0

I am learning AWS and Terraform and now as an example I looking on creating something more or less complex. In this repo https://github.com/opencredo/k8s-terraform-ansible-sample I've found such Terrafrom code in defenition of vpc security group https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/vpc.tf#L122:L128:

  # Allow all traffic from the API ELB
  ingress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    security_groups = ["${aws_security_group.kubernetes_api.id}"]
  }

Especially interesting for me is security_groups argument. Of course I can check Terraform documentation but even it doesn't say me a lot. This security_groups links to kubernetes_api security group https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/k8s_controllers.tf#L68:L92 which attached to kubernetes_api ELB https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/k8s_controllers.tf#L41.

So lets return to my question. What's security_groups in vpc security group doing exactly?

ipeacocks
  • 2,187
  • 3
  • 32
  • 47
  • 1
    The `security_groups` section (https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/k8s_controllers.tf#L68:L92) creates the security group and https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/k8s_controllers.tf#L41 adds it to the ELB. – krishna_mee2004 Mar 18 '18 at 11:49
  • @krishna and what about this block? https://github.com/opencredo/k8s-terraform-ansible-sample/blob/master/terraform/vpc.tf#L122:L128 – ipeacocks Mar 18 '18 at 12:08
  • That block defines the ingress (inbound) rules in the security group. This block creates the rules and attaches it to the security group. – krishna_mee2004 Mar 18 '18 at 13:19

0 Answers0