modules.tf-lambda
modules.tf-lambda copied to clipboard
Published
20 hours ago •
antonbabenko
antonbabenko
Security group rules are not transcripted correctly from Cloudcraft to HCL files
Describe the bug
I declare some simple security groups (ex: allow tcp traffic on 80,443 from ALB to EC2), and I get this after export via modules.tf:
terraform {
source = "git::[email protected]:terraform-aws-modules/terraform-aws-security-group.git?ref=v3.4.0"
}
include {
path = find_in_parent_folders()
}
dependencies {
paths = ["../courbet-vpc"]
}
dependency "courbet-vpc" {
config_path = "../courbet-vpc"
}
###########################################################
# View all available inputs for this module:
# https://registry.terraform.io/modules/terraform-aws-modules/security-group/aws/3.4.0?tab=inputs
###########################################################
inputs = {
# List of IPv4 CIDR ranges to use on all ingress rules
# type: list(string)
ingress_cidr_blocks = ["0.0.0.0/0"]
# List of ingress rules to create by name
# type: list(string)
ingress_rules = ["all-all"]
# Name of security group
# type: string
name = "elb-to-ec2-sg"
# ID of the VPC where to create security group
# type: string
vpc_id = dependency.courbet-vpc.outputs.vpc_id
}
Which is not corresponding to my rules declared in Cloudcraft:
Expected behavior
I think the expected output is something like (not sure about syntax):
// ...
inputs = {
ingress_with_source_security_group_id = ["frontend-lb-sg"]
ingress_rules = ["http-80", "https-443"]
# Name of security group
# type: string
name = "elb-to-ec2-sg"
# ID of the VPC where to create security group
# type: string
vpc_id = dependency.courbet-vpc.outputs.vpc_id
}
Actual behavior
Actually, all security groups generated allows all traffic on all ports
