Rename variables

README.md

@@ -214,6 +214,8 @@ No modules.
 | <a name="input_computed_ingress_with_source_security_group_id"></a> [computed\_ingress\_with\_source\_security\_group\_id](#input\_computed\_ingress\_with\_source\_security\_group\_id) | List of computed ingress rules to create where 'source\_security\_group\_id' is used | `list(map(string))` | `[]` | no |
 | <a name="input_create"></a> [create](#input\_create) | Whether to create security group and all rules | `bool` | `true` | no |
 | <a name="input_create_sg"></a> [create\_sg](#input\_create\_sg) | Whether to create security group | `bool` | `true` | no |
+| <a name="input_create_timeout"></a> [create_timeout](#input\_create\_timeout) | Time to wait for a security group to be created | `string` | `10m` | no |
+| <a name="input_delete_timeout"></a> [delete_timeout](#input\_delete\_timeout) | Time to wait for a security group to be deleted | `string` | `15m` | no |
 | <a name="input_description"></a> [description](#input\_description) | Description of security group | `string` | `"Security Group managed by Terraform"` | no |
 | <a name="input_egress_cidr_blocks"></a> [egress\_cidr\_blocks](#input\_egress\_cidr\_blocks) | List of IPv4 CIDR ranges to use on all egress rules | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | <a name="input_egress_ipv6_cidr_blocks"></a> [egress\_ipv6\_cidr\_blocks](#input\_egress\_ipv6\_cidr\_blocks) | List of IPv6 CIDR ranges to use on all egress rules | `list(string)` | <pre>[<br>  "::/0"<br>]</pre> | no |
@@ -246,8 +248,6 @@ No modules.
 | <a name="input_rules"></a> [rules](#input\_rules) | Map of known security group rules (define as 'name' = ['from port', 'to port', 'protocol', 'description']) | `map(list(any))` | <pre>{<br>  "_": [<br>    "",<br>    "",<br>    ""<br>  ],<br>  "activemq-5671-tcp": [<br>    5671,<br>    5671,<br>    "tcp",<br>    "ActiveMQ AMQP"<br>  ],<br>  "activemq-61614-tcp": [<br>    61614,<br>    61614,<br>    "tcp",<br>    "ActiveMQ STOMP"<br>  ],<br>  "activemq-61617-tcp": [<br>    61617,<br>    61617,<br>    "tcp",<br>    "ActiveMQ OpenWire"<br>  ],<br>  "activemq-61619-tcp": [<br>    61619,<br>    61619,<br>    "tcp",<br>    "ActiveMQ WebSocket"<br>  ],<br>  "activemq-8883-tcp": [<br>    8883,<br>    8883,<br>    "tcp",<br>    "ActiveMQ MQTT"<br>  ],<br>  "alertmanager-9093-tcp": [<br>    9093,<br>    9093,<br>    "tcp",<br>    "Alert Manager"<br>  ],<br>  "alertmanager-9094-tcp": [<br>    9094,<br>    9094,<br>    "tcp",<br>    "Alert Manager Cluster"<br>  ],<br>  "all-all": [<br>    -1,<br>    -1,<br>    "-1",<br>    "All protocols"<br>  ],<br>  "all-icmp": [<br>    -1,<br>    -1,<br>    "icmp",<br>    "All IPV4 ICMP"<br>  ],<br>  "all-ipv6-icmp": [<br>    -1,<br>    -1,<br>    58,<br>    "All IPV6 ICMP"<br>  ],<br>  "all-tcp": [<br>    0,<br>    65535,<br>    "tcp",<br>    "All TCP ports"<br>  ],<br>  "all-udp": [<br>    0,<br>    65535,<br>    "udp",<br>    "All UDP ports"<br>  ],<br>  "carbon-admin-tcp": [<br>    2004,<br>    2004,<br>    "tcp",<br>    "Carbon admin"<br>  ],<br>  "carbon-gui-udp": [<br>    8081,<br>    8081,<br>    "tcp",<br>    "Carbon GUI"<br>  ],<br>  "carbon-line-in-tcp": [<br>    2003,<br>    2003,<br>    "tcp",<br>    "Carbon line-in"<br>  ],<br>  "carbon-line-in-udp": [<br>    2003,<br>    2003,<br>    "udp",<br>    "Carbon line-in"<br>  ],<br>  "carbon-pickle-tcp": [<br>    2013,<br>    2013,<br>    "tcp",<br>    "Carbon pickle"<br>  ],<br>  "carbon-pickle-udp": [<br>    2013,<br>    2013,<br>    "udp",<br>    "Carbon pickle"<br>  ],<br>  "cassandra-clients-tcp": [<br>    9042,<br>    9042,<br>    "tcp",<br>    "Cassandra clients"<br>  ],<br>  "cassandra-jmx-tcp": [<br>    7199,<br>    7199,<br>    "tcp",<br>    "JMX"<br>  ],<br>  "cassandra-thrift-clients-tcp": [<br>    9160,<br>    9160,<br>    "tcp",<br>    "Cassandra Thrift clients"<br>  ],<br>  "consul-cli-rpc-tcp": [<br>    8400,<br>    8400,<br>    "tcp",<br>    "Consul CLI RPC"<br>  ],<br>  "consul-dns-tcp": [<br>    8600,<br>    8600,<br>    "tcp",<br>    "Consul DNS"<br>  ],<br>  "consul-dns-udp": [<br>    8600,<br>    8600,<br>    "udp",<br>    "Consul DNS"<br>  ],<br>  "consul-serf-lan-tcp": [<br>    8301,<br>    8301,<br>    "tcp",<br>    "Serf LAN"<br>  ],<br>  "consul-serf-lan-udp": [<br>    8301,<br>    8301,<br>    "udp",<br>    "Serf LAN"<br>  ],<br>  "consul-serf-wan-tcp": [<br>    8302,<br>    8302,<br>    "tcp",<br>    "Serf WAN"<br>  ],<br>  "consul-serf-wan-udp": [<br>    8302,<br>    8302,<br>    "udp",<br>    "Serf WAN"<br>  ],<br>  "consul-tcp": [<br>    8300,<br>    8300,<br>    "tcp",<br>    "Consul server"<br>  ],<br>  "consul-webui-tcp": [<br>    8500,<br>    8500,<br>    "tcp",<br>    "Consul web UI"<br>  ],<br>  "dns-tcp": [<br>    53,<br>    53,<br>    "tcp",<br>    "DNS"<br>  ],<br>  "dns-udp": [<br>    53,<br>    53,<br>    "udp",<br>    "DNS"<br>  ],<br>  "docker-swarm-mngmt-tcp": [<br>    2377,<br>    2377,<br>    "tcp",<br>    "Docker Swarm cluster management"<br>  ],<br>  "docker-swarm-node-tcp": [<br>    7946,<br>    7946,<br>    "tcp",<br>    "Docker Swarm node"<br>  ],<br>  "docker-swarm-node-udp": [<br>    7946,<br>    7946,<br>    "udp",<br>    "Docker Swarm node"<br>  ],<br>  "docker-swarm-overlay-udp": [<br>    4789,<br>    4789,<br>    "udp",<br>    "Docker Swarm Overlay Network Traffic"<br>  ],<br>  "elasticsearch-java-tcp": [<br>    9300,<br>    9300,<br>    "tcp",<br>    "Elasticsearch Java interface"<br>  ],<br>  "elasticsearch-rest-tcp": [<br>    9200,<br>    9200,<br>    "tcp",<br>    "Elasticsearch REST interface"<br>  ],<br>  "grafana-tcp": [<br>    3000,<br>    3000,<br>    "tcp",<br>    "Grafana Dashboard"<br>  ],<br>  "graphite-2003-tcp": [<br>    2003,<br>    2003,<br>    "tcp",<br>    "Carbon receiver plain text"<br>  ],<br>  "graphite-2004-tcp": [<br>    2004,<br>    2004,<br>    "tcp",<br>    "Carbon receiver pickle"<br>  ],<br>  "graphite-2023-tcp": [<br>    2023,<br>    2023,<br>    "tcp",<br>    "Carbon aggregator plaintext"<br>  ],<br>  "graphite-2024-tcp": [<br>    2024,<br>    2024,<br>    "tcp",<br>    "Carbon aggregator pickle"<br>  ],<br>  "graphite-8080-tcp": [<br>    8080,<br>    8080,<br>    "tcp",<br>    "Graphite gunicorn port"<br>  ],<br>  "graphite-8125-tcp": [<br>    8125,<br>    8125,<br>    "tcp",<br>    "Statsd TCP"<br>  ],<br>  "graphite-8125-udp": [<br>    8125,<br>    8125,<br>    "udp",<br>    "Statsd UDP default"<br>  ],<br>  "graphite-8126-tcp": [<br>    8126,<br>    8126,<br>    "tcp",<br>    "Statsd admin"<br>  ],<br>  "graphite-webui": [<br>    80,<br>    80,<br>    "tcp",<br>    "Graphite admin interface"<br>  ],<br>  "http-80-tcp": [<br>    80,<br>    80,<br>    "tcp",<br>    "HTTP"<br>  ],<br>  "http-8080-tcp": [<br>    8080,<br>    8080,<br>    "tcp",<br>    "HTTP"<br>  ],<br>  "https-443-tcp": [<br>    443,<br>    443,<br>    "tcp",<br>    "HTTPS"<br>  ],<br>  "https-8443-tcp": [<br>    8443,<br>    8443,<br>    "tcp",<br>    "HTTPS"<br>  ],<br>  "ipsec-4500-udp": [<br>    4500,<br>    4500,<br>    "udp",<br>    "IPSEC NAT-T"<br>  ],<br>  "ipsec-500-udp": [<br>    500,<br>    500,<br>    "udp",<br>    "IPSEC ISAKMP"<br>  ],<br>  "kafka-broker-tcp": [<br>    9092,<br>    9092,<br>    "tcp",<br>    "Kafka broker 0.8.2+"<br>  ],<br>  "kafka-broker-tls-tcp": [<br>    9094,<br>    9094,<br>    "tcp",<br>    "Kafka TLS enabled broker 0.8.2+"<br>  ],<br>  "kafka-jmx-exporter-tcp": [<br>    11001,<br>    11001,<br>    "tcp",<br>    "Kafka JMX Exporter"<br>  ],<br>  "kafka-node-exporter-tcp": [<br>    11002,<br>    11002,<br>    "tcp",<br>    "Kafka Node Exporter"<br>  ],<br>  "kibana-tcp": [<br>    5601,<br>    5601,<br>    "tcp",<br>    "Kibana Web Interface"<br>  ],<br>  "kubernetes-api-tcp": [<br>    6443,<br>    6443,<br>    "tcp",<br>    "Kubernetes API Server"<br>  ],<br>  "ldap-tcp": [<br>    389,<br>    389,<br>    "tcp",<br>    "LDAP"<br>  ],<br>  "ldaps-tcp": [<br>    636,<br>    636,<br>    "tcp",<br>    "LDAPS"<br>  ],<br>  "logstash-tcp": [<br>    5044,<br>    5044,<br>    "tcp",<br>    "Logstash"<br>  ],<br>  "memcached-tcp": [<br>    11211,<br>    11211,<br>    "tcp",<br>    "Memcached"<br>  ],<br>  "minio-tcp": [<br>    9000,<br>    9000,<br>    "tcp",<br>    "MinIO"<br>  ],<br>  "mongodb-27017-tcp": [<br>    27017,<br>    27017,<br>    "tcp",<br>    "MongoDB"<br>  ],<br>  "mongodb-27018-tcp": [<br>    27018,<br>    27018,<br>    "tcp",<br>    "MongoDB shard"<br>  ],<br>  "mongodb-27019-tcp": [<br>    27019,<br>    27019,<br>    "tcp",<br>    "MongoDB config server"<br>  ],<br>  "mssql-analytics-tcp": [<br>    2383,<br>    2383,<br>    "tcp",<br>    "MSSQL Analytics"<br>  ],<br>  "mssql-broker-tcp": [<br>    4022,<br>    4022,<br>    "tcp",<br>    "MSSQL Broker"<br>  ],<br>  "mssql-tcp": [<br>    1433,<br>    1433,<br>    "tcp",<br>    "MSSQL Server"<br>  ],<br>  "mssql-udp": [<br>    1434,<br>    1434,<br>    "udp",<br>    "MSSQL Browser"<br>  ],<br>  "mysql-tcp": [<br>    3306,<br>    3306,<br>    "tcp",<br>    "MySQL/Aurora"<br>  ],<br>  "nfs-tcp": [<br>    2049,<br>    2049,<br>    "tcp",<br>    "NFS/EFS"<br>  ],<br>  "nomad-http-tcp": [<br>    4646,<br>    4646,<br>    "tcp",<br>    "Nomad HTTP"<br>  ],<br>  "nomad-rpc-tcp": [<br>    4647,<br>    4647,<br>    "tcp",<br>    "Nomad RPC"<br>  ],<br>  "nomad-serf-tcp": [<br>    4648,<br>    4648,<br>    "tcp",<br>    "Serf"<br>  ],<br>  "nomad-serf-udp": [<br>    4648,<br>    4648,<br>    "udp",<br>    "Serf"<br>  ],<br>  "ntp-udp": [<br>    123,<br>    123,<br>    "udp",<br>    "NTP"<br>  ],<br>  "openvpn-https-tcp": [<br>    443,<br>    443,<br>    "tcp",<br>    "OpenVPN"<br>  ],<br>  "openvpn-tcp": [<br>    943,<br>    943,<br>    "tcp",<br>    "OpenVPN"<br>  ],<br>  "openvpn-udp": [<br>    1194,<br>    1194,<br>    "udp",<br>    "OpenVPN"<br>  ],<br>  "oracle-db-tcp": [<br>    1521,<br>    1521,<br>    "tcp",<br>    "Oracle"<br>  ],<br>  "postgresql-tcp": [<br>    5432,<br>    5432,<br>    "tcp",<br>    "PostgreSQL"<br>  ],<br>  "prometheus-http-tcp": [<br>    9090,<br>    9090,<br>    "tcp",<br>    "Prometheus"<br>  ],<br>  "prometheus-pushgateway-http-tcp": [<br>    9091,<br>    9091,<br>    "tcp",<br>    "Prometheus Pushgateway"<br>  ],<br>  "puppet-tcp": [<br>    8140,<br>    8140,<br>    "tcp",<br>    "Puppet"<br>  ],<br>  "puppetdb-tcp": [<br>    8081,<br>    8081,<br>    "tcp",<br>    "PuppetDB"<br>  ],<br>  "rabbitmq-15672-tcp": [<br>    15672,<br>    15672,<br>    "tcp",<br>    "RabbitMQ"<br>  ],<br>  "rabbitmq-25672-tcp": [<br>    25672,<br>    25672,<br>    "tcp",<br>    "RabbitMQ"<br>  ],<br>  "rabbitmq-4369-tcp": [<br>    4369,<br>    4369,<br>    "tcp",<br>    "RabbitMQ epmd"<br>  ],<br>  "rabbitmq-5671-tcp": [<br>    5671,<br>    5671,<br>    "tcp",<br>    "RabbitMQ"<br>  ],<br>  "rabbitmq-5672-tcp": [<br>    5672,<br>    5672,<br>    "tcp",<br>    "RabbitMQ"<br>  ],<br>  "rdp-tcp": [<br>    3389,<br>    3389,<br>    "tcp",<br>    "Remote Desktop"<br>  ],<br>  "rdp-udp": [<br>    3389,<br>    3389,<br>    "udp",<br>    "Remote Desktop"<br>  ],<br>  "redis-tcp": [<br>    6379,<br>    6379,<br>    "tcp",<br>    "Redis"<br>  ],<br>  "redshift-tcp": [<br>    5439,<br>    5439,<br>    "tcp",<br>    "Redshift"<br>  ],<br>  "saltstack-tcp": [<br>    4505,<br>    4506,<br>    "tcp",<br>    "SaltStack"<br>  ],<br>  "smtp-submission-2587-tcp": [<br>    2587,<br>    2587,<br>    "tcp",<br>    "SMTP Submission"<br>  ],<br>  "smtp-submission-587-tcp": [<br>    587,<br>    587,<br>    "tcp",<br>    "SMTP Submission"<br>  ],<br>  "smtp-tcp": [<br>    25,<br>    25,<br>    "tcp",<br>    "SMTP"<br>  ],<br>  "smtps-2456-tcp": [<br>    2465,<br>    2465,<br>    "tcp",<br>    "SMTPS"<br>  ],<br>  "smtps-465-tcp": [<br>    465,<br>    465,<br>    "tcp",<br>    "SMTPS"<br>  ],<br>  "solr-tcp": [<br>    8983,<br>    8987,<br>    "tcp",<br>    "Solr"<br>  ],<br>  "splunk-hec-tcp": [<br>    8088,<br>    8088,<br>    "tcp",<br>    "Splunk HEC"<br>  ],<br>  "splunk-indexer-tcp": [<br>    9997,<br>    9997,<br>    "tcp",<br>    "Splunk indexer"<br>  ],<br>  "splunk-splunkd-tcp": [<br>    8089,<br>    8089,<br>    "tcp",<br>    "Splunkd"<br>  ],<br>  "splunk-web-tcp": [<br>    8000,<br>    8000,<br>    "tcp",<br>    "Splunk Web"<br>  ],<br>  "squid-proxy-tcp": [<br>    3128,<br>    3128,<br>    "tcp",<br>    "Squid default proxy"<br>  ],<br>  "ssh-tcp": [<br>    22,<br>    22,<br>    "tcp",<br>    "SSH"<br>  ],<br>  "storm-nimbus-tcp": [<br>    6627,<br>    6627,<br>    "tcp",<br>    "Nimbus"<br>  ],<br>  "storm-supervisor-tcp": [<br>    6700,<br>    6703,<br>    "tcp",<br>    "Supervisor"<br>  ],<br>  "storm-ui-tcp": [<br>    8080,<br>    8080,<br>    "tcp",<br>    "Storm UI"<br>  ],<br>  "web-jmx-tcp": [<br>    1099,<br>    1099,<br>    "tcp",<br>    "JMX"<br>  ],<br>  "winrm-http-tcp": [<br>    5985,<br>    5985,<br>    "tcp",<br>    "WinRM HTTP"<br>  ],<br>  "winrm-https-tcp": [<br>    5986,<br>    5986,<br>    "tcp",<br>    "WinRM HTTPS"<br>  ],<br>  "zipkin-admin-query-tcp": [<br>    9901,<br>    9901,<br>    "tcp",<br>    "Zipkin Admin port query"<br>  ],<br>  "zipkin-admin-tcp": [<br>    9990,<br>    9990,<br>    "tcp",<br>    "Zipkin Admin port collector"<br>  ],<br>  "zipkin-admin-web-tcp": [<br>    9991,<br>    9991,<br>    "tcp",<br>    "Zipkin Admin port web"<br>  ],<br>  "zipkin-query-tcp": [<br>    9411,<br>    9411,<br>    "tcp",<br>    "Zipkin query port"<br>  ],<br>  "zipkin-web-tcp": [<br>    8080,<br>    8080,<br>    "tcp",<br>    "Zipkin web port"<br>  ],<br>  "zookeeper-2181-tcp": [<br>    2181,<br>    2181,<br>    "tcp",<br>    "Zookeeper"<br>  ],<br>  "zookeeper-2888-tcp": [<br>    2888,<br>    2888,<br>    "tcp",<br>    "Zookeeper"<br>  ],<br>  "zookeeper-3888-tcp": [<br>    3888,<br>    3888,<br>    "tcp",<br>    "Zookeeper"<br>  ],<br>  "zookeeper-jmx-tcp": [<br>    7199,<br>    7199,<br>    "tcp",<br>    "JMX"<br>  ]<br>}</pre> | no |
 | <a name="input_security_group_id"></a> [security\_group\_id](#input\_security\_group\_id) | ID of existing security group whose rules we will manage | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to security group | `map(string)` | `{}` | no |
-| <a name="input_timeout_create"></a> [timeout_create](#input\_timeout\_create) | Time to wait for a security group to be created | `string` | `10m` | no |
-| <a name="input_timeout_delete"></a> [timeout_delete](#input\_timeout\_delete) | Time to wait for a security group to be deleted | `string` | `15m` | no |
 | <a name="input_use_name_prefix"></a> [use\_name\_prefix](#input\_use\_name\_prefix) | Whether to use name\_prefix or fixed name. Should be true to able to update security group name after initial creation | `bool` | `true` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of the VPC where to create security group | `string` | `null` | no |
 

examples/complete/main.tf

@@ -397,3 +397,19 @@ module "only_rules" {
   ]
 }
 
+#######################################
+# Security group with modified timeouts
+#######################################
+module "ch_timeout_sg" {
+  source = "../../"
+
+  name        = "ch-timeout-sg"
+  description = "Security group with modified timeouts"
+  vpc_id      = data.aws_vpc.default.id
+
+  create_timeout = "15m"
+  delete_timeout = "45m"
+
+  ingress_cidr_blocks = ["10.10.0.0/16"]
+  ingress_rules       = ["https-443-tcp"]
+}

main.tf

@@ -24,8 +24,8 @@ resource "aws_security_group" "this" {
   )
 
   timeouts {
-    create = var.timeout_create
-    delete = var.timeout_delete
+    create = var.create_timeout
+    delete = var.delete_timeout
   }
 }
 
@@ -52,8 +52,8 @@ resource "aws_security_group" "this_name_prefix" {
   }
 
   timeouts {
-    create = var.timeout_create
-    delete = var.timeout_delete
+    create = var.create_timeout
+    delete = var.delete_timeout
   }
 }
 

variables.tf

@@ -55,13 +55,13 @@ variable "tags" {
   default     = {}
 }
 
-variable "timeout_create" {
+variable "create_timeout" {
   description = "Time to wait for a security group to be created"
   type        = string
   default     = "10m"
 }
 
-variable "timeout_delete" {
+variable "delete_timeout" {
   description = "Time to wait for a security group to be deleted"
   type        = string
   default     = "15m"