feat: added output for all nsg ids in a map. Previous nsg outputs are deprecated (#550)

feat: added output for all nsg ids in a map. Previous nsg outputs
      are deprecated

Signed-off-by: Ali Mukadam <ali.mukadam@oracle.com>

Author: hyder

modules/network/nsgs.tf

@@ -440,27 +440,6 @@ resource "oci_core_network_security_group_security_rule" "int_lb_ingress" {
   count = var.load_balancers == "internal" || var.load_balancers == "both" ? length(local.internal_lb_allowed_cidrs_and_ports) : 0
 }
 
-# add this rule separately so it can be controlled independently
-# resource "oci_core_network_security_group_security_rule" "int_lb_healthcheck_ingress_from_pub_lb" {
-#   network_security_group_id = oci_core_network_security_group.int_lb[0].id
-#   description               = "Allow healthchecks from public load balancers"
-#   direction                 = "INGRESS"
-#   protocol                  = local.tcp_protocol
-#   source                    = local.pub_lb_subnet
-#   source_type               = "CIDR_BLOCK"
-
-#   stateless = false
-
-#   tcp_options {
-#     destination_port_range {
-#       min = length(regexall("-", element(var.internal_lb_allowed_ports, count.index))) > 0 ? tonumber(element(split("-", element(var.internal_lb_allowed_ports, count.index)), 0)) : element(var.internal_lb_allowed_ports, count.index)
-#       max = length(regexall("-", element(var.internal_lb_allowed_ports, count.index))) > 0 ? tonumber(element(split("-", element(var.internal_lb_allowed_ports, count.index)), 1)) : element(var.internal_lb_allowed_ports, count.index)
-#     }
-#   }
-
-#   count = var.load_balancers == "both" ? length(var.internal_lb_allowed_ports) : 0
-# }
-
 # public lb nsg and rules
 resource "oci_core_network_security_group" "pub_lb" {
   compartment_id = var.compartment_id

modules/network/outputs.tf

@@ -4,13 +4,24 @@
 output "subnet_ids" {
   value = {
     "cp"      = join(",", oci_core_subnet.cp[*].id)
-    "pods" = join(",", oci_core_subnet.pods[*].id)
+    "pods"    = join(",", oci_core_subnet.pods[*].id)
     "workers" = join(",", oci_core_subnet.workers[*].id)
     "int_lb"  = join(",", oci_core_subnet.int_lb[*].id)
     "pub_lb"  = join(",", oci_core_subnet.pub_lb[*].id)
   }
 }
 
+output "nsg_ids" {
+  value = {
+    "cp"      = join(",", oci_core_network_security_group.cp[*].id)
+    "pods"    = join(",", oci_core_network_security_group.pods[*].id)
+    "workers" = join(",", oci_core_network_security_group.workers[*].id)
+    "int_lb"  = join(",", oci_core_network_security_group.int_lb[*].id)
+    "pub_lb"  = join(",", oci_core_network_security_group.pub_lb[*].id)
+
+  }
+}
+
 output "control_plane_nsg_id" {
   value = oci_core_network_security_group.cp.id
 }

outputs.tf

@@ -23,18 +23,25 @@ output "nat_route_id" {
   value       = local.nat_route_id
 }
 
+# Deprecated
 output "int_lb_nsg" {
   description = "id of default NSG that can be associated with the internal load balancer"
   value       = module.network.int_lb
 }
 
+output "nsg_ids" {
+  description = "map of NSG ids (cp, worker, int_lb, pub_lb, pod) used by OKE."
+  value       = module.network.nsg_ids
+}
+
+# Deprecated
 output "pub_lb_nsg" {
   description = "id of default NSG that can be associated with the internal load balancer"
   value       = module.network.pub_lb
 }
 
 output "subnet_ids" {
-  description = "map of subnet ids (worker, int_lb, pub_lb) used by OKE."
+  description = "map of subnet ids (cp, worker, int_lb, pub_lb, pod) used by OKE."
   value       = module.network.subnet_ids
 }