resource "aws_security_group" "vmray_sg" {
  name        = "vmray_sg"
  description = "Security Rules Specific to VMRay"
  vpc_id      = data.terraform_remote_state.standard_vpc.outputs.vpc_id

  tags        = merge(var.standard_tags, var.tags)
}

resource "aws_security_group_rule" "vmray-ssh" {
  type              = "ingress"
  from_port         = 22
  to_port           = 22
  protocol          = "tcp"
  cidr_blocks       = var.portal_test_whitelist
  security_group_id = aws_security_group.vmray_sg.id
}

resource "aws_security_group_rule" "vmray-https" {
  type              = "ingress"
  from_port         = 443
  to_port           = 443
  protocol          = "tcp"
  cidr_blocks       = var.portal_test_whitelist
  security_group_id = aws_security_group.vmray_sg.id
}

resource "aws_security_group_rule" "vmray-egress" {
  type              = "egress"
  from_port         = 0 # all ports
  to_port           = 0 # all ports
  protocol          = "all"
  cidr_blocks       = [ "0.0.0.0/0" ]
  security_group_id = aws_security_group.vmray_sg.id
}