Allowing adding extra SGs for the cluster (#9)

max-rocket-internet · web-flow · commit 873348b536ce · 2019-07-12T10:44:56.000+02:00
diff --git a/main.tf b/main.tf
@@ -34,7 +34,7 @@ resource "aws_rds_cluster" "main" {
   preferred_maintenance_window    = "${var.preferred_maintenance_window}"
   port                            = "${local.port}"
   db_subnet_group_name            = "${aws_db_subnet_group.main.name}"
-  vpc_security_group_ids          = ["${aws_security_group.main.id}"]
+  vpc_security_group_ids          = ["${concat(list(aws_security_group.main.id), var.extra_security_groups)}"]
   snapshot_identifier             = "${var.snapshot_identifier}"
   storage_encrypted               = "${var.storage_encrypted}"
   apply_immediately               = "${var.apply_immediately}"
diff --git a/variables.tf b/variables.tf
@@ -34,6 +34,11 @@ variable "allowed_security_groups" {
   default     = []
 }
 
+variable "extra_security_groups" {
+  description = "A list of Security Group IDs to add to the cluster"
+  default     = []
+}
+
 variable "vpc_id" {
   description = "VPC ID"
   type        = "string"
