v1.0.1: add default security group

security-groups/README.md

@@ -9,7 +9,7 @@ and associated submodules.
 # Usage
 
 ```hcl
-module "vpc-base-security-groups" {
+module "base-security-groups" {
   source          = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//security-groups"
   vpc_id          = "vpc-1234568"
   vpc_full_name   = "vpc2-dice-dev"
@@ -40,6 +40,7 @@ No requirements.
 
 | Name | Type |
 |------|------|
+| [aws_default_security_group.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |

security-groups/main.tf

@@ -10,7 +10,7 @@
 * # Usage
 * 
 * ```hcl
-* module "vpc-base-security-groups" {
+* module "base-security-groups" {
 *   source          = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//security-groups"
 *   vpc_id          = "vpc-1234568"
 *   vpc_full_name   = "vpc2-dice-dev"
@@ -30,6 +30,23 @@ locals {
   }
 }
 
+#---
+# default security group
+#---
+resource "aws_default_security_group" "default" {
+  vpc_id = local.vpc_id
+
+  tags = merge(
+    local.base_tags,
+    var.tags,
+    map("Environment", var.vpc_environment),
+    map("Name", format("default-sg-%v", var.vpc_full_name))
+  )
+}
+
+#---
+# base security groups in each vpc
+#---
 module "sg-linux-base" {
   source        = "git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//it-linux-base"
   vpc_id        = var.vpc_id