I am newbie and I am trying to create the security group resource as explained below and getting the following error. Can any expert please guide me.
locals {
Security_Group_Config = {
# 1st Security Group Details
Resource_Type = "Security Group"
Security_Group_List = [
{
Name = "SG_Database_RDS"
Description = "Allow only specific traffic to hit RDS Databases."
Ingress_Rules_List = [
{
from_port = "8080"
to_port = "8080"
protocol = "tcp"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Inbound Description"
},
{
from_port = "8081"
to_port = "8081"
protocol = "tcp"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Inbound Description"
}
]
Egress_Rules_List = [
{
from_port = "0"
to_port = "0"
protocol = "0"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Outbound Description"
},
{
from_port = "1"
to_port = "1"
protocol = "2"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Outbound Description"
}
]
},
{
Name = "SG_Database_Redshift"
Description = "Allow only specific traffic to hit RDS Databases."
Ingress_Rules_List = [
{
from_port = "8080"
to_port = "8080"
protocol = "tcp"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Inbound Description"
},
{
from_port = "8081"
to_port = "8081"
protocol = "tcp"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Inbound Description"
}
]
Egress_Rules_List = [
{
from_port = "0"
to_port = "0"
protocol = "0"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Outbound Description"
},
{
from_port = "1"
to_port = "1"
protocol = "2"
cidr_blocks = "1.2.3.4/32"
description = "Testing Security Group Outbound Description"
}
]
}
]
}
}
module "Security_Group_Module" {
source = "./Networking/SecurityGroup"
Input_VPC_ID = "${module.Module_VPC.Output_Private_VPC_1_id}"
Input_Standard_Tags = local.Standard_Tags
Input_Resource_Type = local.Security_Group_Config.Resource_Type
Input_Security_Group = local.Security_Group_Config
}
and My SecurityGroup_main.tf is something like :-
resource "aws_security_group" "TF_SG_1" {
vpc_id = var.Input_VPC_ID
dynamic "SG_Config" {
for_each = var.Input_Security_Group.Security_Group_List
iterator = "SG_Cnt"
content {
name = SG_Cnt.Name
description = SG_Cnt.Description
tags = merge(
var.Input_Standard_Tags,
{
Name = SG_Cnt.Name
Resource_Type = var.Input_Resource_Type
},
)
lifecycle {
ignore_changes = [tags.Created_On]
}
dynamic "Ingress_Config" {
for_each = SG_Cnt[value].Ingress_Rules
iterator = "Ingress_Cnt"
content {
from_port = Ingress_Cnt.value.from_port
to_port = Ingress_Cnt.value.to_port
protocol = Ingress_Cnt.value.protocol
cidr_blocks = Ingress_Cnt.value.cidr_blocks
description = Ingress_Cnt.value.description
}
}
}
}
}