This module creates following resources.
aws_security_groupaws_vpc_security_group_ingress_rule(optional)aws_vpc_security_group_egress_rule(optional)aws_vpc_security_group_vpc_association(optional)
| Name | Version |
|---|---|
| terraform | >= 1.12 |
| aws | >= 6.12 |
| Name | Version |
|---|---|
| aws | 6.28.0 |
| Name | Source | Version |
|---|---|---|
| resource_group | tedilabs/misc/aws//modules/resource-group | ~> 0.12.0 |
| share | tedilabs/organization/aws//modules/ram-share | ~> 0.5.0 |
| Name | Type |
|---|---|
| aws_security_group.this | resource |
| aws_vpc_security_group_egress_rule.this | resource |
| aws_vpc_security_group_ingress_rule.this | resource |
| aws_vpc_security_group_vpc_association.this | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | (Required) The name of the security group. | string |
n/a | yes |
| vpc_id | (Required) The ID of the associated VPC. | string |
n/a | yes |
| description | (Optional) The security group description. This field maps to the AWS GroupDescription attribute, for which there is no Update API. |
string |
"Managed by Terraform." |
no |
| egress_rules | (Optional) The configuration for egress rules of the security group. Each block of egress_rules as defined below.(Required) id - The ID of the egress rule. This value is only used internally within Terraform code.(Optional) description - The description of the rule.(Required) protocol - The protocol to match. Note that if protocol is set to -1, it translates to all protocols, all port ranges, and from_port and to_port values should not be defined.(Optional) from_port - The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.(Optional) to_port - The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.(Optional) ipv4_cidrs - The IPv4 network ranges to allow, in CIDR notation.(Optional) ipv6_cidrs - The IPv6 network ranges to allow, in CIDR notation.(Optional) prefix_lists - The prefix list IDs to allow.(Optional) security_groups - The source security group IDs to allow.(Optional) self - Whether the security group itself will be added as a source to this ingress rule. |
list(object({ |
[] |
no |
| ingress_rules | (Optional) The configuration for ingress rules of the security group. Each block of ingress_rules as defined below.(Required) id - The ID of the ingress rule. This value is only used internally within Terraform code.(Optional) description - The description of the rule.(Required) protocol - The protocol to match. Note that if protocol is set to -1, it translates to all protocols, all port ranges, and from_port and to_port values should not be defined.(Optional) from_port - The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.(Optional) to_port - The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.(Optional) ipv4_cidrs - The IPv4 network ranges to allow, in CIDR notation.(Optional) ipv6_cidrs - The IPv6 network ranges to allow, in CIDR notation.(Optional) prefix_lists - The prefix list IDs to allow.(Optional) security_groups - The source security group IDs to allow.(Optional) self - Whether the security group itself will be added as a source to this ingress rule. |
list(object({ |
[] |
no |
| module_tags_enabled | (Optional) Whether to create AWS Resource Tags for the module informations. | bool |
true |
no |
| region | (Optional) The region in which to create the module resources. If not provided, the module resources will be created in the provider's configured region. | string |
null |
no |
| resource_group | (Optional) A configurations of Resource Group for this module. resource_group as defined below.(Optional) enabled - Whether to create Resource Group to find and group AWS resources which are created by this module. Defaults to true.(Optional) name - The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with AWS or aws. If not provided, a name will be generated using the module name and instance name.(Optional) description - The description of Resource Group. Defaults to Managed by Terraform.. |
object({ |
{} |
no |
| revoke_rules_on_delete | (Optional) Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed. | bool |
false |
no |
| shares | (Optional) A list of resource shares via RAM (Resource Access Manager). | list(object({ |
[] |
no |
| tags | (Optional) A map of tags to add to all resources. | map(string) |
{} |
no |
| vpc_associations | (Optional) A set of VPC IDs to associate with the security group. | set(string) |
[] |
no |
| Name | Description |
|---|---|
| arn | The ARN of the security group. |
| description | The description of the security group. |
| egress_rules | The configuration of the security group egress rules. |
| id | The ID of the security group. |
| ingress_rules | The configuration of the security group ingress rules. |
| name | The name of the security group. |
| owner_id | The ID of the AWS account that owns the security group. |
| region | The AWS region this module resources resides in. |
| resource_group | The resource group created to manage resources in this module. |
| sharing | The configuration for sharing of the security group.status - An indication of whether the security group is shared with other AWS accounts, or was shared with the current account by another AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM). Values are NOT_SHARED, SHARED_BY_ME or SHARED_WITH_ME.shares - The list of resource shares via RAM (Resource Access Manager). |
| vpc_associations | A set |
| vpc_id | The ID of the associated VPC. |