infra-aws-eks/eks/security.tf

# A basic security group for our nginx server (running on NodePort 31234)

# resource "aws_security_group_rule" "public_out" {
#   type        = "egress"
#   from_port   = 0
#   to_port     = 0
#   protocol    = "-1"
#   cidr_blocks = ["0.0.0.0/0"]
#  
#   security_group_id = aws_eks_cluster.eks_cluster.vpc_config[0].cluster_security_group_id
# }

resource "aws_security_group_rule" "public_in_ssh" {
  type              = "ingress"
  from_port         = 22
  to_port           = 22
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_eks_cluster.eks_cluster.vpc_config[0].cluster_security_group_id
}

resource "aws_security_group_rule" "public_in_http" {
  type              = "ingress"
  from_port         = 31234
  to_port           = 31234
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_eks_cluster.eks_cluster.vpc_config[0].cluster_security_group_id
}