A Terraform module to automatically update Security Group ingress rules with the latest public Cloudfront IP ranges.
This module is based on this AWS blog post, see the original blog post for steps on how to test the lambda function.
The lambda function uses tags to identify security groups it needs to update, the following are the three required tags:
key | value |
---|---|
Name | cloudfront_g or cloudfront_r |
AutoUpdate | true |
Protocol | http or https |
Note you may need to increase your SG rule quota if you have not done so previously.
module "cloudfront-sg-updater" {
source = "coresolutions-ltd/cloudfront-sg-updater/aws"
version = "~> 0.0.2"
}
Name | Version |
---|---|
aws | ~> 3.0 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
name | Name value for resources | string |
"Cloudfront-SG-Updater" |
no |
tags | Resource tags | map(string) |
{} |
no |
Name | Description |
---|---|
lambda_arn | n/a |