/* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: MIT-0 */ # --- centralized_service_network/consumer-account/locals.tf --- # Data resource to determine the latest Amazon Linux2 AMI data "aws_ami" "amazon_linux" { most_recent = true owners = ["amazon"] filter { name = "name" values = [ "amzn-ami-hvm-*-x86_64-gp2", ] } filter { name = "owner-alias" values = [ "amazon", ] } } locals { security_groups = { instance = { name = "instance_security_group" description = "Instance SG (Allowing ICMP and HTTP/HTTPS access)" ingress = { icmp = { description = "Allowing ICMP traffic" from = -1 to = -1 protocol = "icmp" cidr_blocks = ["10.0.0.0/24"] } } egress = { any = { description = "Any traffic" from = 0 to = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } } endpoints = { name = "endpoints_sg" description = "Security Group for SSM connection" ingress = { https = { description = "Allowing HTTPS" from = 443 to = 443 protocol = "tcp" cidr_blocks = ["10.0.0.0/24"] } } egress = { any = { description = "Any traffic" from = 0 to = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } } vpc_lattice = { name = "lattice-vpc-association" description = "VPC Lattice VPC assocation - Security Group" ingress = { https = { description = "Allowing HTTP" from = 80 to = 80 protocol = "tcp" cidr_blocks = ["10.0.0.0/24"] } } egress = { any = { description = "Any traffic" from = 0 to = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } } } endpoint_service_names = { ssm = { name = "com.amazonaws.${var.aws_region}.ssm" type = "Interface" private_dns = true } ssmmessages = { name = "com.amazonaws.${var.aws_region}.ssmmessages" type = "Interface" private_dns = true } ec2messages = { name = "com.amazonaws.${var.aws_region}.ec2messages" type = "Interface" private_dns = true } } }