Skip to main content
Kafka 0.11.0

Kafka Security Group Rules

View SourceRelease Notes

This module creates the Security Group rules that allow traffic in and out of a server running a Kafka broker.

This module is used by the kafka-cluster module, so you typically won't have to use it directly. However, we keep this module separate in case you decide to run Kafka on top of a different type of cluster (e.g., co-located with ZooKeeper), in which case you can include this module to handle the Security Group details for you.

Sample Usage

main.tf

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S KAFKA-SECURITY-GROUP-RULES MODULE
# ------------------------------------------------------------------------------------------------------

module "kafka_security_group_rules" {

  source = "git::git@github.com:gruntwork-io/terraform-aws-kafka.git//modules/kafka-security-group-rules?ref=v0.11.0"

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # A list of CIDR-formatted IP address ranges that will be allowed to connect to
  # var.client_port
  allowed_inbound_cidr_blocks = <INPUT REQUIRED>

  # A list of security group IDs that will be allowed to connect to var.client_port
  allowed_inbound_security_group_ids = <INPUT REQUIRED>

  # The number of security group IDs in var.allowed_inbound_security_group_ids. We
  # should be able to compute this automatically, but due to a Terraform limitation,
  # we can't:
  # https://github.com/hashicorp/terraform/issues/14677#issuecomment-302772685
  num_allowed_inbound_security_group_ids = <INPUT REQUIRED>

  # The ID of the security group to which we should add the Kafka security group
  # rules
  security_group_id = <INPUT REQUIRED>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The port clients use to connect to Kafka brokers
  broker_port = 9092

  # The port Kafka brokers use to connect to each other.
  broker_port_internal = 9093

}