diff --git a/vpc/main.tf b/vpc/main.tf
deleted file mode 100644
index 92359c2..0000000
--- a/vpc/main.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-resource "aws_vpc" "vpc" {
- cidr_block = "10.0.0.0/16"
-
-##### OPTIONALS
- instance_tenancy = var.instance_tenancy
-
- enable_dns_support = var.enable_dns_support
- enable_dns_hostnames = var.enable_dns_hostnames
- enable_classiclink = var.enable_classiclink
- enable_classiclink_dns_support = var.enable_classiclink_dns_support
- assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block
-
-}
-
- tag {
- Name = "My VPC"
- Team = "My Team"
- Product = "My Product"
-}
diff --git a/vpc/security-group/custom/README.md b/vpc/security-group/custom/README.md
new file mode 100644
index 0000000..f92722f
--- /dev/null
+++ b/vpc/security-group/custom/README.md
@@ -0,0 +1,41 @@
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_security_group.sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [description](#input\_description) | Fo what you be use this SG? | `string` | n/a | yes |
+| [egress](#input\_egress) | Egress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string
cidr_blocks = list(string)
})) | `[]` | no |
+| [ingress](#input\_ingress) | Ingress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string,
cidr_blocks = list(string)
})) | `[]` | no |
+| [ingress\_sg](#input\_ingress\_sg) | Ingress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string,
security_groups = list(string)
})) | `[]` | no |
+| [name](#input\_name) | The name of SG | `string` | n/a | yes |
+| [revoke\_rules\_on\_delete](#input\_revoke\_rules\_on\_delete) | (Optional) Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. | `bool` | `true` | no |
+| [tags](#input\_tags) | The tags of resource | `map(string)` | `null` | no |
+| [vpc\_id](#input\_vpc\_id) | The VPC ID | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | The name SG ID |
+| [name](#output\_name) | The name SG name |
+
\ No newline at end of file
diff --git a/vpc/security-group/main.tf b/vpc/security-group/custom/main.tf
similarity index 76%
rename from vpc/security-group/main.tf
rename to vpc/security-group/custom/main.tf
index 65111a6..1953b5d 100644
--- a/vpc/security-group/main.tf
+++ b/vpc/security-group/custom/main.tf
@@ -1,11 +1,11 @@
resource "aws_security_group" "sg" {
- name = var.name
- description = var.description
- revoke_rules_on_delete = var.revoke_rules_on_delete
- vpc_id = var.vpc_id
+ name = var.name
+ description = var.description
+ revoke_rules_on_delete = var.revoke_rules_on_delete
+ vpc_id = var.vpc_id
dynamic "ingress" {
- for_each = var.ingress
+ for_each = var.ingress
content {
description = ingress.value.description
from_port = ingress.value.from_port
@@ -16,7 +16,7 @@ resource "aws_security_group" "sg" {
}
dynamic "ingress" {
- for_each = var.ingress_sg
+ for_each = var.ingress_sg
content {
description = ingress.value.description
from_port = ingress.value.from_port
@@ -24,10 +24,10 @@ resource "aws_security_group" "sg" {
protocol = ingress.value.protocol
security_groups = ingress.value.security_groups
}
- }
+ }
dynamic "egress" {
- for_each = var.egress
+ for_each = var.egress
content {
description = egress.value.description
from_port = egress.value.from_port
diff --git a/vpc/security-group/outputs.tf b/vpc/security-group/custom/outputs.tf
similarity index 84%
rename from vpc/security-group/outputs.tf
rename to vpc/security-group/custom/outputs.tf
index 8a83f8a..e75040a 100644
--- a/vpc/security-group/outputs.tf
+++ b/vpc/security-group/custom/outputs.tf
@@ -1,9 +1,9 @@
-output name {
+output "name" {
value = aws_security_group.sg.name
description = "The name SG name"
}
-output id {
+output "id" {
value = aws_security_group.sg.id
description = "The name SG ID"
}
diff --git a/vpc/security-group/vars.tf b/vpc/security-group/custom/vars.tf
similarity index 75%
rename from vpc/security-group/vars.tf
rename to vpc/security-group/custom/vars.tf
index 8444a78..ce8c68f 100644
--- a/vpc/security-group/vars.tf
+++ b/vpc/security-group/custom/vars.tf
@@ -3,7 +3,7 @@ variable "name" {
description = "The name of SG"
}
-variable "description" {
+variable "description" {
type = string
description = "Fo what you be use this SG?"
}
@@ -14,31 +14,31 @@ variable "revoke_rules_on_delete" {
description = "(Optional) Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first."
}
-variable "vpc_id" {
+variable "vpc_id" {
type = string
- description = "The VPC ID"
+ description = "The VPC ID"
}
variable "ingress" {
type = list(object({
- description = string,
- from_port = number,
- to_port = number,
- protocol = string,
- cidr_blocks = list(string)
- }))
+ description = string,
+ from_port = number,
+ to_port = number,
+ protocol = string,
+ cidr_blocks = list(string)
+ }))
default = []
description = "Ingress Rules"
}
variable "ingress_sg" {
type = list(object({
- description = string,
- from_port = number,
- to_port = number,
- protocol = string,
- security_groups = list(string)
- }))
+ description = string,
+ from_port = number,
+ to_port = number,
+ protocol = string,
+ security_groups = list(string)
+ }))
default = []
description = "Ingress Rules"
}
diff --git a/vpc/security-group/default/README.md b/vpc/security-group/default/README.md
new file mode 100644
index 0000000..e74412f
--- /dev/null
+++ b/vpc/security-group/default/README.md
@@ -0,0 +1,38 @@
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_default_security_group.dsg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [egress](#input\_egress) | Egress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string
cidr_blocks = list(string)
})) | `[]` | no |
+| [ingress](#input\_ingress) | Ingress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string,
cidr_blocks = list(string)
})) | `[]` | no |
+| [ingress\_sg](#input\_ingress\_sg) | Ingress Rules | list(object({
description = string,
from_port = number,
to_port = number,
protocol = string,
security_groups = list(string)
})) | `[]` | no |
+| [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |
+| [vpc\_id](#input\_vpc\_id) | (Optional, Forces new resource) VPC ID. Note that changing the vpc\_id will not restore any default security group rules that were modified, added, or removed. It will be left in its current state. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | The name SG ID |
+| [name](#output\_name) | The name SG ID |
+
\ No newline at end of file
diff --git a/vpc/security-group/default/main.tf b/vpc/security-group/default/main.tf
new file mode 100644
index 0000000..1b97592
--- /dev/null
+++ b/vpc/security-group/default/main.tf
@@ -0,0 +1,38 @@
+resource "aws_default_security_group" "dsg" {
+ vpc_id = var.vpc_id
+
+ dynamic "ingress" {
+ for_each = var.ingress
+ content {
+ description = ingress.value.description
+ from_port = ingress.value.from_port
+ to_port = ingress.value.to_port
+ protocol = ingress.value.protocol
+ cidr_blocks = ingress.value.cidr_blocks
+ }
+ }
+
+ dynamic "ingress" {
+ for_each = var.ingress_sg
+ content {
+ description = ingress.value.description
+ from_port = ingress.value.from_port
+ to_port = ingress.value.to_port
+ protocol = ingress.value.protocol
+ security_groups = ingress.value.security_groups
+ }
+ }
+
+ dynamic "egress" {
+ for_each = var.egress
+ content {
+ description = egress.value.description
+ from_port = egress.value.from_port
+ to_port = egress.value.to_port
+ protocol = egress.value.protocol
+ cidr_blocks = egress.value.cidr_blocks
+ }
+ }
+
+ tags = var.tags
+}
\ No newline at end of file
diff --git a/vpc/security-group/default/outputs.tf b/vpc/security-group/default/outputs.tf
new file mode 100644
index 0000000..a866f13
--- /dev/null
+++ b/vpc/security-group/default/outputs.tf
@@ -0,0 +1,9 @@
+output "id" {
+ value = aws_default_security_group.dsg.id
+ description = "The name SG ID"
+}
+
+output "name" {
+ value = aws_default_security_group.dsg.name
+ description = "The name SG ID"
+}
diff --git a/vpc/security-group/default/vars.tf b/vpc/security-group/default/vars.tf
new file mode 100644
index 0000000..768290f
--- /dev/null
+++ b/vpc/security-group/default/vars.tf
@@ -0,0 +1,45 @@
+variable "vpc_id" {
+ type = string
+ description = "(Optional, Forces new resource) VPC ID. Note that changing the vpc_id will not restore any default security group rules that were modified, added, or removed. It will be left in its current state."
+}
+variable "ingress" {
+ type = list(object({
+ description = string,
+ from_port = number,
+ to_port = number,
+ protocol = string,
+ cidr_blocks = list(string)
+ }))
+ default = []
+ description = "Ingress Rules"
+}
+
+variable "ingress_sg" {
+ type = list(object({
+ description = string,
+ from_port = number,
+ to_port = number,
+ protocol = string,
+ security_groups = list(string)
+ }))
+ default = []
+ description = "Ingress Rules"
+}
+
+variable "egress" {
+ type = list(object({
+ description = string,
+ from_port = number,
+ to_port = number,
+ protocol = string
+ cidr_blocks = list(string)
+ }))
+ default = []
+ description = "Egress Rules"
+}
+
+variable "tags" {
+ description = "A map of tags to add to all resources"
+ type = map(string)
+ default = {}
+}
\ No newline at end of file
diff --git a/vpc/variables.tf b/vpc/variables.tf
deleted file mode 100644
index 3e1e7bb..0000000
--- a/vpc/variables.tf
+++ /dev/null
@@ -1,41 +0,0 @@
-variable "instance_tenancy" {
- type = string
- default = default
- description = "A tenancy option for instances launched into the VPC. Default is default, which makes your instances shared on the host. Using either of the other options (dedicated or host) costs at least $2/hr."
-
-}
-
-variable "enable_dns_support" {
- type = bool
- default = true
- description = "(Optional) A boolean flag to enable/disable DNS support in the VPC. Defaults true."
-
-}
-
-variable "enable_dns_hostnames" {
- type = bool
- default = true
- description = "(Optional) A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false."
-
-}
-
-variable "enable_classiclink" {
- type = bool
- default = false
- description = "(Optional) A boolean flag to enable/disable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic. See the ClassicLink documentation for more information. Defaults false."
-
-}
-
-variable "enable_classiclink_dns_support" {
- type = bool
- default = false
- description = "(Optional) A boolean flag to enable/disable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic."
-
-}
-
-variable "assign_generated_ipv6_cidr_block" {
- type = string
- default = false
- description = "(Optional) Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false."
-
-}
\ No newline at end of file