-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecurity_groups.tf
48 lines (42 loc) · 1.1 KB
/
security_groups.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Create a security group to allow SSH access
resource "aws_security_group" "AccessServerSecurityGroup" {
name = "AccessServerSecurityGroup"
description = "Enable needed access to Access Server"
vpc_id = var.vpc_id
ingress {
from_port = 943
to_port = 943
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 945
to_port = 945
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 1194
to_port = 1194
protocol = "udp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] # We recommend you restrict this port to trust IP addresses by entering a specific subnet in CIDR notation (e.g., 12.34.56.0/24 for a subnet or 11.22.33.44/32 for a single IP address)
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}