# SG Summary - Server # Ingress: # 22 - sync from other security centers # 443 - User access # Egress: # 25 - smtp # 443 - updates # tcp/1243 - "Communicating with Log Correlation Engine" (unneeded in xdr) # tcp/8834-8835 - Communicating With Nessus - to vpc-scanners resource "aws_security_group" "security_center" { name_prefix = "security_center" tags = merge(local.standard_tags, var.tags, { Name = "security_center" }) vpc_id = var.vpc_id description = "Nessus Security Scanner" } #----------------------------------------------------------------- # Ingress #----------------------------------------------------------------- resource "aws_security_group_rule" "security_center_inbound_443" { security_group_id = aws_security_group.security_center.id type = "ingress" description = "443 - Inbound (from access, for testing)" cidr_blocks = local.cidr_map["vpc-access"] from_port = 443 to_port = 443 protocol = "tcp" } resource "aws_security_group_rule" "security_center_inbound_443_from_alb" { security_group_id = aws_security_group.security_center.id type = "ingress" source_security_group_id = aws_security_group.security_center_alb_server_internal.id from_port = 443 to_port = 443 protocol = "tcp" description = "Inbound 443 from the ALB" } #----------------------------------------------------------------- # Egress #----------------------------------------------------------------- resource "aws_security_group_rule" "security_center_outbound_nessus" { security_group_id = aws_security_group.security_center.id type = "egress" cidr_blocks = concat(local.cidr_map["vpc-scanners"], local.cidr_map["vpc-private-services"]) # Scanners and managers from_port = 8834 to_port = 8835 protocol = "tcp" description = "Outbound to Scanners and Managers" }