From 7aecb0451f63bc26b55dfcc13d575b7f8138b1de Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 26 Oct 2021 11:52:21 -0400
Subject: [PATCH 1/3] remove external 6th field

---
 sas/README.md |  4 ++--
 sas/ports.tf  | 36 ++++++++++++++++++------------------
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/sas/README.md b/sas/README.md
index 5f237db..9257ccd 100644
--- a/sas/README.md
+++ b/sas/README.md
@@ -104,10 +104,10 @@ No modules.
 | <a name="input_egress_security_groups"></a> [egress\_security\_groups](#input\_egress\_security\_groups) | List of egress security groups (all ports) | `list(string)` | `[]` | no |
 | <a name="input_enable_self"></a> [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no |
 | <a name="input_ingress_networks"></a> [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for access (with all pre-defined ingress ports) | `list(string)` | `[]` | no |
-| <a name="input_ingress_port_list"></a> [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | <pre>[<br>  []<br>]</pre> | no |
+| <a name="input_ingress_port_list"></a> [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | `[]` | no |
 | <a name="input_ingress_port_map"></a> [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>    cidr        = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_ingress_security_groups"></a> [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no |
-| <a name="input_ingress_self_port_list"></a> [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | <pre>[<br>  []<br>]</pre> | no |
+| <a name="input_ingress_self_port_list"></a> [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | `[]` | no |
 | <a name="input_ingress_self_port_map"></a> [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>  }))</pre> | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | Security Group Name | `string` | `""` | no |
 | <a name="input_short_description"></a> [short\_description](#input\_short\_description) | Security Group Short Description | `string` | `""` | no |
diff --git a/sas/ports.tf b/sas/ports.tf
index a554cbf..4565835 100644
--- a/sas/ports.tf
+++ b/sas/ports.tf
@@ -11,26 +11,26 @@ locals {
     "all"    = ["0.0.0.0/0"]
     "census" = ["148.129.0.0/16", "192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"]
   }
-  source_groups = ["all", "external"]
+  #  source_groups = ["all", "external"]
 
   ports = [
-    [5450, 5460, "tcp", "OLAP Server", local.networks["all"], ["external"]],
-    [7080, 7090, "tcp", "Environment Manager HTTP", local.networks["all"], ["external"]],
-    [7111, 7111, "tcp", "Dcoument Conversion", local.networks["all"], ["external"]],
-    [7443, 7443, "tcp", "Environment Manager HTTPS", local.networks["all"], ["external"]],
-    #    [7541, 7541, "tcp", "CONNECT Spawner Operator", local.networks["all"], ["external"]],
-    #    [7551, 7551, "tcp", "CONNECT Server", local.networks["all"], ["external"] ],
-    [7540, 7560, "tcp", "CONNECT", local.networks["all"], ["external"]],
-    [7980, 7990, "tcp", "Web Server HTTP", local.networks["all"], ["external"]],
-    [8343, 8353, "tcp", "Web Server HTTPS", local.networks["all"], ["external"]],
-    [8443, 8453, "tcp", "Web Application Server HTTPS", local.networks["all"], ["external"]],
-    [8451, 8461, "tcp", "OS Services Scheduler", local.networks["all"], ["external"]],
-    [8540, 8640, "tcp", "Metadata", local.networks["all"], ["external"]],
-    [8701, 8711, "tcp", "Pooled Workspace", local.networks["all"], ["external"]],
-    [8800, 8830, "tcp", "Object Spawner", local.networks["all"], ["external"]],
-    [9431, 9441, "tcp", "Web Infra Platform", local.networks["all"], ["external"]],
-    [9831, 9841, "tcp", "Data Remediation", local.networks["all"], ["external"]],
-    [9831, 9841, "tcp", "Data Remediation", local.networks["all"], ["external"]],
+    [5450, 5460, "tcp", "OLAP Server", local.networks["all"]],
+    [7080, 7090, "tcp", "Environment Manager HTTP", local.networks["all"]],
+    [7111, 7111, "tcp", "Dcoument Conversion", local.networks["all"]],
+    [7443, 7443, "tcp", "Environment Manager HTTPS", local.networks["all"]],
+    #    [7541, 7541, "tcp", "CONNECT Spawner Operator", local.networks["all"] ],
+    #    [7551, 7551, "tcp", "CONNECT Server", local.networks["all"] ],
+    [7540, 7560, "tcp", "CONNECT", local.networks["all"]],
+    [7980, 7990, "tcp", "Web Server HTTP", local.networks["all"]],
+    [8343, 8353, "tcp", "Web Server HTTPS", local.networks["all"]],
+    [8443, 8453, "tcp", "Web Application Server HTTPS", local.networks["all"]],
+    [8451, 8461, "tcp", "OS Services Scheduler", local.networks["all"]],
+    [8540, 8640, "tcp", "Metadata", local.networks["all"]],
+    [8701, 8711, "tcp", "Pooled Workspace", local.networks["all"]],
+    [8800, 8830, "tcp", "Object Spawner", local.networks["all"]],
+    [9431, 9441, "tcp", "Web Infra Platform", local.networks["all"]],
+    [9831, 9841, "tcp", "Data Remediation", local.networks["all"]],
+    [9831, 9841, "tcp", "Data Remediation", local.networks["all"]],
   ]
 
   ingress_networks = var.ingress_networks

From b93512dd724b568f113367c5341e4581fde0c33c Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 26 Oct 2021 11:55:02 -0400
Subject: [PATCH 2/3] fix

---
 sas/defaults.tf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sas/defaults.tf b/sas/defaults.tf
index ab5a4e9..0b55799 100644
--- a/sas/defaults.tf
+++ b/sas/defaults.tf
@@ -1,5 +1,7 @@
 locals {
   _defaults = {
+    self_port_list = [{ from = 0, to = 0, proto = -1, description = "all" }]
+
     name              = "m-sas"
     description       = "Security group for SAS"
     short_description = "SAS"

From 2c2fec22ae7c5f9ab9330f99b6143da6ed349c6b Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 26 Oct 2021 11:56:57 -0400
Subject: [PATCH 3/3] v2.2.3: fix sas module

---
 CHANGELOG.md      | 4 ++++
 common/version.tf | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f3bafbe..dccccf7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,10 @@
     - make ingress_self stuff work
     - fix missing default egress
 
+* v2.2.3 -- 20211026
+  - sas
+    - fix ports, self_port_list
+
 # OLDER
 
 ## web
diff --git a/common/version.tf b/common/version.tf
index 548c682..ed20f74 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.2.2"
+  _module_version = "2.2.3"
 }