| 123456789101112131415161718192021222324252627282930313233 |
- #----------------------------------------------------------------------------
- # Jira RDS Security Group
- #----------------------------------------------------------------------------
- resource "aws_security_group" "jira_rds_sg" {
- # checkov:skip=CKV2_AWS_5: this SG is attached to Jira RDS
- name = "${var.identifier}_rds_sg"
- description = "Security Group for Jira RDS"
- vpc_id = var.vpc_id
- tags = merge(local.standard_tags, var.tags)
- }
- #-----------------------------------------------------------------
- # Ingress
- #-----------------------------------------------------------------
- resource "aws_security_group_rule" "jira_rds_in" {
- type = "ingress"
- description = "Inbound Postgres"
- from_port = 5432
- to_port = 5432
- protocol = "tcp"
- cidr_blocks = local.cidr_map["vpc-public"]
- security_group_id = aws_security_group.jira_rds_sg.id
- }
- resource "aws_security_group_rule" "jira_security_in" {
- type = "ingress"
- description = "Inbound From Scanners"
- from_port = 0
- to_port = 65535
- protocol = "-1"
- cidr_blocks = local.cidr_map["vpc-scanners"]
- security_group_id = aws_security_group.jira_rds_sg.id
- }
|
