JCS-13593 Add egress rule to managed server NSG instead of admin server NSG

roberto-sanchez-herrera · roberto-sanchez-herrera · commit 73dbd0ee9f37 · 2022-12-07T11:59:55.000-06:00
- Filter out admin server NSG instead of managed server NSG when
  creating egress rule.
diff --git a/terraform/modules/network/vcn-config/nsg_security_rule.tf b/terraform/modules/network/vcn-config/nsg_security_rule.tf
@@ -234,7 +234,7 @@ resource "oci_core_network_security_group_security_rule" "fss_ingress_security_r
 resource "oci_core_network_security_group_security_rule" "egress_security_rule" {
   for_each = {
     for nsg_name, nsg_id in var.nsg_ids :
-    nsg_name => nsg_id if nsg_name != "managed_nsg_id" && nsg_name != "mount_target_nsg_id" && length(nsg_id) != 0
+    nsg_name => nsg_id if nsg_name != "admin_nsg_id" && nsg_name != "mount_target_nsg_id" && length(nsg_id) != 0
   }
   network_security_group_id = element(each.value, 0)
   direction                 = "EGRESS"

Original file line number	Diff line number	Diff line change
`@@ -234,7 +234,7 @@ resource "oci_core_network_security_group_security_rule" "fss_ingress_security_r`
`234`	`234`	`resource "oci_core_network_security_group_security_rule" "egress_security_rule" {`
`235`	`235`	`for_each = {`
`236`	`236`	`for nsg_name, nsg_id in var.nsg_ids :`
`237`		`- nsg_name => nsg_id if nsg_name != "managed_nsg_id" && nsg_name != "mount_target_nsg_id" && length(nsg_id) != 0`
	`237`	`+ nsg_name => nsg_id if nsg_name != "admin_nsg_id" && nsg_name != "mount_target_nsg_id" && length(nsg_id) != 0`
`238`	`238`	`}`
`239`	`239`	`network_security_group_id = element(each.value, 0)`
`240`	`240`	`direction = "EGRESS"`