Refactored the SG Module and Clean trash files

weyderfs · Jan 6, 2023 · cf5aae6 · cf5aae6
1 parent 834e24b
commit cf5aae6
Show file tree

Hide file tree

Showing 10 changed files with 196 additions and 85 deletions.
diff --git a/vpc/main.tf b/vpc/main.tf
diff --git a/vpc/security-group/custom/README.md b/vpc/security-group/custom/README.md
@@ -0,0 +1,41 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_security_group.sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_description"></a> [description](#input\_description) | Fo what you be use this SG? | `string` | n/a | yes |
+| <a name="input_egress"></a> [egress](#input\_egress) | Egress Rules | <pre>list(object({<br>    description = string,<br>    from_port   = number,<br>    to_port     = number,<br>    protocol    = string<br>    cidr_blocks = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_ingress"></a> [ingress](#input\_ingress) | Ingress Rules | <pre>list(object({<br>    description = string,<br>    from_port   = number,<br>    to_port     = number,<br>    protocol    = string,<br>    cidr_blocks = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_ingress_sg"></a> [ingress\_sg](#input\_ingress\_sg) | Ingress Rules | <pre>list(object({<br>    description     = string,<br>    from_port       = number,<br>    to_port         = number,<br>    protocol        = string,<br>    security_groups = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_name"></a> [name](#input\_name) | The name of SG | `string` | n/a | yes |
+| <a name="input_revoke_rules_on_delete"></a> [revoke\_rules\_on\_delete](#input\_revoke\_rules\_on\_delete) | (Optional) Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. | `bool` | `true` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | The tags of resource | `map(string)` | `null` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | The VPC ID | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_id"></a> [id](#output\_id) | The name SG ID |
+| <a name="output_name"></a> [name](#output\_name) | The name SG name |
+<!-- END_TF_DOCS -->
diff --git a/vpc/security-group/main.tf → vpc/security-group/custom/main.tf b/vpc/security-group/main.tf → vpc/security-group/custom/main.tf
@@ -1,11 +1,11 @@
 resource "aws_security_group" "sg" {
-  name                    = var.name
-  description             = var.description
-  revoke_rules_on_delete  = var.revoke_rules_on_delete
-  vpc_id                  = var.vpc_id
+  name                   = var.name
+  description            = var.description
+  revoke_rules_on_delete = var.revoke_rules_on_delete
+  vpc_id                 = var.vpc_id
 
   dynamic "ingress" {
-    for_each  = var.ingress
+    for_each = var.ingress
     content {
       description = ingress.value.description
       from_port   = ingress.value.from_port
@@ -16,18 +16,18 @@ resource "aws_security_group" "sg" {
   }
 
   dynamic "ingress" {
-    for_each  = var.ingress_sg
+    for_each = var.ingress_sg
     content {
       description     = ingress.value.description
       from_port       = ingress.value.from_port
       to_port         = ingress.value.to_port
       protocol        = ingress.value.protocol
       security_groups = ingress.value.security_groups
     }
-  }  
+  }
 
   dynamic "egress" {
-    for_each  = var.egress
+    for_each = var.egress
     content {
       description = egress.value.description
       from_port   = egress.value.from_port

diff --git a/vpc/security-group/outputs.tf → vpc/security-group/custom/outputs.tf b/vpc/security-group/outputs.tf → vpc/security-group/custom/outputs.tf
@@ -1,9 +1,9 @@
-output name {
+output "name" {
   value       = aws_security_group.sg.name
   description = "The name SG name"
 }
 
-output id {
+output "id" {
   value       = aws_security_group.sg.id
   description = "The name SG ID"
 }

diff --git a/vpc/security-group/vars.tf → vpc/security-group/custom/vars.tf b/vpc/security-group/vars.tf → vpc/security-group/custom/vars.tf
@@ -3,7 +3,7 @@ variable "name" {
   description = "The name of SG"
 }
 
-variable "description"  {
+variable "description" {
   type        = string
   description = "Fo what you be use this SG?"
 }
@@ -14,31 +14,31 @@ variable "revoke_rules_on_delete" {
   description = "(Optional) Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first."
 }
 
-variable "vpc_id"   {
+variable "vpc_id" {
   type        = string
-  description = "The VPC ID" 
+  description = "The VPC ID"
 }
 
 variable "ingress" {
   type = list(object({
-    description      = string,
-    from_port        = number,
-    to_port          = number,
-    protocol         = string,
-    cidr_blocks      = list(string)
-   }))
+    description = string,
+    from_port   = number,
+    to_port     = number,
+    protocol    = string,
+    cidr_blocks = list(string)
+  }))
   default     = []
   description = "Ingress Rules"
 }
 
 variable "ingress_sg" {
   type = list(object({
-    description      = string,
-    from_port        = number,
-    to_port          = number,
-    protocol         = string,
-    security_groups  = list(string)
-   }))
+    description     = string,
+    from_port       = number,
+    to_port         = number,
+    protocol        = string,
+    security_groups = list(string)
+  }))
   default     = []
   description = "Ingress Rules"
 }

diff --git a/vpc/security-group/default/README.md b/vpc/security-group/default/README.md
@@ -0,0 +1,38 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_default_security_group.dsg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_egress"></a> [egress](#input\_egress) | Egress Rules | <pre>list(object({<br>    description = string,<br>    from_port   = number,<br>    to_port     = number,<br>    protocol    = string<br>    cidr_blocks = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_ingress"></a> [ingress](#input\_ingress) | Ingress Rules | <pre>list(object({<br>    description = string,<br>    from_port   = number,<br>    to_port     = number,<br>    protocol    = string,<br>    cidr_blocks = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_ingress_sg"></a> [ingress\_sg](#input\_ingress\_sg) | Ingress Rules | <pre>list(object({<br>    description     = string,<br>    from_port       = number,<br>    to_port         = number,<br>    protocol        = string,<br>    security_groups = list(string)<br>  }))</pre> | `[]` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | (Optional, Forces new resource) VPC ID. Note that changing the vpc\_id will not restore any default security group rules that were modified, added, or removed. It will be left in its current state. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_id"></a> [id](#output\_id) | The name SG ID |
+| <a name="output_name"></a> [name](#output\_name) | The name SG ID |
+<!-- END_TF_DOCS -->
diff --git a/vpc/security-group/default/main.tf b/vpc/security-group/default/main.tf
@@ -0,0 +1,38 @@
+resource "aws_default_security_group" "dsg" {
+  vpc_id = var.vpc_id
+
+  dynamic "ingress" {
+    for_each = var.ingress
+    content {
+      description = ingress.value.description
+      from_port   = ingress.value.from_port
+      to_port     = ingress.value.to_port
+      protocol    = ingress.value.protocol
+      cidr_blocks = ingress.value.cidr_blocks
+    }
+  }
+
+  dynamic "ingress" {
+    for_each = var.ingress_sg
+    content {
+      description     = ingress.value.description
+      from_port       = ingress.value.from_port
+      to_port         = ingress.value.to_port
+      protocol        = ingress.value.protocol
+      security_groups = ingress.value.security_groups
+    }
+  }
+
+  dynamic "egress" {
+    for_each = var.egress
+    content {
+      description = egress.value.description
+      from_port   = egress.value.from_port
+      to_port     = egress.value.to_port
+      protocol    = egress.value.protocol
+      cidr_blocks = egress.value.cidr_blocks
+    }
+  }
+
+  tags = var.tags
+}
diff --git a/vpc/security-group/default/outputs.tf b/vpc/security-group/default/outputs.tf
@@ -0,0 +1,9 @@
+output "id" {
+  value       = aws_default_security_group.dsg.id
+  description = "The name SG ID"
+}
+
+output "name" {
+  value       = aws_default_security_group.dsg.name
+  description = "The name SG ID"
+}
diff --git a/vpc/security-group/default/vars.tf b/vpc/security-group/default/vars.tf
@@ -0,0 +1,45 @@
+variable "vpc_id" {
+  type        = string
+  description = "(Optional, Forces new resource) VPC ID. Note that changing the vpc_id will not restore any default security group rules that were modified, added, or removed. It will be left in its current state."
+}
+variable "ingress" {
+  type = list(object({
+    description = string,
+    from_port   = number,
+    to_port     = number,
+    protocol    = string,
+    cidr_blocks = list(string)
+  }))
+  default     = []
+  description = "Ingress Rules"
+}
+
+variable "ingress_sg" {
+  type = list(object({
+    description     = string,
+    from_port       = number,
+    to_port         = number,
+    protocol        = string,
+    security_groups = list(string)
+  }))
+  default     = []
+  description = "Ingress Rules"
+}
+
+variable "egress" {
+  type = list(object({
+    description = string,
+    from_port   = number,
+    to_port     = number,
+    protocol    = string
+    cidr_blocks = list(string)
+  }))
+  default     = []
+  description = "Egress Rules"
+}
+
+variable "tags" {
+  description = "A map of tags to add to all resources"
+  type        = map(string)
+  default     = {}
+}
diff --git a/vpc/variables.tf b/vpc/variables.tf