Merge pull request #1 from kpenfound/add_allowed_sgs

Add input for allowed security groups
kpenfound · Jan 12, 2021 · 14f8554 · 14f8554
2 parents 0d4b8f0 + ada4c07
commit 14f8554
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 1 deletion.
diff --git a/example/main.tf b/example/main.tf
@@ -19,7 +19,7 @@ resource "aws_key_pair" "cluster_key" {
 }
 
 module "ecs_cluster" {
-  source = "github.com/kpenfound/ecs-cluster?ref=1.1.0"
+  source = "github.com/kpenfound/ecs-cluster?ref=1.1.2"
 
   region           = var.region
   ecs_ami          = var.ecs_ami

diff --git a/main.tf b/main.tf
@@ -110,6 +110,13 @@ resource "aws_security_group" "cluster_instance" {
     self      = true
   }
 
+  ingress {
+    from_port       = "0"
+    to_port         = "0"
+    protocol        = "-1"
+    security_groups = var.allowed_sgs
+  }
+
   egress {
     from_port   = 0
     to_port     = 0

diff --git a/variables.tf b/variables.tf
@@ -35,3 +35,8 @@ variable vpc_id {
 variable subnets {
   description = "List of subnet ids to deploy the ECS cluster in"
 }
+
+variable allowed_sgs {
+  description = "List of security groups to allow for ecs cluster ingress"
+  default     = []
+}