variable "project_id" {
  type = string
}

variable "security_group_id" {
  type = string
}

variable "rules" {
  type = list(object({
    direction   = string
    description = optional(string)
    ether_type  = optional(string)
    icmp_parameters = optional(object({
      type = optional(number)
      code = optional(number)
    }))
    ip_range = optional(string)
    port_range = optional(object({
      min = number
      max = number
    }))
    protocol = optional(object({
      name   = optional(string)
      number = optional(number)
    }))
    remote_security_group_id = optional(string)
  }))
  default = []

  validation {
    condition = alltrue([
      for rule in var.rules : contains(["ingress", "egress"], rule.direction)
      # ... need more validations 
    ])
    error_message = "Direction must be either \"ingress\" or \"egress\"."
  }
}