Question 1

How to create a security group with custom ports using terraform-aws-security-group?

Accepted Answer

Use the 'ingress_with_cidr_blocks' or similar arguments in the module, specifying 'from_port', 'to_port', and 'protocol' in a map, as shown in the custom rules example in the README. This allows defining non-standard ports beyond predefined rules.

Question 2

terraform-aws-security-group vs native Terraform security group resource?

Accepted Answer

This module abstracts AWS complexity with predefined rules and supports all features, reducing boilerplate, while native resources offer more direct control but require manual implementation. Choose the module for standardization and speed; use native for minimal setups.

Question 3

How to handle dynamic IP addresses in security group rules?

Accepted Answer

Leverage computed value arguments like 'computed_ingress_cidr_blocks' for Terraform 0.11 or use data sources in later versions, as detailed in the 'computed values' example. This integrates variables or outputs from other modules.

Question 4

Can I manage existing security groups with this module?

Accepted Answer

Yes, by setting 'create_sg' to false and providing 'security_group_id', you can manage rules for an existing group, as mentioned in the 'Security Group Rules Only' example. This is useful for incremental adoption.

Question 5

What happens if I need a rule not in the predefined list?

Accepted Answer

You can define custom rules using the 'ingress_with_cidr_blocks' or similar arguments, or contribute to the 'rules.tf' file and run 'update_groups.sh' to extend the module, as explained in the 'How to add/update rules/groups?' section.

Question 6

How to conditionally create security groups based on environment?

Accepted Answer

Use the 'create' input variable to toggle group creation, or combine with Terraform conditionals and count, supported for dynamic infrastructure as highlighted in the conditional creation note.

terraform-aws-security-group

What is terraform-aws-security-group?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions