Fix security group

Author: snemetz

main.tf

@@ -18,13 +18,6 @@ resource "aws_security_group" "default" {
   vpc_id = "${var.vpc_id}"
   name   = "${module.label.id}"
 
-  ingress {
-    from_port       = "${var.port}"              # Redis
-    to_port         = "${var.port}"
-    protocol        = "tcp"
-    security_groups = ["${var.security_groups}"]
-  }
-
   egress {
     from_port   = 0
     to_port     = 0
@@ -34,6 +27,26 @@ resource "aws_security_group" "default" {
 
   tags = "${module.label.tags}"
 }
+/*
+resource "aws_security_group_rule" "redis_sg" {
+  count = "${var.enabled == "true" && length(var.security_group) > 0 ? 1 : 0}"
+  type              = "ingress"
+  from_port         = "${var.port}"
+  to_port           = "${var.port}"
+  protocol          = "tcp"
+  source_security_group_id = "${var.security_group}"
+  security_group_id = "${aws_security_group.default.id}"
+}
+/**/
+resource "aws_security_group_rule" "redis_cidr" {
+  count = "${var.enabled == "true" && length(var.cidr_blocks) > 0 ? 1 : 0}"
+  type              = "ingress"
+  from_port         = "${var.port}"
+  to_port           = "${var.port}"
+  protocol          = "tcp"
+  cidr_blocks       = ["${var.cidr_blocks}"]
+  security_group_id = "${aws_security_group.default.id}"
+}
 
 resource "aws_elasticache_subnet_group" "default" {
   count      = "${var.enabled == "true" ? 1 : 0}"

variables.tf

@@ -18,10 +18,9 @@ variable "name" {
   description = "Name"
 }
 
-variable "security_groups" {
-  type        = "list"
-  default     = []
-  description = "AWS security group ids"
+variable "security_group" {
+  description = "AWS security group id"
+  default = ""
 }
 
 variable "vpc_id" {
@@ -34,7 +33,10 @@ variable "subnets" {
   description = "AWS subnet ids"
   default     = []
 }
-
+variable "cidr_blocks" {
+  description = "CIDR blocks to allow accress from"
+  default = ""
+}
 variable "maintenance_window" {
   default     = "wed:03:00-wed:04:00"
   description = "Maintenance window"