Skip to content

Commit

Permalink
add in the security group
Browse files Browse the repository at this point in the history
  • Loading branch information
Grunet authored Aug 27, 2024
1 parent bf34c17 commit 21e9b8f
Showing 1 changed file with 27 additions and 3 deletions.
30 changes: 27 additions & 3 deletions packages/aws-terraform/main.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
variable "vpc_id" {
type = string
description = "The VPC to place the honeypot service in"
}

variable "subnet_id" {
type = string
description = "The subnet to place the honeypot service in"
}

variable "cluster_name_or_arn" {
type = string
Expand Down Expand Up @@ -28,9 +37,8 @@ resource "aws_ecs_service" "service" {
launch_type = "FARGATE"
network_configuration {
assign_public_ip = false
# TODO - need to fill these references out
# subnets = []
# security_groups = []
subnets = [var.subnet_id]
security_groups = [aws_security_group.sg_ingress_full_access]
}
platform_version = "1.4.0"
propagate_tags = "SERVICE"
Expand All @@ -40,3 +48,19 @@ resource "aws_ecs_service" "service" {
# TODO - need to fill this reference out
# task_definition = ""
}

resource "aws_security_group" "sg_ingress_full_access" {
description = "Allows all ingress traffic from within the VPC"
ingress = [
{
cidr_blocks = ["0.0.0.0/0"]
protocol = -1
from_port = 0
to_port = 0
}
]
tags = {
cloud-native-honeypot = true
}
vpc_id = var.vpc_id
}

0 comments on commit 21e9b8f

Please sign in to comment.