Merge pull request #185 from NetApp/rvwn_sg_list

Added support for multiple SGs to main module

Author: kcantrel

Terraform/deploy-fsx-ontap/module/README.md

@@ -236,7 +236,7 @@ terraform apply
 | route_table_ids | An array of routing table IDs that will be modified to allow access to the FSxN file system. This is only used for Multi AZ deployment types and must be left as null for Single AZ deployment types. | `list(string)` | `null` | no |
 | secret_name_prefix | The prefix to the secret name that will be created that will contain the FSxN passwords (system, and SVM). | `string` | `"fsxn-secret"` | no |
 | secrets_region | The AWS region where the secrets for the FSxN file system and SVM will be deployed. | `string` | `""` | no |
-| security_group_id | If you are not creating the security group, provide the ID of the security group to be used. | `string` | `""` | no |
+| security_group_ids | If you are not creating the security group, provide a list of IDs of the security groups to be used. | `list(string)` | `[]` | no |
 | security_group_name_prefix | The prefix to the security group name that will be created. | `string` | `"fsxn-sg"` | no |
 | source_sg_id | The ID of the security group to allow access to the FSxN file system. Set to an empty string if you want to use the cidr_for_sg as the source. | `string` | `""` | no |
 | svm_name | name of the Storage Virtual Machine, (a.k.a. vserver). | `string` | `"fsx"` | no |

Terraform/deploy-fsx-ontap/module/main.tf

@@ -14,7 +14,7 @@ resource "aws_fsx_ontap_file_system" "terraform-fsxn" {
   preferred_subnet_id = var.subnets["primarysub"]
 
   storage_capacity                  = var.capacity_size_gb
-  security_group_ids                = var.create_sg ? [element(aws_security_group.fsx_sg[*].id, 0)] : [var.security_group_id]
+  security_group_ids                = var.create_sg ? [element(aws_security_group.fsx_sg[*].id, 0)] : var.security_group_ids
   deployment_type                   = var.deployment_type
   throughput_capacity_per_ha_pair   = var.throughput_in_MBps
   ha_pairs                          = var.ha_pairs
@@ -41,7 +41,7 @@ resource "aws_fsx_ontap_file_system" "terraform-fsxn" {
       error_message = "You must specify EITHER cidr_block OR source_sg_id when creating a security group, not both."
     }
     precondition {
-      condition = var.create_sg || var.security_group_id != ""
+      condition = var.create_sg || length(var.security_group_ids) > 0
       error_message = "You must specify a security group ID when not creating a security group."
     }
   }

Terraform/deploy-fsx-ontap/module/variables.tf

@@ -174,10 +174,10 @@ variable "create_sg" {
   default     = true
 }
 
-variable "security_group_id" {
-  description = "If you are not creating the security group, provide the ID of the security group to be used."
-  type        = string
-  default     = ""
+variable "security_group_ids" {
+  description = "If you are not creating the security group, provide a list of IDs of the security groups to be used."
+  type        = list(string)
+  default     = []
 }
 
 variable "security_group_name_prefix" {