cosmetic formatting, replaced « with double quotes

Author: hyder

docs/terraformoptions.adoc

@@ -86,6 +86,11 @@ tags = {
 |true/false
 |false
 
+|`lockdown_default_seclist`
+|whether to remove all default security rules from the VCN Default Security List
+|true/false
+|true
+
 |`nat_gateway_enabled`
 |Whether to create a NAT gateway. 
 |true/false
@@ -111,9 +116,4 @@ tags = {
 |
 |
 
-|`lockdown_default_seclist`
-|whether to remove all default security rules from the VCN Default Security List
-|true/false
-|true
-
 |===

examples/README.md

@@ -78,7 +78,7 @@ module "vcn" {
   vcn_cidr                 = var.vcn_cidr
   vcn_dns_label            = var.vcn_dns_label
   vcn_name                 = var.vcn_name
-  lockdown_default_seclist     = var.lockdown_default_seclist
+  lockdown_default_seclist = var.lockdown_default_seclist
 }
 ```
 

examples/main.tf

@@ -15,6 +15,8 @@ module "vcn" {
   # vcn parameters
   internet_gateway_enabled = false
 
+  lockdown_default_seclist = true
+
   nat_gateway_enabled = false
 
   service_gateway_enabled = false
@@ -25,8 +27,6 @@ module "vcn" {
 
   vcn_name = "vcn"
 
-  lockdown_default_seclist = true
-
   tags = {
     environment = "dev"
     lob         = "finance"

variables.tf

@@ -30,6 +30,12 @@ variable "internet_gateway_enabled" {
   type        = bool
 }
 
+variable "lockdown_default_seclist" {
+  description = "whether to remove all default security rules from the VCN Default Security List"
+  default     = true
+  type        = bool
+}
+
 variable "nat_gateway_enabled" {
   description = "whether to create a nat gateway in the vcn"
   default     = false
@@ -65,9 +71,3 @@ variable "vcn_name" {
   description = "user-friendly name of to use for the vcn to be appended to the label_prefix"
   type        = string
 }
-
-variable "lockdown_default_seclist" {
-  description = "whether to remove all default security rules from the VCN Default Security List"
-  default     = true
-  type        = bool
-}

vcn_defaultresources.tf

@@ -5,13 +5,13 @@
 // See Issue #22 for the reasoning
 resource "oci_core_default_security_list" "lockdown" {
   // If variable is true, removes all rules from default security list
-  count                      = var.lockdown_default_seclist == true ? 1 : 0
   manage_default_resource_id = oci_core_vcn.vcn.default_security_list_id
+
+  count = var.lockdown_default_seclist == true ? 1 : 0
 }
 
 resource "oci_core_default_security_list" "restore_default" {
   // If variable is false, restore all default rules to default security list
-  count                      = var.lockdown_default_seclist == false ? 1 : 0
   manage_default_resource_id = oci_core_vcn.vcn.default_security_list_id
 
   egress_security_rules {
@@ -21,7 +21,7 @@ resource "oci_core_default_security_list" "restore_default" {
   }
 
   ingress_security_rules {
-    // SSH for all
+    // allow all SSH
     protocol = "6"
     source   = "0.0.0.0/0"
     tcp_options {
@@ -31,7 +31,7 @@ resource "oci_core_default_security_list" "restore_default" {
   }
 
   ingress_security_rules {
-    // ICMP for all type 3 code 4
+    // allow ICMP for all type 3 code 4
     protocol = "1"
     source   = "0.0.0.0/0"
 
@@ -42,12 +42,14 @@ resource "oci_core_default_security_list" "restore_default" {
   }
 
   ingress_security_rules {
-    //ICMP for VCN
+    //allow all ICMP from VCN
     protocol = "1"
     source   = var.vcn_cidr
 
     icmp_options {
       type = "3"
     }
   }
+
+  count = var.lockdown_default_seclist == false ? 1 : 0
 }

vcn_gateways.tf

@@ -1,9 +1,9 @@
 # Copyright (c) 2019, 2021, Oracle Corporation and/or affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
 
-resource « oci_core_internet_gateway » « ig » {
+resource oci_core_internet_gateway "ig" {
   compartment_id = var.compartment_id
-  display_name   = var.label_prefix == « none » ? « internet-gateway » : « ${var.label_prefix}-internet-gateway »
+  display_name   = var.label_prefix == "none" ? "internet-gateway" : "${var.label_prefix}-internet-gateway"
 
   freeform_tags = var.tags
 
@@ -12,9 +12,9 @@ resource « oci_core_internet_gateway » « ig » {
   count = var.internet_gateway_enabled == true ? 1 : 0
 }
 
-resource « oci_core_route_table » « ig » {
+resource "oci_core_route_table" "ig" {
   compartment_id = var.compartment_id
-  display_name   = var.label_prefix == « none » ? « internet-route » : « ${var.label_prefix}-internet-route »
+  display_name   = var.label_prefix == "none" ? "internet-route" : "${var.label_prefix}-internet-route"
 
   freeform_tags = var.tags
 
@@ -52,9 +52,9 @@ resource "oci_core_service_gateway" "service_gateway" {
   count = var.service_gateway_enabled == true ? 1 : 0
 }
 
-resource « oci_core_nat_gateway » « nat_gateway » {
+resource "oci_core_nat_gateway" "nat_gateway" {
   compartment_id = var.compartment_id
-  display_name   = var.label_prefix == « none » ? « nat-gateway » : « ${var.label_prefix}-nat-gateway »
+  display_name   = var.label_prefix == "none" ? "nat-gateway" : "${var.label_prefix}-nat-gateway"
 
   freeform_tags = var.tags