WIP

ministryofjustice · Feb 5, 2024 · 2aa641e · 2aa641e
1 parent 5466b35
commit 2aa641e
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/terraform/environments/delius-mis/application_variables.json b/terraform/environments/delius-mis/application_variables.json
@@ -1,7 +1,7 @@
 {
   "accounts": {
     "development": {
-      "example_var": "dev-data"
+      "legacy_counterpart_cidr": "10.162.32.0/20"
     },
     "test": {
       "example_var": "test-data"

diff --git a/terraform/environments/delius-mis/temp-ec2.tf b/terraform/environments/delius-mis/temp-ec2.tf
@@ -24,6 +24,40 @@ resource "aws_vpc_security_group_egress_rule" "allow_http_traffic_ipv4" {
   to_port           = each.key
 }
 
+resource "aws_vpc_security_group_egress_rule" "allow_http_traffic" {
+  for_each = toset(["80", "443"])
+
+  security_group_id = aws_security_group.example_ec2_sg.id
+  cidr_ipv4         = "0.0.0.0/0"
+  ip_protocol       = "tcp"
+  from_port         = each.key
+  to_port           = each.key
+}
+
+resource "aws_vpc_security_group_egress_rule" "ad_icmp" {
+  security_group_id = aws_security_group.example_ec2_sg.id
+  cidr_ipv4         = local.application_data.accounts[local.environment].legacy_counterpart_cidr
+  ip_protocol       = "icmp"
+}
+
+resource "aws_vpc_security_group_egress_rule" "ad_tcp" {
+  for_each = toset(["53", "88", "135", "389", "445", "464", "636"])
+
+  security_group_id = aws_security_group.example_ec2_sg.id
+  cidr_ipv4         = local.application_data.accounts[local.environment].legacy_counterpart_cidr
+  ip_protocol       = "tcp"
+  from_port         = each.key
+  to_port           = each.key
+}
+
+resource "aws_vpc_security_group_egress_rule" "ad_tcp_ephemeral" {
+  security_group_id = aws_security_group.example_ec2_sg.id
+  cidr_ipv4         = local.application_data.accounts[local.environment].legacy_counterpart_cidr
+  ip_protocol       = "tcp"
+  from_port         = 1024
+  to_port           = 65535
+}
+
 resource "aws_key_pair" "ec2-user" {
   key_name   = "ec2-user"
   public_key = file(".ssh/${terraform.workspace}/ec2-user.pub")