From e99ac766b0ff4515ad669497b5a63a28a2f30bcd Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Wed, 28 Aug 2019 14:36:58 +0100 Subject: Improve the from_port setting in various AWS security groups Thanks to schmie for looking in to this. --- terraform/aws/backend/main.tf | 10 +++++----- terraform/aws_using_ami/backend/main.tf | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/terraform/aws/backend/main.tf b/terraform/aws/backend/main.tf index f0ecb1a..e9cc82f 100644 --- a/terraform/aws/backend/main.tf +++ b/terraform/aws/backend/main.tf @@ -131,28 +131,28 @@ resource "aws_security_group" "public_webserver" { vpc_id = "${var.aws_vpc_id}" ingress { - from_port = 0 + from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 8080 to_port = 8080 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 8443 to_port = 8443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] @@ -165,7 +165,7 @@ resource "aws_security_group" "ssh_access_from_mini_environment_admin" { vpc_id = "${var.aws_vpc_id}" ingress { - from_port = 0 + from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = [ diff --git a/terraform/aws_using_ami/backend/main.tf b/terraform/aws_using_ami/backend/main.tf index 7025cad..d93317d 100644 --- a/terraform/aws_using_ami/backend/main.tf +++ b/terraform/aws_using_ami/backend/main.tf @@ -96,28 +96,28 @@ resource "aws_security_group" "public_webserver" { vpc_id = "${var.aws_vpc_id}" ingress { - from_port = 0 + from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 8080 to_port = 8080 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 0 + from_port = 8443 to_port = 8443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] @@ -130,7 +130,7 @@ resource "aws_security_group" "ssh_access_from_mini_environment_admin" { vpc_id = "${var.aws_vpc_id}" ingress { - from_port = 0 + from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = [ -- cgit v1.2.3