VPC Modules 0.27.0Last updated in version 0.22.3

Port Calculator Module

NOTE:

This module is an intermediate module used by network-acl-inbound and network-acl-outbound modules. This is not intended to be used directly.

This Terraform Module includes port computations that make it easier to implement NACL rules that explicitly omit specific ports. This is useful for adhering to various compliance standards that explicitly deny inclusion of NACL rules that allow unrestricted access to certain ports, regardless of the priority of the rule.

For example, if the input specifies to exclude the ports 22 and 3389, the output will be a list of port ranges that exclude just those ports:

[
  [0, 21],
  [23, 3388],
  [3390, 65535],
]

Sample Usage

Terraform
Terragrunt

main.tf

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S PORT-RANGE-CALCULATOR MODULE
# ------------------------------------------------------------------------------------------------------

module "port_range_calculator" {

  source = "git::git@github.com:gruntwork-io/terraform-aws-vpc.git//modules/port-range-calculator?ref=v0.27.0"

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # List of ports to exclude from the range.
  exclude_ports = <list(number)>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The starting range of the port range that is returned.
  from_port = 0

  # The ending range of the port range that is returned.
  to_port = 65535

}

terragrunt.hcl

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S PORT-RANGE-CALCULATOR MODULE
# ------------------------------------------------------------------------------------------------------

terraform {
  source = "git::git@github.com:gruntwork-io/terraform-aws-vpc.git//modules/port-range-calculator?ref=v0.27.0"
}

inputs = {

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # List of ports to exclude from the range.
  exclude_ports = <list(number)>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The starting range of the port range that is returned.
  from_port = 0

  # The ending range of the port range that is returned.
  to_port = 65535

}

Reference

Inputs
Outputs

Required

exclude_portslist(number)required

List of ports to exclude from the range.

Optional

from_portnumberoptional

The starting range of the port range that is returned.

Default:0

to_portnumberoptional

The ending range of the port range that is returned.

Default:65535

allowed_port_ranges_list

List of port ranges that when combined, exclude the ports in the exclude_ports list. This is null if all ports are allowed.

allowed_port_ranges_map

Map of port ranges to the ranges to allow. This is provided as a convenience output for use with resource for_each.

Sample Usage​

Reference​

Required​

Optional​

Sample Usage

Reference

Required

Optional