README.md

OpenTelekomCloud Security Group Terraform module

Terraform module which creates Security Group and Security Group Rule resources on OpenTelekomCloud.

These types of resources are supported:

• Security Group
• Security Group Rule

Terraform versions

Terraform 0.12 and newer.

Usage

module "ssh_sg" {
  source = "terraform-opentelekomcloud-modules/security-group/opentelekomcloud"
  prefix      = "ssh"
  description = "Simple security group for SSH"

  ingress_with_source_cidr = [
    {
      from_port   = 22
      to_port     = 22
      protocol    = "tcp"
      source_cidr = "0.0.0.0/0"
    }
  ]
}

Examples

• Simple Security Group

Requirements

Name	Version
terraform	>= 0.13
opentelekomcloud	>= 1.23.9

Modules

No modules.

Resources

Name	Type
opentelekomcloud_networking_secgroup_v2.this	resource
opentelekomcloud_networking_secgroup_rule_v2.self_ingress_rule	resource
opentelekomcloud_networking_secgroup_rule_v2.ingress_with_source_security_group_id	resource
opentelekomcloud_networking_secgroup_rule_v2.ingress_with_source_cidr	resource
opentelekomcloud_networking_secgroup_rule_v2.egress_with_source_security_group_id	resource
opentelekomcloud_networking_secgroup_rule_v2.egress_with_source_cidr	resource

Inputs

Name	Description	Type	Default	Required
create	Whether to create Security Group and all rules.	bool	true	no
create_sg	Whether to create Security Group.	bool	true	no
security_group_id	The ID of the Security Group.	string	""	no
prefix	Prefix for Security Group.	string	default	no
description	The Security Group description.	string	""	no
delete_default_rules	Wheter to delete default rules.	bool	false	no
create_self_ingress_rule	Wheter to create default self ingress rules (allow all protocols from this group).	bool	true	no
ingress_with_source_security_group_id	List of ingress rules to create where a security group is remote.	list(object({ from_port = number, to_port = number, protocol = string, source_security_group_id = string }))	[]	no
ingress_with_source_cidr	List of ingress rules to create where a CIDR is remote.	list(object({ from_port = number, to_port = number, protocol = string, source_security_group_id = string }))	[]	no
egress_with_source_security_group_id	List of egress rules to create where a security group is remote.	list(object({ from_port = number, to_port = number, protocol = string, source_security_group_id = string }))	[]	no
egress_with_source_cidr	List of egress rules to create where a CIDR is remote.	list(object({ from_port = number, to_port = number, protocol = string, source_security_group_id = string }))	[]	no

Outputs

Name	Description
security_group_id	The ID of the Security Group
security_group_name	The Name of the Security Group
security_group_description	The Description of the Security Group

Authors

Module managed by Rodion Gyrbu.

License

Apache 2 Licensed. See LICENSE for full details.