Skip to content

hmcts/terraform-module-network-security-group

BranchesTags

Repository files navigation

Terraform Network Security Group Module

This module creates a new Network Security Group with two predefined rules that blocks all traffic from Virtual Network and AzureLoadBalancer, forcing the user to add custom rules for all required traffic. The Module also supports attaching the Network Security Group to multiple Subnets and Network Interfaces if required.

Examples

Examples can be found here.

Requirements

Name Version
terraform >=1.3
azurerm >=3.10.0, < 4.0

Providers

Name Version
azurerm >=3.10.0, < 4.0

Modules

No modules.

Resources

Name Type
azurerm_network_interface_security_group_association.network_interface_association resource
azurerm_network_security_group.network_security_group resource
azurerm_network_security_rule.DenyAzureLoadBalancerInbound resource
azurerm_network_security_rule.DenyVirtualNetworkInbound resource
azurerm_network_security_rule.custom_rules resource
azurerm_subnet_network_security_group_association.subnet_association resource

Inputs

Name Description Type Default Required
custom_rules list of maps for custom rules 
list(object({
    access                       = optional(string)
    description                  = optional(string)
    destination_address_prefix   = optional(string)
    destination_address_prefixes = optional(list(string))
    destination_port_ranges      = optional(list(string))
    destination_port_range       = optional(string)
    direction                    = optional(string)
    name                         = string
    priority                     = number
    protocol                     = optional(string)
    source_address_prefix        = optional(string)
    source_address_prefixes      = optional(list(string))
    source_port_range            = optional(string)
    source_port_ranges           = optional(list(string))
  }))
 [] no
location [REQUIRED] - azure location to place network security group string n/a yes
network_interface_ids a map with network interface names (key) & ids (value) to attach to nsg, NOTE: the name is required due to the requirement of setting a known value for the resource key when using for_each hashicorp/terraform#29957 map(string) {} no
network_security_group_name [REQUIRED] - name given to new network security group string n/a yes
resource_group_name [REQUIRED] - parent resource group of network security group inside string n/a yes
subnet_ids a map with subnet names (key) & ids (value) to attach to nsg, NOTE: the name is required due to the requirement of setting a known value for the resource key when using for_each hashicorp/terraform#29957 map(string) {} no
tags tags map(any) {} no

Outputs

Name Description
custom_rules a map of all custom rules created
network_security_group_id the id of the new network security group
network_security_group_name the name of the new network security group

About

Terraform Module to Create a Network Security Group in Azure.

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages