zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

included an empty list as default in the ingress_rules.destination_ranges variable

This commit is contained in:
ajlopezn 2023-04-11 10:22:08 +00:00
parent adb88d8a87
commit 4ccf9f9361
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/net-vpc-firewall/main.tf
View File

@ -101,7 +101,8 @@ resource "google_compute_firewall" "custom-rules" {
? ["0.0.0.0/0"]
: each.value.source_ranges
)
: each.value.source_ranges #for egress, we will include the range only if != null. Previously, always included a null
#for egress, we will include the source_ranges when provided. Previously, null was forced
: each.value.source_ranges
)
destination_ranges = (
each.value.direction == "EGRESS"
@ -110,7 +111,8 @@ resource "google_compute_firewall" "custom-rules" {
? ["0.0.0.0/0"]
: each.value.destination_ranges
)
: each.value.destination_ranges #for ingress, we will include the range only if != null. Previously, always included a null
#for ingress, we will include the destination_ranges when provided. Previously, null was forced
: each.value.destination_ranges
)
source_tags = (
each.value.use_service_accounts || each.value.direction == "EGRESS"

2
modules/net-vpc-firewall/variables.tf
View File

@ -71,7 +71,7 @@ variable "ingress_rules" {
type = map(object({
deny = optional(bool, false)
description = optional(string)
destination_ranges = optional(list(string))
destination_ranges = optional(list(string), []) # empty list is needed as default to allow deletion after initial creation with a value
disabled = optional(bool, false)
enable_logging = optional(object({
include_metadata = optional(bool)