Skip to content

Commit

Permalink
feat(aws-ecs): add runner security group
Browse files Browse the repository at this point in the history
  • Loading branch information
@jordan-acosta
jordan-acosta committed Jan 27, 2024
1 parent 300e400 commit 9cec51a
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 20 deletions.
4 changes: 2 additions & 2 deletions aws-ecs/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ output "vpc" {
public_subnet_cidr_blocks = module.vpc.public_subnets_cidr_blocks
public_subnet_ids = module.vpc.public_subnets

default_security_group_id = module.vpc.default_security_group_id
# default_security_group_arn = data.aws_security_group.default.arn
default_security_group_id = aws_security_group.runner.id
# default_security_group_arn = aws_security_group.runner.arn
}
}

Expand Down
17 changes: 17 additions & 0 deletions aws-ecs/runner_security_group.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
resource "aws_security_group" "runner" {
vpc_id = module.vpc.vpc_id

egress {
protocol = "-1"
from_port = 0
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
protocol = "-1"
from_port = 0
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
}
}
18 changes: 0 additions & 18 deletions aws-ecs/vpc.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,24 +34,6 @@ module "vpc" {
#create_database_subnet_group = true
#create_elasticache_subnet_group = true

default_security_group_egress = [
{
"protocol" = "-1"
from_port = 0
to_port = 0
cidr_blocks = "0.0.0.0/0"
}
]

default_security_group_ingress = [
{
"protocol" = "-1"
from_port = 0
to_port = 0
cidr_blocks = "0.0.0.0/0"
}
]

public_subnet_tags = {
"kubernetes.io/cluster/${local.nuon_id}" = "shared"
"kubernetes.io/role/elb" = 1
Expand Down

0 comments on commit 9cec51a

Please sign in to comment.