fix formatting

Signed-off-by: Paul Bastide <pbastide@us.ibm.com>
IBM · Oct 23, 2023 · 0299934 · 0299934
1 parent cbf7917
commit 0299934
Showing 1 changed file with 33 additions and 33 deletions.
diff --git a/modules/1_vpc_prepare/security_groups.tf b/modules/1_vpc_prepare/security_groups.tf
@@ -10,19 +10,19 @@ data "ibm_is_security_groups" "sgs" {
 
 locals {
   sg_matches = [for x in data.ibm_is_security_groups.sgs.security_groups : x if endswith(x.name, "${var.vpc_name}-supp-sg")]
-  sg_exists = length(sg_matches) > 0 ? 0 : 1
+  sg_exists  = length(sg_matches) > 0 ? 0 : 1
 }
 
 resource "ibm_is_security_group" "worker_vm_sg" {
-  count = local.sg_exists
+  count          = local.sg_exists
   name           = "${var.vpc_name}-supp-sg"
   vpc            = data.ibm_is_vpc.vpc.id
   resource_group = data.ibm_is_vpc.vpc.resource_group
 }
 
 # allow all outgoing network traffic
 resource "ibm_is_security_group_rule" "worker_vm_sg_outgoing_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "outbound"
   remote    = "0.0.0.0/0"
@@ -31,7 +31,7 @@ resource "ibm_is_security_group_rule" "worker_vm_sg_outgoing_all" {
 # allow all incoming network traffic on port 8080
 # This facilitates the ignition
 resource "ibm_is_security_group_rule" "worker_ignition" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = ibm_is_security_group.worker_vm_sg[0].id
@@ -43,7 +43,7 @@ resource "ibm_is_security_group_rule" "worker_ignition" {
 
 # allow all incoming network traffic on port 22
 resource "ibm_is_security_group_rule" "worker_vm_sg_ssh_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = "0.0.0.0/0"
@@ -55,7 +55,7 @@ resource "ibm_is_security_group_rule" "worker_vm_sg_ssh_all" {
 
 # allow all incoming network traffic on port 53
 resource "ibm_is_security_group_rule" "worker_vm_sg_supp_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -68,7 +68,7 @@ resource "ibm_is_security_group_rule" "worker_vm_sg_supp_all" {
 # Dev Note: the following are used by PowerVS and VPC VSIs.
 # allow all incoming network traffic on port 2049
 resource "ibm_is_security_group_rule" "nfs_1_vm_sg_ssh_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -80,7 +80,7 @@ resource "ibm_is_security_group_rule" "nfs_1_vm_sg_ssh_all" {
 
 # allow all incoming network traffic on port 111
 resource "ibm_is_security_group_rule" "nfs_2_vm_sg_ssh_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -92,7 +92,7 @@ resource "ibm_is_security_group_rule" "nfs_2_vm_sg_ssh_all" {
 
 # allow all incoming network traffic on port 2049
 resource "ibm_is_security_group_rule" "nfs_3_vm_sg_ssh_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -105,7 +105,7 @@ resource "ibm_is_security_group_rule" "nfs_3_vm_sg_ssh_all" {
 
 # allow all incoming network traffic on port 111
 resource "ibm_is_security_group_rule" "nfs_4_vm_sg_ssh_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -118,7 +118,7 @@ resource "ibm_is_security_group_rule" "nfs_4_vm_sg_ssh_all" {
 
 # allow all incoming network traffic for ping
 resource "ibm_is_security_group_rule" "worker_vm_sg_ping_all" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -129,7 +129,7 @@ resource "ibm_is_security_group_rule" "worker_vm_sg_ping_all" {
 }
 
 resource "ibm_is_security_group_rule" "control_plane_sg_mc" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -140,7 +140,7 @@ resource "ibm_is_security_group_rule" "control_plane_sg_mc" {
 }
 
 resource "ibm_is_security_group_rule" "control_plane_sg_api" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -157,7 +157,7 @@ resource "ibm_is_security_group_rule" "control_plane_sg_api" {
 #TCP 	22 	192.168.200.0/24
 #TCP - 9100 192.168.200.0/24
 resource "ibm_is_security_group_rule" "cluster_wide_sg_6081" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -168,7 +168,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_6081" {
 }
 
 resource "ibm_is_security_group_rule" "cluster_wide_sg_any" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -177,7 +177,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_any" {
 }
 
 resource "ibm_is_security_group_rule" "cluster_wide_sg_4789" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -188,7 +188,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_4789" {
 }
 
 resource "ibm_is_security_group_rule" "cluster_wide_sg_ssh" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -199,7 +199,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_ssh" {
 }
 
 resource "ibm_is_security_group_rule" "cluster_wide_sg_9100" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -210,7 +210,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_9100" {
 }
 
 resource "ibm_is_security_group_rule" "cluster_wide_sg_9537" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -224,7 +224,7 @@ resource "ibm_is_security_group_rule" "cluster_wide_sg_9537" {
 #TCP 	2379-2380 	192.168.200.0/24
 #TCP 	10257-10259 	192.168.200.0/24
 resource "ibm_is_security_group_rule" "cp_internal_sg_r1" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -235,7 +235,7 @@ resource "ibm_is_security_group_rule" "cp_internal_sg_r1" {
 }
 
 resource "ibm_is_security_group_rule" "cp_internal_sg_r2" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -252,7 +252,7 @@ resource "ibm_is_security_group_rule" "cp_internal_sg_r2" {
 # TCP (Out) 	80 	192.168.200.0/24
 # TCP (Out) 	443 	192.168.200.0/24
 resource "ibm_is_security_group_rule" "kube_api_lb_sg_mc" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -263,7 +263,7 @@ resource "ibm_is_security_group_rule" "kube_api_lb_sg_mc" {
 }
 
 resource "ibm_is_security_group_rule" "kube_api_lb_sg_mc_out" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "outbound"
   remote    = var.powervs_machine_cidr
@@ -274,7 +274,7 @@ resource "ibm_is_security_group_rule" "kube_api_lb_sg_mc_out" {
 }
 
 resource "ibm_is_security_group_rule" "kube_api_lb_sg_api_out" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "outbound"
   remote    = var.powervs_machine_cidr
@@ -285,7 +285,7 @@ resource "ibm_is_security_group_rule" "kube_api_lb_sg_api_out" {
 }
 
 resource "ibm_is_security_group_rule" "kube_api_lb_sg_http_out" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "outbound"
   remote    = var.powervs_machine_cidr
@@ -296,7 +296,7 @@ resource "ibm_is_security_group_rule" "kube_api_lb_sg_http_out" {
 }
 
 resource "ibm_is_security_group_rule" "kube_api_lb_sg_https_out" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "outbound"
   remote    = var.powervs_machine_cidr
@@ -315,7 +315,7 @@ resource "ibm_is_security_group_rule" "kube_api_lb_sg_https_out" {
 # TCP (IN) 	10250 	192.168.200.0/24
 # Dev Note: originally used 32767 and it's too low. Changed to 65000
 resource "ibm_is_security_group_rule" "openshift_net_sg_r1_in_tcp" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -326,7 +326,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_r1_in_tcp" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_r1_in_udp" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -337,7 +337,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_r1_in_udp" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_500" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -348,7 +348,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_500" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_r2_in_tcp" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -359,7 +359,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_r2_in_tcp" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_r2_in_udp" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -370,7 +370,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_r2_in_udp" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_10250_out" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr
@@ -381,7 +381,7 @@ resource "ibm_is_security_group_rule" "openshift_net_sg_10250_out" {
 }
 
 resource "ibm_is_security_group_rule" "openshift_net_sg_4500" {
-  count = local.sg_exists
+  count     = local.sg_exists
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = var.powervs_machine_cidr