| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 |
- resource "aws_security_group" "outside" {
- name_prefix = "${var.instance_name}_outside"
- description = "Security Group for the AWS VPN"
- vpc_id = var.vpc_id
- tags = merge(var.standard_tags, var.tags)
- }
- resource "aws_security_group_rule" "vpn-in-443-tcp" {
- type = "ingress"
- from_port = 443
- to_port = 443
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.outside.id
- }
- resource "aws_security_group_rule" "vpn-in-443-udp" {
- type = "ingress"
- from_port = 443
- to_port = 443
- protocol = "udp"
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.outside.id
- }
- resource "aws_security_group_rule" "vpn-in-1194-tcp" {
- type = "ingress"
- from_port = 1194
- to_port = 1194
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.outside.id
- }
- resource "aws_security_group_rule" "vpn-in-1194-udp" {
- type = "ingress"
- from_port = 1194
- to_port = 1194
- protocol = "udp"
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.outside.id
- }
- resource "aws_security_group_rule" "vpn-out" {
- type = "egress"
- from_port = -1
- to_port = -1
- protocol = -1
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.outside.id
- }
- resource "aws_security_group" "inside" {
- name_prefix = "${var.instance_name}_inside"
- description = "Security Group for the AWS VPN"
- vpc_id = var.vpc_id
- tags = merge(var.standard_tags, var.tags)
- }
|
