set default for custom rules, update README inputs/outputs table

ludoo · ludoo · commit 3d342c588eb9 · 2019-10-11T07:43:12.000+02:00
diff --git a/modules/fabric-net-firewall/README.md b/modules/fabric-net-firewall/README.md
@@ -36,6 +36,7 @@ module "net-firewall" {
 |------|-------------|:----:|:-----:|:-----:|
 | admin\_ranges | IP CIDR ranges that have complete access to all subnets. | list | `<list>` | no |
 | admin\_ranges\_enabled | Enable admin ranges-based rules. | string | `"false"` | no |
+| custom\_rules | List of custom rule definitions (refer to variables file for syntax). | map | `<map>` | no |
 | http\_source\_ranges | List of IP CIDR ranges for tag-based HTTP rule, defaults to 0.0.0.0/0. | list | `<list>` | no |
 | https\_source\_ranges | List of IP CIDR ranges for tag-based HTTPS rule, defaults to 0.0.0.0/0. | list | `<list>` | no |
 | internal\_allow | Allow rules for internal ranges. | list | `<list>` | no |
diff --git a/modules/fabric-net-firewall/main.tf b/modules/fabric-net-firewall/main.tf
@@ -120,8 +120,8 @@ resource "google_compute_firewall" "custom" {
   source_ranges           = each.value.direction == "INGRESS" ? each.value.ranges : null
   destination_ranges      = each.value.direction == "EGRESS" ? each.value.ranges : null
   source_tags             = each.value.use_service_accounts || each.value.direction == "EGRESS" ? null : each.value.sources
-  target_tags             = each.value.use_service_accounts ? null : each.value.targets
   source_service_accounts = each.value.use_service_accounts && each.value.direction == "INGRESS" ? each.value.sources : null
+  target_tags             = each.value.use_service_accounts ? null : each.value.targets
   target_service_accounts = each.value.use_service_accounts ? each.value.targets : null
   disabled                = lookup(each.value.extra_attributes, "disabled", false)
   priority                = lookup(each.value.extra_attributes, "priority", 1000)
diff --git a/modules/fabric-net-firewall/variables.tf b/modules/fabric-net-firewall/variables.tf
@@ -67,7 +67,8 @@ variable "https_source_ranges" {
 }
 
 variable "custom_rules" {
-  description = "List of custom rule definitions."
+  description = "List of custom rule definitions (refer to variables file for syntax)."
+  default     = {}
   type = map(object({
     description          = string
     direction            = string

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,8 @@ variable "https_source_ranges" {`
`67`	`67`	`}`
`68`	`68`
`69`	`69`	`variable "custom_rules" {`
`70`		`- description = "List of custom rule definitions."`
	`70`	`+ description = "List of custom rule definitions (refer to variables file for syntax)."`
	`71`	`+ default = {}`
`71`	`72`	`type = map(object({`
`72`	`73`	`description = string`
`73`	`74`	`direction = string`