<% security_groups.each do |security_group| -%> resource "aws_security_group" "<%= module_name_of(security_group) %>" { name = "<%= security_group.group_name %>" description = "<%= security_group.description %>" owner_id = "<%= security_group.owner_id %>" vpc_id = "<%= security_group.vpc_id || '' %>" <% security_group.ip_permissions.each do |permission| -%> ingress { from_port = <%= permission.from_port || 0 %> to_port = <%= permission.to_port || 0 %> protocol = "<%= permission.ip_protocol %>" <%- if permission.ip_ranges.length > 0 -%> cidr_blocks = <%= permission.ip_ranges.map { |range| range.cidr_ip }.inspect %> <%- end -%> <%- if permission.user_id_group_pairs.length > 0 -%> security_groups = <%= permission.user_id_group_pairs.map { |range| range.group_id }.inspect %> <%- end -%> } <% end -%> <% security_group.ip_permissions_egress.each do |permission| -%> egress { from_port = <%= permission.from_port || 0 %> to_port = <%= permission.to_port || 0 %> protocol = "<%= permission.ip_protocol %>" <%- if permission.ip_ranges.length > 0 -%> cidr_blocks = <%= permission.ip_ranges.map { |range| range.cidr_ip }.inspect %> <%- end -%> <%- if permission.user_id_group_pairs.length > 0 -%> security_groups = <%= permission.user_id_group_pairs.map { |range| range.group_id }.inspect %> <%- end -%> } <% end -%> <% if security_group.tags.length > 0 -%> tags { <% security_group.tags.each do |tag| -%> <%= tag.key %> = "<%= tag.value %>" <% end -%> } <% end -%> } <% end -%>