resource "aws_security_group" "sensyne_demo_cluster" {
  name        = "sensyne-demo-cluster-sg"
  description = "Cluster communication with worker nodes"
  vpc_id      = "${aws_vpc.sensyne_demo_vpc.id}"

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "sensyne_demo_cluster_sg"
  }
}

resource "aws_security_group_rule" "sensyne_demo_cluster_remote_access" {
  cidr_blocks       = ["81.187.12.210/32"]
  description       = "Allow external comms with cluster"
  from_port         = 443
  protocol          = "tcp"
  security_group_id = "${aws_security_group.sensyne_demo_cluster.id}"
  to_port           = 443
  type              = "ingress"
}