| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- resource "aws_security_group" "ghe_backup_server" {
- name = "ghe-backup"
- tags = {
- "Name" = "ghe-backup"
- }
- vpc_id = var.vpc_id
- description = "github backup server"
- }
- resource "aws_security_group_rule" "ghe_backup_server_122_to_github" {
- security_group_id = aws_security_group.ghe_backup_server.id
- type = "egress"
- source_security_group_id = aws_security_group.ghe_server.id
- from_port = 122
- to_port = 122
- protocol = "tcp"
- description = "Outbound ssh to GH mgmt"
- }
- resource "aws_security_group_rule" "ghe_backup_server_122_to_legacy" {
- security_group_id = aws_security_group.ghe_backup_server.id
- type = "egress"
- cidr_blocks = local.cidr_map["vpc-public"]
- from_port = 122
- to_port = 122
- protocol = "tcp"
- description = "Outbound ssh to GH mgmt"
- }
- resource "aws_security_group_rule" "ghe_backup_server_egress_nfs" {
- security_group_id = aws_security_group.ghe_backup_server.id
- type = "egress"
- source_security_group_id = aws_security_group.ghe_backup_server.id
- from_port = 2049
- to_port = 2049
- protocol = "tcp"
- description = "Outbound NFS"
- }
- resource "aws_security_group_rule" "ghe_backup_server_ingress_nfs" {
- security_group_id = aws_security_group.ghe_backup_server.id
- type = "ingress"
- source_security_group_id = aws_security_group.ghe_backup_server.id
- from_port = 2049
- to_port = 2049
- protocol = "tcp"
- description = "Inbound NFS"
- }
|
