X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=blobdiff_plain;f=fdio.infra.terraform%2Fterraform-aws-vpc%2Fmain.tf;h=1b84f8e3514a8dd96cc9e9a750150a1da44dc65d;hp=59ac63663d8610bb74024a67d5b6e098bb38289b;hb=6a6ee512cbbcda3295114a478bcb9e3ac3d464c1;hpb=0deec65be1ef39f37090f2b5b851eb4b34c116f9 diff --git a/fdio.infra.terraform/terraform-aws-vpc/main.tf b/fdio.infra.terraform/terraform-aws-vpc/main.tf index 59ac63663d..1b84f8e351 100644 --- a/fdio.infra.terraform/terraform-aws-vpc/main.tf +++ b/fdio.infra.terraform/terraform-aws-vpc/main.tf @@ -26,12 +26,21 @@ resource "aws_security_group" "security_group" { tags = local.tags vpc_id = aws_vpc.vpc.id + ingress { + from_port = 0 + to_port = 0 + protocol = -1 + self = true + ipv6_cidr_blocks = ["::/0"] + } + dynamic "ingress" { for_each = var.security_group_ingress content { from_port = lookup(ingress.value, "from_port", null) to_port = lookup(ingress.value, "to_port", null) protocol = lookup(ingress.value, "protocol", null) + self = lookup(ingress.value, "self", null) cidr_blocks = lookup(ingress.value, "cidr_blocks", null) ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", null) } @@ -39,11 +48,12 @@ resource "aws_security_group" "security_group" { dynamic "egress" { for_each = var.security_group_egress content { - from_port = lookup(ingress.value, "from_port", null) - to_port = lookup(ingress.value, "to_port", null) - protocol = lookup(ingress.value, "protocol", null) - cidr_blocks = lookup(ingress.value, "cidr_blocks", null) - ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", null) + from_port = lookup(egress.value, "from_port", null) + to_port = lookup(egress.value, "to_port", null) + protocol = lookup(egress.value, "protocol", null) + self = lookup(egress.value, "self", null) + cidr_blocks = lookup(egress.value, "cidr_blocks", null) + ipv6_cidr_blocks = lookup(egress.value, "ipv6_cidr_blocks", null) } } }