| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- # SG Summary - Server
- # Legacy was:
- # TCP+UDP/1514 - From 10.0.0.0/8
- # TCP/443 - From 10.0.0.0/8
- # TCP/8080 - From 10.0.0.0/8
- # TCP/5432 - Outbound to 10.0.0.0/8
- #
- # New:
- # Ingress: TCP/8080 from LB, VPC-Access
- # Egress: TCP/5432 to local vpc
- resource "aws_security_group" "jira_server" {
- name_prefix = "jira_server"
- tags = merge(local.standard_tags, var.tags, { Name = "jira_server" })
- vpc_id = var.vpc_id
- description = "Jira Server"
- }
- #-----------------------------------------------------------------
- # Inbound access
- #-----------------------------------------------------------------
- resource "aws_security_group_rule" "jira_server_inbound_8080" {
- security_group_id = aws_security_group.jira_server.id
- type = "ingress"
- cidr_blocks = local.cidr_map["vpc-access"]
- from_port = 8080
- to_port = 8080
- protocol = "tcp"
- description = "Inbound 8080 (from access, for testing)"
- }
- #-----------------------------------------------------------------
- # Outbound access
- #-----------------------------------------------------------------
- resource "aws_security_group_rule" "jira_server_outbound_postgres" {
- security_group_id = aws_security_group.jira_server.id
- type = "egress"
- source_security_group_id = var.rds_sg
- from_port = 5432
- to_port = 5432
- protocol = "tcp"
- description = "Outbound postgres to RDS"
- }
|
