add ec2, rds

author: clarkzjw <[email protected]> 2023-01-31 14:24:47 -0800
committer: clarkzjw <[email protected]> 2023-01-31 14:24:47 -0800
commit: 55bf0526c86c88f5ae0d20bad6587c72cd91e835 (patch)
tree: 286340ac38a8f4558baa985fe6f364a9d8261a63 /infra/sg.tf
parent: 0d9b8b4a4a2bb936744a338d1e7a42f2bd2272c9 (diff)
download: zjw.social-55bf0526c86c88f5ae0d20bad6587c72cd91e835.tar.gz
1 files changed, 38 insertions, 0 deletions
diff --git a/infra/sg.tf b/infra/sg.tf
new file mode 100644
index 0000000..48d5406
--- /dev/null
+++ b/infra/sg.tf
@@ -0,0 +1,38 @@
+# EC 2
+resource "aws_security_group" "backend" {
+  name   = local.name
+  vpc_id = module.vpc.vpc_id
+}
+resource "aws_security_group_rule" "backend_ingress_ssh" {
+  security_group_id = aws_security_group.backend.id
+  type              = "ingress"
+  protocol          = "tcp"
+  from_port         = 22
+  to_port           = 22
+  cidr_blocks       = ["0.0.0.0/0"]
+}
+resource "aws_security_group_rule" "backend_egress_all" {
+  security_group_id = aws_security_group.backend.id
+  type              = "egress"
+  protocol          = "all"
+  from_port         = 0
+  to_port           = 0
+  cidr_blocks       = ["0.0.0.0/0"]
+}
+# RDS
+resource "aws_security_group" "rds" {
+  name   = "${local.name}-db"
+  vpc_id = module.vpc.vpc_id
+}
+resource "aws_security_group_rule" "rds_ingress_backend" {
+  security_group_id        = aws_security_group.rds.id
+  type                     = "ingress"
+  protocol                 = "tcp"
+  from_port                = var.rds_port
+  to_port                  = var.rds_port
+  source_security_group_id = aws_security_group.backend.id
+}
author	clarkzjw <[email protected]>	2023-01-31 14:24:47 -0800
committer	clarkzjw <[email protected]>	2023-01-31 14:24:47 -0800
commit	55bf0526c86c88f5ae0d20bad6587c72cd91e835 (patch)
tree	286340ac38a8f4558baa985fe6f364a9d8261a63 /infra/sg.tf
parent	0d9b8b4a4a2bb936744a338d1e7a42f2bd2272c9 (diff)
download	zjw.social-55bf0526c86c88f5ae0d20bad6587c72cd91e835.tar.gz

diff --git a/infra/sg.tf b/infra/sg.tf new file mode 100644 index 0000000..48d5406 --- /dev/null +++ b/infra/sg.tf
@@ -0,0 +1,38 @@
	1	# EC 2
	2	resource "aws_security_group" "backend" {
	3	name = local.name
	4	vpc_id = module.vpc.vpc_id
	5	}
	6
	7	resource "aws_security_group_rule" "backend_ingress_ssh" {
	8	security_group_id = aws_security_group.backend.id
	9	type = "ingress"
	10	protocol = "tcp"
	11	from_port = 22
	12	to_port = 22
	13	cidr_blocks = ["0.0.0.0/0"]
	14	}
	15
	16	resource "aws_security_group_rule" "backend_egress_all" {
	17	security_group_id = aws_security_group.backend.id
	18	type = "egress"
	19	protocol = "all"
	20	from_port = 0
	21	to_port = 0
	22	cidr_blocks = ["0.0.0.0/0"]
	23	}
	24
	25	# RDS
	26	resource "aws_security_group" "rds" {
	27	name = "${local.name}-db"
	28	vpc_id = module.vpc.vpc_id
	29	}
	30
	31	resource "aws_security_group_rule" "rds_ingress_backend" {
	32	security_group_id = aws_security_group.rds.id
	33	type = "ingress"
	34	protocol = "tcp"
	35	from_port = var.rds_port
	36	to_port = var.rds_port
	37	source_security_group_id = aws_security_group.backend.id
	38	}