customisable rule action

This commit is contained in:
Richard Olson 2023-08-23 21:08:23 +10:00
parent 18af929331
commit def012d32e
1 changed files with 2 additions and 2 deletions

View File

@ -26,10 +26,10 @@ locals {
) )
factory_egress_rules = { factory_egress_rules = {
for k, v in local._factory_egress_rules : "egress/${k}" => { for k, v in local._factory_egress_rules : "egress/${k}" => {
action = "deny"
direction = "EGRESS" direction = "EGRESS"
name = k name = k
priority = v.priority priority = v.priority
action = lookup(v, "action", "deny")
description = lookup(v, "description", null) description = lookup(v, "description", null)
disabled = lookup(v, "disabled", false) disabled = lookup(v, "disabled", false)
enable_logging = lookup(v, "enable_logging", null) enable_logging = lookup(v, "enable_logging", null)
@ -70,10 +70,10 @@ locals {
} }
factory_ingress_rules = { factory_ingress_rules = {
for k, v in local._factory_ingress_rules : "ingress/${k}" => { for k, v in local._factory_ingress_rules : "ingress/${k}" => {
action = "allow"
direction = "INGRESS" direction = "INGRESS"
name = k name = k
priority = v.priority priority = v.priority
action = lookup(v, "action", "deny")
description = lookup(v, "description", null) description = lookup(v, "description", null)
disabled = lookup(v, "disabled", false) disabled = lookup(v, "disabled", false)
enable_logging = lookup(v, "enable_logging", null) enable_logging = lookup(v, "enable_logging", null)