| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 |
- ###############################################
- # DO NOT EDIT THIS FILE
- #
- # This file is generated through 'make all'.
- # If you need to make changes, make your changes
- # to the corresponding .j file and then rerun
- # make all
- ###############################################
- #######
- # A security group for the ELB so it is accessible via the web
- resource "aws_security_group" "sg_instance_access" {
- name = "sg_instance_access"
- description = "Allows ssh/http/https in from me. Allows outbound on select ports."
- vpc_id = "${aws_vpc.vpc_primary.id}"
- # SSH, HTTP, and HTTPS inbound from me
- ingress {
- from_port = 22
- to_port = 22
- protocol = "tcp"
- cidr_blocks = "${var.Trusted-CIDR}"
- }
- ingress {
- from_port = 80
- to_port = 80
- protocol = "tcp"
- cidr_blocks = "${var.Trusted-CIDR}"
- }
- ingress {
- from_port = 443
- to_port = 443
- protocol = "tcp"
- cidr_blocks = "${var.Trusted-CIDR}"
- }
- # Outbound Access
- egress {
- from_port = 20
- to_port = 21
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- egress {
- from_port = 22
- to_port = 22
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- egress {
- from_port = 53
- to_port = 53
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- egress {
- from_port = 53
- to_port = 53
- protocol = "udp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- egress {
- from_port = 80
- to_port = 80
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- egress {
- from_port = 443
- to_port = 443
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- }
- }
|
