New module single-port-sg-src

This is a fork version of single-port-sg module to support source_security_group.

Author: Magicloud

modules/single-port-sg-src/README.md

@@ -0,0 +1,3 @@
+## Single Port Security Group Rule
+
+Create an `aws_security_group_rule` to allow ingress on some port.

modules/single-port-sg-src/main.tf

@@ -0,0 +1,67 @@
+/**
+ * ## Single Port Security Group Rule
+ *
+ * Create an `aws_security_group_rule` to allow ingress on some port.
+ *
+ */
+
+variable "security_group_id" {
+  description = "security group to attach the ingress rules to"
+  type        = string
+}
+
+variable "source_security_group_id" {
+  description = "The SG that this SG allows ingress from"
+  type        = string
+}
+
+variable "description" {
+  description = "Use this string to add a description for the SG rule"
+  type        = string
+}
+
+variable "port" {
+  description = "The port to open"
+  type        = string
+}
+
+variable "tcp" {
+  description = "true/false to enables the tcp ingress"
+  default     = "true"
+  type        = string
+}
+
+variable "udp" {
+  description = "true/false to enables the udp ingress"
+  default     = "false"
+  type        = string
+}
+
+locals {
+  tcp = "${var.tcp ? 1 : 0}"
+  udp = "${var.udp ? 1 : 0}"
+}
+
+# ingress rule for tcp, if enabled
+resource "aws_security_group_rule" "tcp_ingress" {
+  count                    = local.tcp
+  type                     = "ingress"
+  description              = "${var.description} (tcp)"
+  from_port                = var.port
+  to_port                  = var.port
+  protocol                 = "tcp"
+  security_group_id        = var.security_group_id
+  source_security_group_id = var.source_security_group_id
+}
+
+# ingress rule for udp, if enabled
+resource "aws_security_group_rule" "udp_ingress" {
+  count                    = local.udp
+  type                     = "ingress"
+  description              = "${var.description} (udp)"
+  from_port                = var.port
+  to_port                  = var.port
+  protocol                 = "udp"
+  security_group_id        = var.security_group_id
+  source_security_group_id = var.source_security_group_id
+}

modules/single-port-sg-src/versions.tf

@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}

modules/single-port-sg/README.md

@@ -1,5 +1,3 @@
 ## Single Port Security Group Rule
 
 Create an `aws_security_group_rule` to allow ingress on some port.
-
-TODO: support both TCP and UDP, use count to enable/disable.

modules/single-port-sg/main.tf

@@ -3,8 +3,6 @@
  *
  * Create an `aws_security_group_rule` to allow ingress on some port.
  *
- * TODO: support both TCP and UDP, use count to enable/disable.
- *
  */
 
 variable "security_group_id" {