|
|
@@ -26,7 +26,7 @@ data "aws_security_group" "typical-host" {
|
|
|
resource "aws_security_group" "portal_lambda_splunk_sg" {
|
|
|
vpc_id = var.vpc_id
|
|
|
name = "portal-data-sync-lambda-splunk-sg"
|
|
|
- description = "Allow Lambda access to Moose"
|
|
|
+ description = "Allow Lambda network access"
|
|
|
}
|
|
|
|
|
|
resource "aws_security_group_rule" "portal_lambda_splunk_out" {
|
|
|
@@ -39,6 +39,16 @@ resource "aws_security_group_rule" "portal_lambda_splunk_out" {
|
|
|
security_group_id = aws_security_group.portal_lambda_splunk_sg.id
|
|
|
}
|
|
|
|
|
|
+resource "aws_security_group_rule" "portal_lambda_phantom_out" {
|
|
|
+ type = "egress"
|
|
|
+ from_port = 443
|
|
|
+ to_port = 443
|
|
|
+ protocol = "tcp"
|
|
|
+ cidr_blocks = var.cidr_map["vpc-private-services"]
|
|
|
+ description = "Allow Lambda to connect to all server APIs in private-services"
|
|
|
+ security_group_id = aws_security_group.portal_lambda_splunk_sg.id
|
|
|
+}
|
|
|
+
|
|
|
resource "aws_security_group_rule" "portal_lambda_splunk_in" {
|
|
|
type = "ingress"
|
|
|
from_port = 8089
|
Brad Poulton