security group rule creator taking shape

Author: apolloakora

.gitignore

@@ -0,0 +1,13 @@
+
+# Ignore the .terraform configuration folder which includes
+# a large cached binary that is divorced from the changeable
+# system binary.
+**/.terraform/*
+
+# Ignore all files produced to hold and backup state which
+# includes terraform.tfstate and terraform.tfstate.backup
+*.tfstate
+*.tfstate.*
+
+# When terraform crashes it can leave this file behind.
+crash.log

README.md

@@ -1,18 +1,15 @@
 
 # Create Security Group Rules | Terraform Module
 
-Refactor to use this module and avoid **hundreds of lines of very similar security group** terraform definitions.
+**Avoid hundreds of lines of similar security group definitions** by refactoring to use this security group and rule creation terraform module.
 
-## Usage
-
-You specify every ingress rule you need in just one line with words like **ssh**, https, **sftp**, rabbitmq, kube-controller and **openvpn**. If you omit in_egress then the ubiquitous "all-traffic" is assumed.
-
- The most common usage is to specify the VPC ID and the ingress (inbound) rules To use this module simply declare it like below supplying it with a mandatory VPC id. If you omit **in_ingress** a default ssh rule is created. A default **all traffic egress rule** is also created but you can override this behaviour if you so wish.
+You specify every ingress rule you need in just one line with words like **ssh**, https, **sftp**, rabbitmq, **kube-control-plane** or openvpn. If you omit in_egress the ubiquitous "all-traffic" is assumed.
 
+## Usage
 
-    module security_groups
+    module security_group
     {
-        source     = "github.com/devops-ip/terraform-aws-security-groups"
+        source     = "github.com/devops-ip/terraform-aws-security-group"
         in_ingress = [ "ssh", "http", "https" ]
         in_vpc_id  = "${module.vpc.vpc_id}"
     }
@@ -22,14 +19,16 @@ You specify every ingress rule you need in just one line with words like **ssh**
         ami = "${var.ubuntu-amis[ "${data.aws_region.with.name}" ]}"
         instance_type = "t2.micro"
 
-        vpc_security_group_ids = "${module.security_groups.out_security_group_ids}"
+        vpc_security_group_ids = "${module.security_group.out_security_group_ids}"
     }
 
 
+Output **out_security_group_ids** is a **list** whilst **out_security_group_id** is a **string**.
+
+## [Examples and Tests](test-security.group)
 
-This module defines two **list outputs** called **out_default_security_group_ids** and **out_new_security_group_ids**. Use the first after creating rules against the VPC's default security group and the second after a new security group is created (see variable in_use_default).
+**[This terraform module has runnable example integration tests](test-security.group)**. Read the instructions on how to clone the project and run the integration tests.
 
-    vpc_security_group_ids = [ "${module.security_group_module.out_default_security_group_ids}" ]
 
 ## Security Group Module Inputs
 

test-security.group/README.md

@@ -0,0 +1,25 @@
+
+# Test the AWS VPC Subnets Module
+
+You can unit test the [[terraform-aws-vpc-subnets module]](https://github.com/devops-ip/terraform-aws-vpc-subnets) which **creates VPCs subnets in a round robin** manner.
+
+    $ git clone https://github.com/devops-ip/test-vpc-subnets.git
+    $ cd test-vpc-subnets
+    $ terraform init .
+    $ terraform apply -auto-approve
+    $ terraform destroy -auto-approve
+
+## Unit Test Pre-Conditions
+
+Check before you run the test that
+
+- terraform and git are installed
+- you have created an AWS IAM user with VPC permissions
+- your [[AWS credentials have been installed]](https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/setup-credentials.html)
+- headroom exists for 10 more VPCs
+
+## Extend the 5 VPC Limit
+
+The default VPC limit is a pithy 5 and we need at least 10 to test all the functionality in this ubiquitous VPC/Subnet creation module.
+
+On receiving your support ticket AWS automatically ups the VPC limit if you request 25 or less.

test-security.group/security.group-test.tf

@@ -0,0 +1,116 @@
+
+### ################################################# ###
+### [[test-module]] testing terraform-aws-vpc-subnets ###
+### ################################################# ###
+
+locals
+{
+    ecosystem_id = "vs-unittest"
+}
+
+module zero-param-test
+{
+    source = "github.com/devops-ip/terraform-aws-vpc-subnets"
+}
+
+module last-stable-release-test-0
+{
+    source       = "github.com/devops-ip/terraform-aws-vpc-subnets?ref=v0.1.0002"
+    in_vpc_cidr  = "10.234.56.0/24"
+    in_ecosystem = "${local.ecosystem_id}-00"
+}
+
+module vpc-subnets-test-1
+{
+    source       = "github.com/devops-ip/terraform-aws-vpc-subnets"
+    version      = "v0.1.0002"
+    in_vpc_cidr  = "10.234.0.0/16"
+    in_ecosystem = "${local.ecosystem_id}-01"
+}
+
+module vpc-subnets-test-2
+{
+    source         =  "github.com/devops-ip/terraform-aws-vpc-subnets"
+    version        =  "~> v0.1.0"
+    in_vpc_cidr    =  "10.15.0.0/18"
+    in_subnets_max =  "4"
+    in_ecosystem   =  "${local.ecosystem_id}-02"
+}
+
+module vpc-subnets-test-3
+{
+    source          = "github.com/devops-ip/terraform-aws-vpc-subnets"
+    in_vpc_cidr     = "10.63.0.0/20"
+    in_subnets_max  = "6"
+    in_ecosystem    = "${local.ecosystem_id}-03"
+}
+
+module vpc-subnets-test-4
+{
+    source                 = "github.com/devops-ip/terraform-aws-vpc-subnets"
+    in_vpc_cidr            = "10.255.0.0/21"
+    in_num_private_subnets = 8
+    in_num_public_subnets  = 7
+    in_subnets_max         = "7"
+    in_ecosystem           = "${local.ecosystem_id}-04"
+}
+
+module vpc-subnets-test-5
+{
+    source                 = "github.com/devops-ip/terraform-aws-vpc-subnets"
+    in_vpc_cidr            = "10.242.0.0/16"
+    in_num_private_subnets = 0
+    in_num_public_subnets  = 0
+    in_ecosystem           = "${local.ecosystem_id}-05"
+}
+
+module vpc-subnets-test-6
+{
+    source                 = "github.com/devops-ip/terraform-aws-vpc-subnets"
+    in_vpc_cidr            = "10.243.0.0/16"
+    in_num_private_subnets = 0
+    in_ecosystem           = "${local.ecosystem_id}-06"
+}
+
+module vpc-subnets-test-7
+{
+    source                = ".."
+    in_vpc_cidr           = "10.244.0.0/16"
+    in_num_public_subnets = 0
+    in_ecosystem          = "${local.ecosystem_id}-07"
+}
+
+module vpc-subnets-test-8
+{
+    source                 = ".."
+    in_vpc_cidr            = "10.245.0.0/16"
+    in_num_private_subnets = 6
+    in_num_public_subnets  = 6
+    in_ecosystem           = "${local.ecosystem_id}-08"
+}
+
+module vpc-subnets-test-9
+{
+    source                 = ".."
+    in_vpc_cidr            = "10.31.0.0/22"
+    in_num_private_subnets = 2
+    in_num_public_subnets  = 8
+    in_subnets_max         = "5"
+    in_ecosystem           = "${local.ecosystem_id}-09"
+}
+
+output subnet_ids_1{ value = "${module.vpc-subnets-test-1.out_subnet_ids}" }
+output private_subnet_ids_1{ value = "${module.vpc-subnets-test-1.out_private_subnet_ids}" }
+output public_subnet_ids_1{ value = "${module.vpc-subnets-test-1.out_public_subnet_ids}" }
+
+output subnet_ids_2{ value = "${module.vpc-subnets-test-6.out_subnet_ids}" }
+output private_subnet_ids_2{ value = "${module.vpc-subnets-test-6.out_private_subnet_ids}" }
+output public_subnet_ids_2{ value = "${module.vpc-subnets-test-6.out_public_subnet_ids}" }
+
+output subnet_ids_3{ value = "${module.vpc-subnets-test-7.out_subnet_ids}" }
+output private_subnet_ids_3{ value = "${module.vpc-subnets-test-7.out_private_subnet_ids}" }
+output public_subnet_ids_3{ value = "${module.vpc-subnets-test-7.out_public_subnet_ids}" }
+
+output subnet_ids_4{ value = "${module.vpc-subnets-test-9.out_subnet_ids}" }
+output private_subnet_ids_4{ value = "${module.vpc-subnets-test-9.out_private_subnet_ids}" }
+output public_subnet_ids_4{ value = "${module.vpc-subnets-test-9.out_public_subnet_ids}" }