ai-workspace-infra/gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7732dd6360
gitops/iac-template/terraform-hcl-standard/azure-cloud/modules/sg/main.tf

70 lines
2.2 KiB
HCL
Raw Blame History

variable "resource_group_name" {
description = "Resource group for NSG"
type = string
}
variable "location" {
description = "Azure region"
type = string
}
variable "name" {
description = "Network security group name"
type = string
default = "nsg"
}
variable "rules" {
description = "List of security rules"
type = list(object({
name = string
priority = number
direction = string
access = string
protocol = string
source_port_range = string
destination_port_range = string
source_address_prefix = string
destination_address_prefix = string
}))
default = [
{
name = "ssh"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "*"
destination_address_prefix = "*"
}
]
}
resource "azurerm_network_security_group" "this" {
name = var.name
location = var.location
resource_group_name = var.resource_group_name
}
resource "azurerm_network_security_rule" "rules" {
for_each = { for rule in var.rules : rule.name => rule }
name = each.value.name
priority = each.value.priority
direction = each.value.direction
access = each.value.access
protocol = each.value.protocol
source_port_range = each.value.source_port_range
destination_port_range = each.value.destination_port_range
source_address_prefix = each.value.source_address_prefix
destination_address_prefix = each.value.destination_address_prefix
resource_group_name = var.resource_group_name
network_security_group_name = azurerm_network_security_group.this.name
}
output "nsg_id" {
value = azurerm_network_security_group.this.id
description = "Network security group ID"
}
Reference in New Issue View Git Blame Copy Permalink