Skip to content
スニペット グループ プロジェクト
コミット b3d58843 作成者 作成者 hajime's avatar hajime
ファイルを参照

update

052576ca
ブランチ
タグ 0.0.6
関連するマージリクエストが見つかりませんでした
パイプライン#5208 成功
......@@ -13,7 +13,7 @@ module "table" {
module "subnet" {
source = "./modules/oci-core-subnet"
for_each = var.subnet
for_each = var.subnets
#Required
cidr_block = each.value.cidr_block
......@@ -25,16 +25,16 @@ module "subnet" {
prohibit_public_ip_on_vnic = each.value.prohibit_public_ip_on_vnic
route_table_id = module.table[each.value.route_table_name].id
security_rules = lookup(var, "security_rules", {
egress = [
{
security_rules = lookup(each.value, "security_rules", {
egress = {
all = {
destination = "0.0.0.0/0"
protocol = "tcp"
destination_type = "CIDR_BLOCK"
}
]
ingress = [
{
}
ingress = {
all = {
source = "0.0.0.0/0"
protocol = "tcp"
source_type = "CIDR_BLOCK"
......@@ -45,6 +45,6 @@ module "subnet" {
}
}
}
]
}
})
}
......@@ -14,72 +14,67 @@ resource "oci_core_security_list" "security_list" {
compartment_id = var.compartment_id
vcn_id = var.vcn_id
#Optional
dynamic "egress_security_rules" {
for_each = [lookup(var.security_rules), "egree", {}]
for_each = lookup(var.security_rules, "egress", {})
content {
#Required
destination = egress_security_rules.value.destination
protocol = local.protocols[egress_security_rules.value.protocol]
#Optional
description = lookup(egress_security_rules.value, "description", "Auto Created")
destination_type = lookup(egress_security_rules.value, "destination_type", "CIDR_BLOCK")
icmp_options {
for_each = [lookup(egress_security_rules.value), "icmp_options", {}]
destination = egress_security_rules.value.destination
description = lookup(egress_security_rules.value, "description", "Auto Created ${egress_security_rules.key}")
dynamic "icmp_options" {
for_each = contains(keys(egress_security_rules.value), "icmp_options") ? ["apply"]: []
content {
#Required
type = icmp_options.value.type
#Optional
code = icmp_options.value.code
}
}
destination_type = lookup(egress_security_rules.value, "destination_type", "CIDR_BLOCK")
stateless = lookup(egress_security_rules.value, "stateless", false)
tcp_options {
for_each = [lookup(egress_security_rules.value), "tcp_options", {}]
dynamic "tcp_options" {
for_each = contains(keys(egress_security_rules.value), "tcp_options") ? ["apply"]: []
content {
#Optional
max = tcp_options.value.port_range.max
min = tcp_options.value.port_range.min
source_port_range {
for_each = [lookup(tcp_options.value), "source_port_range", {}]
max = egress_security_rules.value.tcp_options.port_range.max
min = egress_security_rules.value.tcp_options.port_range.min
dynamic "source_port_range" {
for_each = contains(keys(egress_security_rules.value.tcp_options), "source_port_range") ? ["apply"]: []
content {
#Required
max = source_port_range.value.max
min = source_port_range.value.min
max = egress_security_rules.value.tcp_options.source_port_range.max
min = egress_security_rules.value.tcp_options.source_port_range.min
}
}
}
udp_options {
for_each = [lookup(egress_security_rules.value), "udp_options", {}]
}
dynamic "udp_options" {
for_each = contains(keys(egress_security_rules.value), "udp_options") ? ["apply"]: []
content {
#Optional
max = ucp_options.value.port_range.max
min = ucp_options.value.port_range.min
source_port_range {
for_each = [lookup(ucp_options.value), "source_port_range", {}]
max = egress_security_rules.value.udp_options.port_range.max
min = egress_security_rules.value.udp_options.port_range.min
dynamic "source_port_range" {
for_each = contains(keys(egress_security_rules.value.udp_options), "source_port_range") ? ["apply"]: []
content {
#Required
max = source_port_range.value.max
min = source_port_range.value.min
max = egress_security_rules.value.udp_options.source_port_range.max
min = egress_security_rules.value.udp_options.source_port_range.min
}
}
}
}
}
}
dynamic "ingress_security_rules" {
for_each = [lookup(var.security_rules), "ingress", {}]
for_each = lookup(var.security_rules, "ingress", {})
content {
#Required
protocol = local.protocols[ingress_security_rules.value.protocol]
source = var.security_list_ingress_security_rules_source
#Optional
description = lookup(ingress_security_rules.value, "description", "Auto Created")
icmp_options {
for_each = [lookup(ingress_security_rules.value), "icmp_options", {}]
source = ingress_security_rules.value.source
description = lookup(egress_security_rules.value, "description", "Auto Created ${egress_security_rules.key}")
dynamic "icmp_options" {
for_each = contains(keys(ingress_security_rules.value), "icmp_options") ? ["apply"]: []
content {
#Required
type = icmp_options.value.type
......@@ -89,31 +84,37 @@ resource "oci_core_security_list" "security_list" {
}
source_type = lookup(ingress_security_rules.value, "source_type", "CIDR_BLOCK")
stateless = lookup(ingress_security_rules.value, "stateless", false)
tcp_options {
for_each = [lookup(ingress_security_rules.value), "tcp_options", {}]
dynamic "tcp_options" {
for_each = contains(keys(ingress_security_rules.value), "tcp_options") ? ["apply"]: []
content {
#Optional
max = tcp_options.value.port_range.max
min = tcp_options.value.port_range.min
source_port_range {
for_each = [lookup(tcp_options.value), "source_port_range", {}]
max = ingress_security_rules.value.tcp_options.port_range.max
min = ingress_security_rules.value.tcp_options.port_range.min
dynamic "source_port_range" {
for_each = contains(keys(ingress_security_rules.value.tcp_options), "source_port_range") ? ["apply"]: []
content {
#Required
max = source_port_range.value.max
min = source_port_range.value.min
max = ingress_security_rules.value.tcp_options.source_port_range.max
min = ingress_security_rules.value.tcp_options.source_port_range.min
}
}
}
}
udp_options {
for_each = [lookup(ingress_security_rules.value), "udp_options", {}]
dynamic "udp_options" {
for_each = contains(keys(ingress_security_rules.value), "udp_options") ? ["apply"]: []
content {
#Optional
max = ucp_options.value.port_range.max
min = ucp_options.value.port_range.min
source_port_range {
for_each = [lookup(ucp_options.value), "source_port_range", {}]
max = ingress_security_rules.value.udp_options.port_range.max
min = ingress_security_rules.value.udp_options.port_range.min
dynamic "source_port_range" {
for_each = contains(keys(ingress_security_rules.value.udp_options), "source_port_range") ? ["apply"]: []
content {
#Required
max = source_port_range.value.max
min = source_port_range.value.min
max = ingress_security_rules.value.udp_options.source_port_range.max
min = ingress_security_rules.value.udp_options.source_port_range.min
}
}
}
}
......
# vim: ft=terraform :
output "id" {
value = oci_core_route_subnet.subnet.id
value = oci_core_subnet.subnet.id
}
......@@ -4,5 +4,5 @@ output "route_table_id" {
value = { for k, v in module.table : k => v.id }
}
output "subnet_id" {
value = { for k, v in oci_core_subnet.subnet : k => v.id }
value = { for k, v in module.subnet : k => v.id }
}
0% 読み込み中 または .
You are about to add 0 people to the discussion. Proceed with caution.
コメントするには登録またはをしてください