-
-
Notifications
You must be signed in to change notification settings - Fork 250
/
Copy pathvariables-deprecated.tf
60 lines (54 loc) · 2.29 KB
/
variables-deprecated.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
variable "use_existing_security_groups" {
type = bool
description = <<-EOT
DEPRECATED: Use `create_security_group` instead.
Historical description: Flag to enable/disable creation of Security Group in the module.
Set to `true` to disable Security Group creation and provide a list of existing security Group IDs in `existing_security_groups` to place the cluster into.
Historical default: `false`
EOT
default = null
}
variable "existing_security_groups" {
type = list(string)
default = []
description = <<-EOT
DEPRECATED: Use `associated_security_group_ids` instead.
Historical description: List of existing Security Group IDs to place the cluster into.
Set `use_existing_security_groups` to `true` to enable using `existing_security_groups` as Security Groups for the cluster.
EOT
}
variable "allowed_security_groups" {
type = list(string)
default = []
description = <<-EOT
DEPRECATED: Use `allowed_security_group_ids` instead.
EOT
}
variable "allowed_cidr_blocks" {
type = list(string)
default = []
description = <<-EOT
DEPRECATED: Use `additional_security_group_rules` instead.
Historical description: List of CIDR blocks that are allowed ingress to the cluster's Security Group created in the module
EOT
}
variable "egress_cidr_blocks" {
type = list(any)
default = null
description = <<-EOT
DEPRECATED: Use `allow_all_egress` and `additional_security_group_rules` instead.
Historical description: Outbound traffic address.
Historical default: ["0.0.0.0/0"]
EOT
}
locals {
# Use the legacy egress rule unless:
# - var.egress_cidr_blocks is null, which means use the default, which is allow all egress
# - var.allow_all_egress is true, which explicitly means allow all egress
# - var.egress_cidr_blocks is exactly ["0.0.0.0/0"], which we interpret to mean "allow all egress"
use_legacy_egress = !(var.egress_cidr_blocks == null || var.allow_all_egress == true || (
try(length(var.egress_cidr_blocks), 0) == 1 && try(var.egress_cidr_blocks[0], "") == "0.0.0.0/0")
)
# If var.allow_all_egress is null, default to true unless some alternate legacy rule was provided
allow_all_egress = var.allow_all_egress == null ? !local.use_legacy_egress : var.allow_all_egress
}