_security\_groups](#input\_egress\_security\_groups) | List of egress security groups (all ports) | `list(string)` | `[]` | no | | [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no | | [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for access (with all pre-defined ingress ports) | `list(string)` | `[]` | no | -| [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | `[]` | no | -| [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
    cidr        = list(string)
  }))
| `[]` | no | +| [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | 
[
  []
]
| no | +| [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
    cidr        = list(string)
  }))
| 
[
  {}
]
| no | | [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no | | [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | 
[
  [
    0,
    0,
    -1,
    "all"
  ]
]
| no | -| [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
  }))
| `[]` | no | +| [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | 
list(object({
    from        = number
    to          = number
    proto       = any
    description = string
  }))
| 
[
  {}
]
| no | | [name](#input\_name) | Security Group Name (required) | `string` | n/a | yes | | [short\_description](#input\_short\_description) | Security Group Short Description | `string` | `""` | no | | [tags](#input\_tags) | Extra security group tags | `map` | `{}` | no | diff --git a/custom/ports.tf b/custom/ports.tf index 64ff02b..7a72c3f 100644 --- a/custom/ports.tf +++ b/custom/ports.tf @@ -1,5 +1,5 @@ locals { - ports = var.ingress_port_list + ports = [[]] ingress_networks = var.ingress_networks egress_networks = var.egress_networks @@ -8,7 +8,8 @@ locals { egress_sg = var.egress_security_groups p_fields = ["from", "to", "proto", "description", "cidr"] - p_map = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map + # p_map = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map + p_map = length(var.ingress_port_list) > 0 ? [for p in flatten(compact(concat(local.ports, var.ingress_port_list))) : zipmap(local.p_fields, p)] : [for p in local.ports : zipmap(local.p_fields, p)] port_map = { "external" = compact(concat(local.p_map, var.ingress_port_map)) } p_self_fields = ["from", "to", "proto", "description"]