From ed39ffc113a71dddc1ff38c94a651085c111402a Mon Sep 17 00:00:00 2001 From: badra001 Date: Mon, 16 Dec 2024 13:01:39 -0500 Subject: [PATCH] fix --- rds-postgres/main.tf | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/rds-postgres/main.tf b/rds-postgres/main.tf index 7d2efd7..fc8d2f7 100644 --- a/rds-postgres/main.tf +++ b/rds-postgres/main.tf @@ -96,15 +96,15 @@ resource "aws_security_group" "this_security_group" { } - # ingress security group ids (all) + # ingress security group ids (just defined ports) dynamic "ingress" { - for_each = length(local.ingress_sg) > 0 ? { 1 = 1 } : {} - iterator = sg + for_each = length(local.ingress_sg) > 0 ? local.port_map["external"] : toset([]) + iterator = p content { - description = "${local.short_description}" - from_port = 0 - to_port = 0 - protocol = -1 + description = "${local.short_description}: ${p.value["description"]}" + from_port = p.value["from"] + to_port = p.value["to"] + protocol = p.value["proto"] security_groups = local.ingress_sg } } @@ -112,13 +112,13 @@ resource "aws_security_group" "this_security_group" { # ingress self (list with one or zero items) dynamic "ingress" { - for_each = local.self + for_each = local.self ? local.port_map["external"] : toset([]) iterator = sg content { - description = "${local.short_description}: from self" - from_port = 0 - to_port = 0 - protocol = -1 + description = "${local.short_description}: ${p.value["description"]}" + from_port = p.value["from"] + to_port = p.value["to"] + protocol = p.value["proto"] self = true } } @@ -149,7 +149,7 @@ resource "aws_security_group" "this_security_group" { # egress with prefix lists dynamic "egress" { - for_each = length(var.egress_prefix_list_names) > 0 ? local.port_map["external"] : toset([]) + for_each = length(var.egress_prefix_list_names) > 0 ? { 1 = 1 } : {} iterator = p content { description = "${local.short_description}"