diff --git a/main.tf b/main.tf index a3417ee..b36e0b9 100644 --- a/main.tf +++ b/main.tf @@ -34,7 +34,7 @@ resource "aws_rds_cluster" "main" { preferred_maintenance_window = "${var.preferred_maintenance_window}" port = "${local.port}" db_subnet_group_name = "${aws_db_subnet_group.main.name}" - vpc_security_group_ids = ["${aws_security_group.main.id}"] + vpc_security_group_ids = ["${concat(list(aws_security_group.main.id), var.extra_security_groups)}"] snapshot_identifier = "${var.snapshot_identifier}" storage_encrypted = "${var.storage_encrypted}" apply_immediately = "${var.apply_immediately}" diff --git a/variables.tf b/variables.tf index b53460d..6995e38 100644 --- a/variables.tf +++ b/variables.tf @@ -34,6 +34,11 @@ variable "allowed_security_groups" { default = [] } +variable "extra_security_groups" { + description = "A list of Security Group IDs to add to the cluster" + default = [] +} + variable "vpc_id" { description = "VPC ID" type = "string"