Skip to content

Commit 7ffb2c8

Browse files
titouan-josephtitouan-joseph
authored
feat: Remove prefix_list_ids attribute from _with_cidr_blocks & specific prefix list for each rules on _with_prefix_list_ids (#325)
1 parent 20e107f commit 7ffb2c8

File tree

2 files changed

+58
-9
lines changed

2 files changed

+58
-9
lines changed

examples/complete/main.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -427,7 +427,7 @@ module "prefix_list" {
427427
vpc_id = data.aws_vpc.default.id
428428

429429
ingress_prefix_list_ids = [data.aws_prefix_list.s3.id, data.aws_prefix_list.dynamodb.id]
430-
ingress_with_cidr_blocks = [
430+
ingress_with_prefix_list_ids = [
431431
{
432432
from_port = 9100
433433
to_port = 9100

main.tf

+57-8
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ resource "aws_security_group_rule" "ingress_with_cidr_blocks" {
202202
join(",", var.ingress_cidr_blocks),
203203
),
204204
))
205-
prefix_list_ids = var.ingress_prefix_list_ids
205+
206206
description = lookup(
207207
var.ingress_with_cidr_blocks[count.index],
208208
"description",
@@ -214,11 +214,13 @@ resource "aws_security_group_rule" "ingress_with_cidr_blocks" {
214214
"from_port",
215215
var.rules[lookup(var.ingress_with_cidr_blocks[count.index], "rule", "_")][0],
216216
)
217+
217218
to_port = lookup(
218219
var.ingress_with_cidr_blocks[count.index],
219220
"to_port",
220221
var.rules[lookup(var.ingress_with_cidr_blocks[count.index], "rule", "_")][1],
221222
)
223+
222224
protocol = lookup(
223225
var.ingress_with_cidr_blocks[count.index],
224226
"protocol",
@@ -241,7 +243,7 @@ resource "aws_security_group_rule" "computed_ingress_with_cidr_blocks" {
241243
join(",", var.ingress_cidr_blocks),
242244
),
243245
))
244-
prefix_list_ids = var.ingress_prefix_list_ids
246+
245247
description = lookup(
246248
var.computed_ingress_with_cidr_blocks[count.index],
247249
"description",
@@ -257,6 +259,7 @@ resource "aws_security_group_rule" "computed_ingress_with_cidr_blocks" {
257259
"_",
258260
)][0],
259261
)
262+
260263
to_port = lookup(
261264
var.computed_ingress_with_cidr_blocks[count.index],
262265
"to_port",
@@ -266,6 +269,7 @@ resource "aws_security_group_rule" "computed_ingress_with_cidr_blocks" {
266269
"_",
267270
)][1],
268271
)
272+
269273
protocol = lookup(
270274
var.computed_ingress_with_cidr_blocks[count.index],
271275
"protocol",
@@ -437,7 +441,15 @@ resource "aws_security_group_rule" "ingress_with_prefix_list_ids" {
437441
security_group_id = local.this_sg_id
438442
type = "ingress"
439443

440-
prefix_list_ids = var.ingress_prefix_list_ids
444+
prefix_list_ids = compact(split(
445+
",",
446+
lookup(
447+
var.ingress_with_prefix_list_ids[count.index],
448+
"prefix_list_ids",
449+
join(",", var.ingress_prefix_list_ids)
450+
)
451+
))
452+
441453
description = lookup(
442454
var.ingress_with_prefix_list_ids[count.index],
443455
"description",
@@ -449,11 +461,13 @@ resource "aws_security_group_rule" "ingress_with_prefix_list_ids" {
449461
"from_port",
450462
var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][0],
451463
)
464+
452465
to_port = lookup(
453466
var.ingress_with_prefix_list_ids[count.index],
454467
"to_port",
455468
var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][1],
456469
)
470+
457471
protocol = lookup(
458472
var.ingress_with_prefix_list_ids[count.index],
459473
"protocol",
@@ -468,7 +482,15 @@ resource "aws_security_group_rule" "computed_ingress_with_prefix_list_ids" {
468482
security_group_id = local.this_sg_id
469483
type = "ingress"
470484

471-
prefix_list_ids = var.ingress_prefix_list_ids
485+
prefix_list_ids = compact(split(
486+
",",
487+
lookup(
488+
var.ingress_with_prefix_list_ids[count.index],
489+
"prefix_list_ids",
490+
join(",", var.ingress_prefix_list_ids)
491+
)
492+
))
493+
472494
description = lookup(
473495
var.ingress_with_prefix_list_ids[count.index],
474496
"description",
@@ -480,11 +502,13 @@ resource "aws_security_group_rule" "computed_ingress_with_prefix_list_ids" {
480502
"from_port",
481503
var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][0],
482504
)
505+
483506
to_port = lookup(
484507
var.ingress_with_prefix_list_ids[count.index],
485508
"to_port",
486509
var.rules[lookup(var.ingress_with_prefix_list_ids[count.index], "rule", "_")][1],
487510
)
511+
488512
protocol = lookup(
489513
var.ingress_with_prefix_list_ids[count.index],
490514
"protocol",
@@ -639,7 +663,7 @@ resource "aws_security_group_rule" "egress_with_cidr_blocks" {
639663
join(",", var.egress_cidr_blocks),
640664
),
641665
))
642-
prefix_list_ids = var.egress_prefix_list_ids
666+
643667
description = lookup(
644668
var.egress_with_cidr_blocks[count.index],
645669
"description",
@@ -651,11 +675,13 @@ resource "aws_security_group_rule" "egress_with_cidr_blocks" {
651675
"from_port",
652676
var.rules[lookup(var.egress_with_cidr_blocks[count.index], "rule", "_")][0],
653677
)
678+
654679
to_port = lookup(
655680
var.egress_with_cidr_blocks[count.index],
656681
"to_port",
657682
var.rules[lookup(var.egress_with_cidr_blocks[count.index], "rule", "_")][1],
658683
)
684+
659685
protocol = lookup(
660686
var.egress_with_cidr_blocks[count.index],
661687
"protocol",
@@ -678,7 +704,7 @@ resource "aws_security_group_rule" "computed_egress_with_cidr_blocks" {
678704
join(",", var.egress_cidr_blocks),
679705
),
680706
))
681-
prefix_list_ids = var.egress_prefix_list_ids
707+
682708
description = lookup(
683709
var.computed_egress_with_cidr_blocks[count.index],
684710
"description",
@@ -694,6 +720,7 @@ resource "aws_security_group_rule" "computed_egress_with_cidr_blocks" {
694720
"_",
695721
)][0],
696722
)
723+
697724
to_port = lookup(
698725
var.computed_egress_with_cidr_blocks[count.index],
699726
"to_port",
@@ -703,6 +730,7 @@ resource "aws_security_group_rule" "computed_egress_with_cidr_blocks" {
703730
"_",
704731
)][1],
705732
)
733+
706734
protocol = lookup(
707735
var.computed_egress_with_cidr_blocks[count.index],
708736
"protocol",
@@ -875,7 +903,15 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
875903
security_group_id = local.this_sg_id
876904
type = "egress"
877905

878-
prefix_list_ids = var.egress_prefix_list_ids
906+
prefix_list_ids = compact(split(
907+
",",
908+
lookup(
909+
var.egress_with_prefix_list_ids[count.index],
910+
"prefix_list_ids",
911+
join(",", var.egress_prefix_list_ids)
912+
))
913+
)
914+
879915
description = lookup(
880916
var.egress_with_prefix_list_ids[count.index],
881917
"description",
@@ -891,6 +927,7 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
891927
"_",
892928
)][0],
893929
)
930+
894931
to_port = lookup(
895932
var.egress_with_prefix_list_ids[count.index],
896933
"to_port",
@@ -900,6 +937,7 @@ resource "aws_security_group_rule" "egress_with_prefix_list_ids" {
900937
"_",
901938
)][1],
902939
)
940+
903941
protocol = lookup(
904942
var.egress_with_prefix_list_ids[count.index],
905943
"protocol",
@@ -919,7 +957,16 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
919957
type = "egress"
920958

921959
source_security_group_id = var.computed_egress_with_prefix_list_ids[count.index]["source_security_group_id"]
922-
prefix_list_ids = var.egress_prefix_list_ids
960+
961+
prefix_list_ids = compact(split(
962+
",",
963+
lookup(
964+
var.computed_egress_with_prefix_list_ids[count.index],
965+
"prefix_list_ids",
966+
join(",", var.egress_prefix_list_ids)
967+
)
968+
))
969+
923970
description = lookup(
924971
var.computed_egress_with_prefix_list_ids[count.index],
925972
"description",
@@ -935,6 +982,7 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
935982
"_",
936983
)][0],
937984
)
985+
938986
to_port = lookup(
939987
var.computed_egress_with_prefix_list_ids[count.index],
940988
"to_port",
@@ -944,6 +992,7 @@ resource "aws_security_group_rule" "computed_egress_with_prefix_list_ids" {
944992
"_",
945993
)][1],
946994
)
995+
947996
protocol = lookup(
948997
var.computed_egress_with_prefix_list_ids[count.index],
949998
"protocol",

0 commit comments

Comments
 (0)