This module create all required resources for deploy a Network Security Group with a list of security rules provisioned by the client.
module "az_nsg" {
source = "git::https://github.com/walmartdigital/k8s-nsg-module.git?ref=0.1.0"
resource_group = "my-resource-group"
cluster_name = "my-cluster-name"
environment = "staging"
name_suffix = "abc123"
ns_rules = [
{
name = "k8s-services"
priority = "150"
direction = "Inbound"
access = "Allow"
protocol = "*"
destination_port_range = "30000-32767"
source_address_prefix = "Internet"
destination_address_prefix = "VirtualNetwork"
description = "Port range for Kubernetes services"
},
]
}
- resource_group: A string representing the resource group where all resources will be provisioned, this resource group needs to be previously created (required).
- cluster_name: A string used as the cluster name.
- environment: A string used as environment where the cluster is deployed.
- name_suffix: A string used as name suffix (type: string).
- ns_rules: A list of security rules, each item is a map object. You need to provide the following variables for each map item: name, priority, direction, access, protocol, source_port_ranges, destination_port_ranges, source_address_prefix, destination_address_prefix and description.
- network_security_group_id: The Network security Group ID.
- network_security_group_name: The Network security Group name.