Hi,
im trying to learn terraform on my own to use it on one of my projects, so sorry if this is a basic misunderstanding, i’m a totally noob here.
I would like to create multiple security groups and inside of them, some specific rules for each security group.
I have been reading about, the basic resource type, and then modules.
i have in my mind something like create a local var, defining all the fields from a security group, then invoke it in in a for each inside this module:
https://registry.terraform.io/modules/terraform-aws-modules/security-group/aws/latest
here is the local:
locals {
aws_security_group = {
"test1" = {
name = "test1"
description = "test1"
vpc_id = var.vpc_destiny
ingress_cidr_blocks = ["0.0.0.0/16"]
ingress_rules = ["https-443-tcp"]
ingress_with_cidr_blocks = [
{
description = "ingress test rules 1"
protocol = "tcp"
from_port = 443
to_port = 443
cidr_blocks = ["192.168.36.0/23"]
},
{
description = "ingress test rules 2"
rule = "postgresql-tcp"
cidr_blocks = "0.0.0.0/0"
},
]
}
}
}
and here is the module:
module "test_sg" {
source = "terraform-aws-modules/security-group/aws"
for_each = local.aws_security_group
name = each.key
description = each.value.description
vpc_id = each.value.vpc_id
ingress_cidr_blocks = each.value.ingress_cidr_blocks
ingress_rules = each.value.ingress_rules
ingress_with_cidr_blocks = [
{
from_port = each.value.ingress_with_cidr_blocks.from_port
to_port = 8080
protocol = "tcp"
description = "description"
cidr_blocks = "10.10.0.0/16"
},
{
rule = "postgresql-tcp"
cidr_blocks = "0.0.0.0/0"
},
]
}
something seems work until i get inside the ingress_with_cidr_blocks, there i get this error:
each.value.ingress_with_cidr_blocks is tuple with 2 elements
this is the first example just with one item (test1), but i would like to define all of my sgs inside this local, and then iterate in the module for each one i need.
is it possible to do what i am trying? how could i get this?
thank you