diff options
Diffstat (limited to 'sg.tf')
-rw-r--r-- | sg.tf | 59 |
1 files changed, 59 insertions, 0 deletions
@@ -0,0 +1,59 @@ +resource "aws_security_group" "external_ssh_accept_sg" { + name = "${var.vpc-name}_external_ssh_accept_sg" + description = "${var.vpc-name}_external_ssh_accept_sg" + vpc_id = "${aws_vpc.fundapp_demo_aws_vpc.id}" + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_security_group" "app_sg" { + name = "${var.vpc_name}_app_sg" + description = "${var.vpc_name}_app_sg" + vpc_id = "${aws_vpc.fundapp_demo_vpc.id}" + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + security_groups = ["${aws_security_group.app_elb_sg.id}"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_security_group" "app_elb_sg" { + name = "${var.vpc_name}_app_elb_sg" + description = "${var.vpc_name}_app_elb_sg" + vpc_id = "${aws_vpc.fundapp_demo_vpc.id}" + + ingress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} |