resource_asg

cloudfoundry_asg

Provides an application security group resource for Cloud Foundry. This resource defines egress rules that can be applied to containers that stage and run applications.

~> NOTE: This resource requires the provider to be authenticated with an account granted admin permissions. ~> NOTE: Resource will not override all security group set but rather only manage ASGs defined in the resource.

Example Usage

Basic usage

resource "cloudfoundry_asg" "messaging" {

	name = "rmq-service"
	
    rule {
        protocol = "tcp"
        destination = "192.168.1.100"
        ports = "1883,8883"
        log = true
    }
    rule {
        protocol = "tcp"
        destination = "192.168.1.101"
        ports = "5671-5672"
        log = true
    }
}

Argument Reference

The following arguments are supported:

• name - (Required) The name of the application security group.
• rule - (Required) A list of egress rules with the following arguments.
  • protocol - (Required, String) One of icmp, tcp, udp, or all.
  • destination - (Required, String) The IP address or CIDR block that can receive traffic.
  • ports - (Required, String) A single port, comma-separated ports or range of ports that can receive traffic.
  • type - (Optional, Integer) Allowed ICMP type. A value of -1 allows all types. Default is -1.
  • code - (Optional, Integer) Allowed ICMP code. . A value of -1 allows all codes. Default is -1.
  • log - (Optional, Boolean) Set to true to enable logging. For more information on how to configure system logs to be sent to a syslog drain, review the ASG logging documentation. Defaults to false.
  • description - (Optional, String) Description of the rule. Defaults to empty.

Attributes Reference

The following attributes are exported:

• id - The GUID of the application security group

Import

The current Asg can be imported using the asg guid, e.g.

$ terraform import cloudfoundry_asg.messaging a-guid