From e5113f0f063b1ccf437ea13aa377e0c8515ccd2a Mon Sep 17 00:00:00 2001 From: Mike McGirr Date: Fri, 20 Mar 2020 22:38:55 -0700 Subject: [PATCH] Add optional ipv6 support for the single-port-sg module as well --- modules/single-port-sg/main.tf | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/single-port-sg/main.tf b/modules/single-port-sg/main.tf index 705e3f5f..0da5d12b 100644 --- a/modules/single-port-sg/main.tf +++ b/modules/single-port-sg/main.tf @@ -17,6 +17,12 @@ variable "cidr_blocks" { type = list(string) } +variable "ipv6_cidr_blocks" { + description = "List of IPv6 CIDR block ranges that the SG allows ingress from" + type = list(string) + default = [] +} + variable "description" { description = "Use this string to add a description for the SG rule" type = string @@ -53,6 +59,7 @@ resource "aws_security_group_rule" "tcp_ingress" { to_port = var.port protocol = "tcp" cidr_blocks = var.cidr_blocks + ipv6_cidr_blocks = var.ipv6_cidr_blocks security_group_id = var.security_group_id } @@ -65,5 +72,6 @@ resource "aws_security_group_rule" "udp_ingress" { to_port = var.port protocol = "udp" cidr_blocks = var.cidr_blocks + ipv6_cidr_blocks = var.ipv6_cidr_blocks security_group_id = var.security_group_id }