Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use existing security group instead of cidr_block #31

Open
qrevel opened this issue Sep 6, 2017 · 2 comments
Open

Use existing security group instead of cidr_block #31

qrevel opened this issue Sep 6, 2017 · 2 comments

Comments

@qrevel
Copy link

qrevel commented Sep 6, 2017

I think in most use cases, we allow access of the DB from another security group (app tier for example). Actually I must provide a cidr_block for the security group to use the module even if I don't want to.

I would be nice to have the choice between cidr_blocks or source_security_group_id for the allow_rule. As these two options create a conflict, I think two rules should be used , one for the cidr_blocks and the other for the source_security_group_id. Then it's just a matter of count = 0|1 based on the value of the variables (that's my actual workaround).
@antonbabenko
Copy link
Member

Yes, I agree with what you are saying. The creation of security group with different types of values is currently not implemented and your solution sounds good. Could you please submit a PR with it?

@hakamadare
Copy link
Collaborator

@qrevel i also agree with this; i implemented something similar in terraform-community-modules/tf_aws_aurora

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hakamadare @antonbabenko @qrevel