Skip to content
This repository has been archived by the owner on Jan 25, 2023. It is now read-only.

Bugfix/self not in security group #94

Merged
merged 11 commits into from
Sep 20, 2018
Merged

Bugfix/self not in security group #94

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
29008eb
Follow-up to PR#81 - adding tags to SG & S3 of vault-cluster and SG o…
jcejohnson Aug 16, 2018
bcca7f4
Merge branch 'master' of https://github.com/EFXCIA/terraform-aws-vault
efx-jjohnson Aug 16, 2018
1c36991
Merge remote-tracking branch 'upstream/master'
efx-jjohnson Aug 21, 2018
55a55a4
Merge remote-tracking branch 'upstream/master'
efx-jjohnson Aug 23, 2018
1f00a69
Merge remote-tracking branch 'upstream/master'
jcejohnson Aug 24, 2018
dff70d9
Merge remote-tracking branch 'upstream/master'
jcejohnson Aug 26, 2018
2d67828
Merge remote-tracking branch 'upstream/master'
efx-jjohnson Sep 17, 2018
091764d
Add our own aws_security_group.lc_security_group.id when invoking vau…
efx-jjohnson Sep 18, 2018
abc9709
Add an explicit rule with self in the security group rules module.
efx-jjohnson Sep 19, 2018
5927b53
Use 'self' instead of 'source_security_group_id'
efx-jjohnson Sep 19, 2018
3e943c9
Put the brackets back around allowed_inbound_security_group_ids.
efx-jjohnson Sep 20, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion modules/vault-cluster/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,8 @@ resource "aws_iam_role_policy" "vault_s3" {
}

data "aws_iam_policy_document" "vault_s3" {
count = "${var.enable_s3_backend ? 1 : 0}"
count = "${var.enable_s3_backend ? 1 : 0}"

statement {
effect = "Allow"
actions = ["s3:*"]
Expand Down
10 changes: 10 additions & 0 deletions modules/vault-security-group-rules/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,13 @@ resource "aws_security_group_rule" "allow_cluster_inbound_from_self" {

security_group_id = "${var.security_group_id}"
}

resource "aws_security_group_rule" "allow_cluster_inbound_from_self_api" {
type = "ingress"
from_port = "${var.api_port}"
to_port = "${var.api_port}"
protocol = "tcp"
self = true

security_group_id = "${var.security_group_id}"
}