The ability to add a variable where I can reference a list of aws_networkfirewall_firewall arns and have them apply to each specified subnet and vpc mapping. So in other words, I can map firewall rules over the entire dynamic subnets deployment, which requires mapping the firewall behind the scenes via a network interface object.
Use Case
This would be very valuable to those who want to lock down their dynamic vpc deployments in an automated way (without having to go through the AWS GUI).
Describe Ideal Solution
See "Expected Behavior". I would need to think on this and I have no idea at the moment. But I am willing to think about it and contribute a solution.
Alternatives Considered
I don't believe there is an alternative without code changes. I could just not use cloudposse, but then where would the fun be in that? ;)
Additional Context
Automating network firewall rules is a pretty new feature (released nov, 2020), so adding it as an option to this terraform module would keep it up-to-date and relevant.
Have a question? Please checkout our Slack Community or visit our Slack Archive.
Describe the Feature
I want to be able to use resource aws_networkfirewall_firewall and its dependent resources as described in https://www.hashicorp.com/blog/announcing-support-for-aws-network-firewall-in-the-terraform-aws-provider
Expected Behavior
The ability to add a variable where I can reference a list of aws_networkfirewall_firewall arns and have them apply to each specified subnet and vpc mapping. So in other words, I can map firewall rules over the entire dynamic subnets deployment, which requires mapping the firewall behind the scenes via a network interface object.
Use Case
This would be very valuable to those who want to lock down their dynamic vpc deployments in an automated way (without having to go through the AWS GUI).
Describe Ideal Solution
See "Expected Behavior". I would need to think on this and I have no idea at the moment. But I am willing to think about it and contribute a solution.
Alternatives Considered
I don't believe there is an alternative without code changes. I could just not use cloudposse, but then where would the fun be in that? ;)
Additional Context
Automating network firewall rules is a pretty new feature (released nov, 2020), so adding it as an option to this terraform module would keep it up-to-date and relevant.