Skip to content

Commit 1e5b358

Browse files
sgtojsgtoj
committed
fix: use different pattern for dynamic sg rules
1 parent b89a39b commit 1e5b358

File tree

1 file changed

+27
-26
lines changed

1 file changed

+27
-26
lines changed

modules/teleport-node/main.tf

Lines changed: 27 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -411,19 +411,20 @@ module "security_group" {
411411
preserve_security_group_id = true
412412
allow_all_egress = true
413413

414-
rules = compact([{
415-
key = "group"
416-
type = "ingress"
417-
from_port = 0
418-
to_port = 0
419-
protocol = "all"
420-
description = "allow all group ingress"
421-
cidr_blocks = []
422-
ipv6_cidr_blocks = []
423-
source_security_group_id = null
424-
self = true
425-
},
426-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
414+
rules = flatten([
415+
[{
416+
key = "group"
417+
type = "ingress"
418+
from_port = 0
419+
to_port = 0
420+
protocol = "all"
421+
description = "allow all group ingress"
422+
cidr_blocks = []
423+
ipv6_cidr_blocks = []
424+
source_security_group_id = null
425+
self = true
426+
}],
427+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
427428
key = "auth"
428429
type = "ingress"
429430
from_port = 3025
@@ -434,8 +435,8 @@ module "security_group" {
434435
ipv6_cidr_blocks = []
435436
source_security_group_id = null
436437
self = null
437-
} : null,
438-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
438+
}] : [],
439+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
439440
key = "node-ssh"
440441
type = "ingress"
441442
from_port = 3022
@@ -446,8 +447,8 @@ module "security_group" {
446447
ipv6_cidr_blocks = []
447448
source_security_group_id = null
448449
self = null
449-
} : null,
450-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
450+
}] : [],
451+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
451452
key = "proxy-ssh"
452453
type = "ingress"
453454
from_port = 3023
@@ -458,8 +459,8 @@ module "security_group" {
458459
ipv6_cidr_blocks = []
459460
source_security_group_id = null
460461
self = null
461-
} : null,
462-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
462+
}] : [],
463+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
463464
key = "proxy-reverse-ssh"
464465
type = "ingress"
465466
from_port = 3024
@@ -470,8 +471,8 @@ module "security_group" {
470471
ipv6_cidr_blocks = []
471472
source_security_group_id = null
472473
self = null
473-
} : null,
474-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
474+
}] : [],
475+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
475476
key = "proxy-https"
476477
type = "ingress"
477478
from_port = 443
@@ -482,8 +483,8 @@ module "security_group" {
482483
ipv6_cidr_blocks = []
483484
source_security_group_id = null
484485
self = null
485-
} : null,
486-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
486+
}] : [],
487+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
487488
key = "proxy-web"
488489
type = "ingress"
489490
from_port = 3080
@@ -494,8 +495,8 @@ module "security_group" {
494495
ipv6_cidr_blocks = []
495496
source_security_group_id = null
496497
self = null
497-
} : null,
498-
length(var.vpc_security_group_allowed_cidrs) > 0 ? {
498+
}] : [],
499+
length(var.vpc_security_group_allowed_cidrs) > 0 ? [{
499500
key = "proxy-mysql"
500501
type = "ingress"
501502
from_port = 3036
@@ -506,7 +507,7 @@ module "security_group" {
506507
ipv6_cidr_blocks = []
507508
source_security_group_id = null
508509
self = null
509-
} : null,
510+
}] : [],
510511
])
511512

512513
tags = merge(module.node_type_label.tags, { Name = module.node_type_label.id })

0 commit comments

Comments
 (0)