From 2d2ddb17cb80d9bb5c165c35374cd6a5d9fb55e4 Mon Sep 17 00:00:00 2001 From: tylerthome Date: Wed, 2 Oct 2024 18:24:39 -0700 Subject: [PATCH] datasource vpc for nwsecurity group --- terraform-incubator/home-unite-us/dev/main.tf | 36 ++++++++++++++++--- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/terraform-incubator/home-unite-us/dev/main.tf b/terraform-incubator/home-unite-us/dev/main.tf index 495b346..6f08ef9 100644 --- a/terraform-incubator/home-unite-us/dev/main.tf +++ b/terraform-incubator/home-unite-us/dev/main.tf @@ -4,7 +4,7 @@ provider "aws" { } -resource "aws_lb_target_group" "this" { +resource "aws_lb_target_group" "homeuniteus" { target_type = "ip" name = local.app_name port = 80 @@ -27,7 +27,7 @@ resource "aws_lb_target_group" "this" { } } -resource "aws_lb_listener_rule" "static" { +resource "aws_lb_listener_rule" "homeuniteus" { listener_arn = local.listener_arn action { @@ -54,8 +54,13 @@ resource "aws_lb_listener_rule" "static" { } +data "aws_vpc" "incubator" { + id = local.vpc_id +} + + # aws_ecs_task_definition.task: -resource "aws_ecs_task_definition" "task" { +resource "aws_ecs_task_definition" "homeuniteus" { container_definitions = jsonencode( [ { @@ -101,8 +106,31 @@ resource "aws_ecs_task_definition" "task" { } +resource "aws_security_group" "fargate" { + name = "ecs_fargate_${local.app_name}" + description = "Allow TLS inbound traffic" + vpc_id = local.vpc_id + + ingress { + description = "All Internal traffic" + from_port = 0 + to_port = 65535 + protocol = "tcp" + cidr_blocks = [data.aws_vpc.incubator.cidr_block] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { Name = "ecs_container_instance_${local.app_name}" } +} + -resource "aws_ecs_service" "fargate" { +resource "aws_ecs_service" "homeuniteus" { name = "homeuniteus" cluster = "arn:aws:ecs:us-west-2:035866691871:cluster/incubator-prod" enable_execute_command = true