Created
April 26, 2023 13:13
-
-
Save yngvark/5f70b0f907fe32876738172c36a2f29a to your computer and use it in GitHub Desktop.
ALB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Security group | |
| resource "aws_security_group" "alb" { | |
| name = "${local.environment}-alb-public" | |
| description = "Used by the public internet-facing load balancer" | |
| vpc_id = module.data_networking.vpc_id | |
| tags = local.common_tags | |
| } | |
| // | |
| // Ingress rules | |
| // | |
| resource "aws_vpc_security_group_ingress_rule" "http" { | |
| security_group_id = aws_security_group.alb.id | |
| description = "Allow inbound HTTP traffic on port 80 (TCP) from any IP (0.0.0.0/0)" | |
| from_port = 80 | |
| to_port = 80 | |
| protocol = "tcp" | |
| cidr_blocks = "0.0.0.0/0" | |
| } | |
| resource "aws_vpc_security_group_ingress_rule" "https" { | |
| security_group_id = aws_security_group.alb.id | |
| description = "Allow inbound HTTP traffic on port 443 (TCP) from any IP (0.0.0.0/0)" | |
| from_port = 443 | |
| to_port = 443 | |
| protocol = "tcp" | |
| cidr_blocks = "0.0.0.0/0" | |
| } | |
| // | |
| // Egress rules | |
| // | |
| // Tempfish | |
| resource "aws_vpc_security_group_egress_rule" "tempfish" { | |
| security_group_id = aws_security_group.alb.id | |
| description = "Allow outbound TCP traffic on port 8080 to app Tempfish ECS security group (${module.sg_ecs_app_tempfish.security_group_id})" | |
| from_port = 8080 | |
| to_port = 8080 | |
| ip_protocol = "tcp" | |
| referenced_security_group_id = aws_security_group.ecs_app_tempfish.id | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment