9775ae9cb7
This should have literally everything you need to run a single command and get all infra components live and ready for app deployment.
40 lines
825 B
HCL
40 lines
825 B
HCL
resource "aws_security_group" "app_security_group" {
|
|
name = "App sec group"
|
|
description = "Allowing SSH and web traffic"
|
|
vpc_id = aws_vpc.app_vpc.id
|
|
|
|
ingress {
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
from_port = 443
|
|
to_port = 443
|
|
protocol = "tcp"
|
|
}
|
|
ingress {
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
from_port = 80
|
|
to_port = 80
|
|
protocol = "tcp"
|
|
}
|
|
ingress {
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
from_port = 22
|
|
to_port = 22
|
|
protocol = "tcp"
|
|
}
|
|
|
|
# These are so that we can update the system regularly using apt and sometimes
|
|
# with tarballs if we're updating something from source
|
|
egress {
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
from_port = 443
|
|
to_port = 443
|
|
protocol = "tcp"
|
|
}
|
|
egress {
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
from_port = 80
|
|
to_port = 80
|
|
protocol = "tcp"
|
|
}
|
|
}
|