Skip to content

Instantly share code, notes, and snippets.

@MikeZ77
Created August 16, 2021 02:17
Show Gist options
  • Save MikeZ77/85a51b12cf98438f9042b830449bbca9 to your computer and use it in GitHub Desktop.
Save MikeZ77/85a51b12cf98438f9042b830449bbca9 to your computer and use it in GitHub Desktop.
RDS Proxy SG Rules
resource "aws_security_group" "sg_lambda" {
vpc_id = module.some_vpc.vpc_id
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "sg_rds_proxy" {
vpc_id = module.some_vpc.vpc_id
ingress {
description = "MySQL TLS from sg_lambda"
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups = [aws_security_group.sg_lambda.id]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "sg_rds" {
vpc_id = module.some_vpc.vpc_id
ingress {
description = "MySQL TLS from sg_rds_proxy"
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups = [aws_security_group.sg_rds_proxy.id]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment