Skip to content

Commit

Permalink
Planetfm/dsos 2227/migration sg initial config (#3551)
Browse files Browse the repository at this point in the history
* initial cutover SG config created for planetfm

* config added to locals file

* Update locals.tf

* Update locals_security_groups.tf

* Update locals_security_groups.tf

egress added
IjazMoJ authored Oct 4, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent c73d1b6 commit a0ff28b
Showing 2 changed files with 45 additions and 0 deletions.
1 change: 1 addition & 0 deletions terraform/environments/planetfm/locals.tf
Original file line number Diff line number Diff line change
@@ -51,6 +51,7 @@ locals {

baseline_security_groups = {
data-db = local.security_groups.data_db
migration_cutover = local.security_groups.migration_cutover
}

baseline_sns_topics = {}
44 changes: 44 additions & 0 deletions terraform/environments/planetfm/locals_security_groups.tf
Original file line number Diff line number Diff line change
@@ -23,5 +23,49 @@ locals {
}
}
}

migration_cutover = {
description = "Security group for migrated instances"
ingress = {
all-from-self = {
description = "Allow all ingress to self"
from_port = 0
to_port = 0
protocol = -1
self = true
}
https = {
description = "443: https ingress"
from_port = 443
to_port = 443
protocol = "TCP"
cidr_blocks = ["10.0.0.0/8"]
security_groups = []
}

rdp = {
description = "3389: Allow RDP ingress"
from_port = 3389
to_port = 3389
protocol = "TCP"
cidr_blocks = ["10.40.50.128/26","10.40.50.64/26","10.40.50.0/26"]
security_groups = []
}
}


egress = {
all = {
description = "Allow all egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
security_groups = []
}
}


}
}
}

0 comments on commit a0ff28b

Please sign in to comment.