updated the SG rules for RDS instance

sourcefuse · Feb 28, 2024 · d1b7b5d · d1b7b5d
1 parent 803a20e
commit d1b7b5d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/example/main.tf b/example/main.tf
@@ -97,4 +97,5 @@ module "rds_sql_server" {
   rds_instance_security_group_ids          = data.aws_security_groups.db_sg.ids
   rds_instance_allowed_cidr_blocks         = [data.aws_vpc.vpc.cidr_block]
   rds_instance_subnet_ids                  = data.aws_subnets.private.ids
+  additional_ingress_rules                 = var.additional_ingress_rules
 }
diff --git a/main.tf b/main.tf
@@ -414,6 +414,18 @@ module "rds_instance" {
   }))
 }
 
+
+resource "aws_security_group_rule" "additional_ingress_rules_rds" {
+  for_each = { for rule in var.additional_ingress_rules : rule.name => rule }
+
+  security_group_id = module.rds_instance[0].security_group_id
+  type              = each.value.type
+  from_port         = each.value.from_port
+  to_port           = each.value.to_port
+  protocol          = each.value.protocol
+  cidr_blocks       = each.value.cidr_blocks
+}
+
 ################################################################################
 ## ssm parameters
 ################################################################################