stackoom
  简体   繁体   中英

How to create module for security group in terraform

 原文  2022-09-01 03:19:21       amazon-web-services/ terraform/ terraform-provider-aws/ aws-security-group

Question

I have this resource to make security groups and have several entry rules.

These files are inside the "security-group" folder because I have to create a module for it.

Main.tf

resource "aws_security_group" "main" {
   name   = var.sg_name

   dynamic "ingress" {
       for_each = local.ingress_rules

       content {
           description = ingress.value.description
           from_port   = ingress.value.port
           to_port     = ingress.value.port
           protocol    = "tcp"
           cidr_blocks = ["0.0.0.0/0"]
       }
   }
}

variable.tf

locals {
   ingress_rules = [{
       port        = 443
       description = "Port 443"
   },
   {
       port        = 80
       description = "Port 80"
   }]
}

Now outside of the modules/security-group/ folder I have the main.tf file where I want to call that module to create security groups.

module "security_group" {
 source = "./modules/security-group"

   dynamic "ingress" {
       for_each = local.ingress_rules

       content {
           description = ingress.value.description
           from_port   = ingress.value.port
           to_port     = ingress.value.port
           protocol    = "tcp"
           cidr_blocks = ["0.0.0.0/0"]
       }
   }
}


│ Error: Unsupported block type
│
│   on main.tf line 29, in module "security_group":
│   29:         dynamic "ingress" {
│
│ Blocks of type "dynamic" are not expected here.
╵

How else can I call this module to create the rules and other necessary things? Many thanks in advance

1 answers

solution1
 0  2022-09-01 03:32:39

There are no dynamic blocks for modules. You have to pass your rules as regular variables to the module, not local values:

variable "ingress_rules" {
  default = [{
       from_port   = 443
       to_port     = 443
       description = "Port 443"
   },
   {
       from_port   = 80
       to_port     = 80
       description = "Port 80"
   }]
}

resource "aws_security_group" "main" {
   name   = var.sg_name

   dynamic "ingress" {
       for_each = var.ingress_rules

       content {
           description = ingress.value.description
           from_port   = ingress.value.from_port   
           to_port     = ingress.value.to_port     
           protocol    = "tcp"
           cidr_blocks = ["0.0.0.0/0"]
       }
   }
}

then in parent folder:

module "security_group" {
 source = "./modules/security-group"

 ingress_rules =    [
       {
           description =  "description"
           from_port   = 20
           to_port     = 20
           protocol    = "tcp"
           cidr_blocks = ["0.0.0.0/0"]
     }
   ] 
}

You have to fix all those names of your attributes. You can't just mix port and to_port .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Get ID of AWS Security Group Terraform Module Terraform - Iterate and create Ingress Rules for a Security Group How to attach a security group to aws instance in terraform Terraform: How to use security group id in tfvars How to create an aws security group rule allowing RDP ports from anywhere using terraform? How can I create terraform aws_security_group with multiple eip and ec2 instances? Conditionally create aws_security_group_rule with count in terraform failed to create ec2 instance using terraform if set security group Create new security group for redshift and apply using Terraform Terraform: Cycle definitions in security group
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM