diff options
Diffstat (limited to 'yandex/firewall')
-rw-r--r-- | yandex/firewall/main.tf | 25 | ||||
-rw-r--r-- | yandex/firewall/outputs.tf | 3 | ||||
-rw-r--r-- | yandex/firewall/providers.tf | 7 | ||||
-rw-r--r-- | yandex/firewall/variables.tf | 9 |
4 files changed, 44 insertions, 0 deletions
diff --git a/yandex/firewall/main.tf b/yandex/firewall/main.tf new file mode 100644 index 0000000..81dc26a --- /dev/null +++ b/yandex/firewall/main.tf @@ -0,0 +1,25 @@ +resource "yandex_vpc_security_group" "this" { + network_id = var.vpc_id + + name = var.name + + ingress { + protocol = "ICMP" + v4_cidr_blocks = ["0.0.0.0/0"] + } + + dynamic "ingress" { + for_each = var.open_ports + + content { + protocol = "ANY" + v4_cidr_blocks = ["0.0.0.0/0"] + port = ingress.value + } + } + + egress { + protocol = "ANY" + v4_cidr_blocks = ["0.0.0.0/0"] + } +} diff --git a/yandex/firewall/outputs.tf b/yandex/firewall/outputs.tf new file mode 100644 index 0000000..72058aa --- /dev/null +++ b/yandex/firewall/outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = yandex_vpc_security_group.this.id +} diff --git a/yandex/firewall/providers.tf b/yandex/firewall/providers.tf new file mode 100644 index 0000000..3a5782f --- /dev/null +++ b/yandex/firewall/providers.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + yandex = { + source = "yandex-cloud/yandex" + } + } +} diff --git a/yandex/firewall/variables.tf b/yandex/firewall/variables.tf new file mode 100644 index 0000000..04e111a --- /dev/null +++ b/yandex/firewall/variables.tf @@ -0,0 +1,9 @@ +variable "name" { + type = string +} +variable "vpc_id" { + type = string +} +variable "open_ports" { + type = list(number) +} |