@@ -107,32 +107,40 @@ variable "subnet_ids" {
107107 type = " list"
108108}
109109
110- resource "aws_security_group" "main" {
111- name = " ${ var . name } -rds"
112- description = " Allows traffic to RDS from other security groups"
113- vpc_id = " ${ var . vpc_id } "
110+ resource "aws_security_group_rule" "main-ingress-cidrs" {
111+ security_group_id = " ${ aws_security_group . main . id } "
112+ type = " ingress"
113+ cidr_blocks = " ${ var . ingress_allow_cidr_blocks } "
114+ from_port = " ${ var . port } "
115+ to_port = " ${ var . port } "
116+ protocol = " TCP"
117+ }
114118
115- ingress {
116- from_port = " ${ var . port } "
117- to_port = " ${ var . port } "
118- protocol = " TCP"
119- security_groups = " ${ var . ingress_allow_security_groups } "
120- }
119+ resource "aws_security_group_rule" "main-ingress-sgs" {
120+ security_group_id = " ${ aws_security_group . main . id } "
121+ type = " ingress"
122+ count = " ${ length (var. ingress_allow_security_groups )} "
123+ source_security_group_id = " ${ element (var. ingress_allow_security_groups , count. index )} "
121124
122- ingress {
123- from_port = " ${ var . port } "
124- to_port = " ${ var . port } "
125- protocol = " TCP"
126- cidr_blocks = " ${ var . ingress_allow_cidr_blocks } "
127- }
125+ from_port = " ${ var . port } "
126+ to_port = " ${ var . port } "
127+ protocol = " TCP"
128+ }
128129
129- egress {
130- from_port = 0
131- to_port = 0
132- protocol = - 1
133- cidr_blocks = " 0.0.0.0/0"
134- }
130+ resource "aws_security_group_rule" "main-egress-all" {
131+ security_group_id = " ${ aws_security_group . main . id } "
132+ type = " egress"
133+ from_port = 0
134+ to_port = 0
135+ protocol = - 1
136+ cidr_blocks = " 0.0.0.0/0"
137+ }
135138
139+
140+ resource "aws_security_group" "main" {
141+ name = " ${ var . name } -rds"
142+ description = " Allows traffic to RDS from other security groups"
143+ vpc_id = " ${ var . vpc_id } "
136144 tags {
137145 Name = " RDS (${ var . name } )"
138146 }
0 commit comments