Add easy way to expose subnet to the public.

This is a quality of life fix. A single boolean controls whether public HTTP(S) traffic reaches your infrastructure.

terraform_plans/network-subnet-public.tf

@@ -45,10 +45,10 @@ resource "oci_core_security_list" "public-security-list" {
 
   ingress_security_rules {
     stateless   = false
-    source      = var.ssh_allow_range
+    source      = var.go_live ? "0.0.0.0/0" : var.ssh_allow_range
     source_type = "CIDR_BLOCK"
     protocol    = "6"
-    description = "HTTP traffic"
+    description = "HTTPs traffic"
 
     tcp_options {
       min = 443
@@ -58,10 +58,10 @@ resource "oci_core_security_list" "public-security-list" {
 
   ingress_security_rules {
     stateless   = false
-    source      = var.ssh_allow_range
+    source      = var.go_live ? "0.0.0.0/0" : var.ssh_allow_range
     source_type = "CIDR_BLOCK"
     protocol    = "6"
-    description = "HTTPs traffic"
+    description = "HTTP traffic"
 
     tcp_options {
       min = 80

terraform_plans/tfvars.skel

@@ -11,9 +11,10 @@ vm_image_ocid_x86_64 =
 vm_image_ocid_ampere =
 
 # Add your SSH key here
-ssh_public_key =
+ssh_public_key   =
 # Optional: Replace this with your preferred environment name
 compartment_name =
 vm_name          =
 tags             =
 ssh_allow_range  =
+go_live          =

terraform_plans/variables.tf

@@ -55,6 +55,12 @@ variable "ssh_allow_range" {
   default     = "10.0.0.0/24"
 }
 
+variable "go_live" {
+  description = "A value of 'true' opens port 80 and 443 to all traffic from the internet."
+  type        = bool
+  default     = false
+}
+
 variable "tags" {
   description = "Freeform tags."
   type        = map(any)