Startseite Erkunden Hilfe
Registrieren Anmelden
AFS
/
xdr-terraform-modules
2
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 5b529ed6ec
Branches Tags
xdr-terraform-m...
/
base
/
splunk_servers
/
indexer_cluster
/
security-group-elbs.tf

security-group-elbs.tf 2.2 KB
Verlauf Originalformat

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. ## Indexer Security Group
    2. 

  2. #
    3. 

  3. # Summary:
    4. 

  4. #   Ingress:
    5. 

  5. #     tcp/8088      - Splunk HEC                 - (local.data_sources) Entire VPC + var.additional_source + local.splunk_legacy_cidr
    6. 

  6. #   Egress:
    7. 

  7. #     tcp/8088      - Splunk HEC
    8. 

  8. 

  9. # Defined in security-group-indexers.tf:
    10. 

  10. #locals {
    11. 

  11. #  splunk_vpc_cidrs = toset(concat(local.splunk_legacy_cidr, [ var.vpc_cidr ]))
    12. 

  12. #  access_cidrs     = toset(concat(local.cidr_map["bastions"], local.cidr_map["vpns"]))
    13. 

  13. #  data_sources     = toset(concat(tolist(local.splunk_vpc_cidrs), local.splunk_data_sources))
    14. 

  14. #}
    15. 

  15. 

  16. resource "aws_security_group" "hec_elb_security_group" {
    17. 

  17.   name        = "hec_elb_security_group"
    18. 

  18.   description = "Security Group for HEC ELBs (both ack and non-ack)"
    19. 

  19.   vpc_id      = var.vpc_id
    20. 

  20.   tags        = merge(local.standard_tags, var.tags, { "Name" = "hec_elb_security_group" })
    21. 

  21. }
    22. 

  22. 

  23. #----------------------------------------------------------------------------
    24. 

  24. # INGRESS
    25. 

  25. #----------------------------------------------------------------------------
    26. 

  26. resource "aws_security_group_rule" "hec-https-in" {
    27. 

  27.   count             = anytrue([local.is_moose, var.hec_listen_443]) ? 1 : 0
    28. 

  28.   type              = "ingress"
    29. 

  29.   description       = "HEC port - HTTPS - Moose only"
    30. 

  30.   from_port         = 443
    31. 

  31.   to_port           = 443
    32. 

  32.   protocol          = "tcp"
    33. 

  33.   cidr_blocks       = ["0.0.0.0/0"] # tfsec:ignore:aws-vpc-no-public-ingress-sgr
    34. 

  34.   security_group_id = aws_security_group.hec_elb_security_group.id
    35. 

  35. }
    36. 

  36. 

  37. resource "aws_security_group_rule" "hec-in" {
    38. 

  38.   type              = "ingress"
    39. 

  39.   description       = "HEC port in"
    40. 

  40.   from_port         = 8088
    41. 

  41.   to_port           = 8088
    42. 

  42.   protocol          = "tcp"
    43. 

  43.   cidr_blocks       = ["0.0.0.0/0"] # tfsec:ignore:aws-vpc-no-public-ingress-sgr
    44. 

  44.   security_group_id = aws_security_group.hec_elb_security_group.id
    45. 

  45. }
    46. 

  46. 

  47. #----------------------------------------------------------------------------
    48. 

  48. # INGRESS
    49. 

  49. #----------------------------------------------------------------------------
    50. 

  50. resource "aws_security_group_rule" "hec-out" {
    51. 

  51.   type              = "egress"
    52. 

  52.   description       = "HEC to the indexers"
    53. 

  53.   from_port         = 8088
    54. 

  54.   to_port           = 8088
    55. 

  55.   protocol          = "tcp"
    56. 

  56.   cidr_blocks       = local.splunk_vpc_cidrs
    57. 

  57.   security_group_id = aws_security_group.hec_elb_security_group.id
    58. 

  58. }
    59.