This module mirrors the functionality of my terraform-aws-security-group module, creating the nacl first, and then creating and attaching the rules.
This module takes vpc and subnet names instead of ids.
Usage:
module "nacl" {
source = "git::https://github.com/petercort/terraform-aws-nacl"
name = "Web-nacl"
vpc_name = "my-workload-vpc"
egress_rules = [{
rule_number = "200"
from_port = "443"
to_port = "443"
cidr_block = "0.0.0.0/0"
rule_action = "allow"
protocol = "tcp"
},{
rule_number = "201"
from_port = "80"
to_port = "80"
cidr_block = "0.0.0.0/0"
rule_action = "allow"
protocol = "tcp"
}
]
ingress_rules = [{
rule_number = "202"
from_port = "443"
to_port = "443"
cidr_block = "0.0.0.0/0"
rule_action = "allow"
protocol = "tcp"
},{
rule_number = "203"
from_port = "80"
to_port = "80"
cidr_block = "0.0.0.0/0"
rule_action = "allow"
protocol = "tcp"
}]
subnet_names = ["az1a-pvtsub-1"]
tags = { env = "dev"}
}
No requirements.
| Name | Version |
|---|---|
| aws | 5.1.0 |
No modules.
| Name | Type |
|---|---|
| aws_network_acl.main | resource |
| aws_network_acl_rule.egress | resource |
| aws_network_acl_rule.ingress | resource |
| aws_subnet.nacl_subnet | data source |
| aws_vpcs.nacl_vpc | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| egress_rules | n/a | list(object({ |
[] |
no |
| ingress_rules | n/a | list(object({ |
[] |
no |
| name | name of the nacl. | string |
null |
no |
| subnet_names | List of subnets to attach nacl to. | list(string) |
[] |
no |
| tags | Tags to apply to the nacl. | map(string) |
{} |
no |
| vpc_name | Name of the VPC to attach to. | string |
null |
no |
| Name | Description |
|---|---|
| arn | The ARN of the network ACL. |
| id | The ID of the network ACL. |