Revert "Alterando security groups"

This reverts commit ec8ca19.
jonilsonds9 · Nov 1, 2023 · e1eb3cf · e1eb3cf
1 parent ec8ca19
commit e1eb3cf
Showing 1 changed file with 12 additions and 24 deletions.
diff --git a/infra/ecs.tf b/infra/ecs.tf
@@ -155,7 +155,7 @@ resource "aws_ecs_service" "payment" {
 
   network_configuration {
     subnets          = [aws_subnet.us-east-2a.id, aws_subnet.us-east-2b.id]
-    security_groups  = [aws_security_group.payment.id]
+    security_groups  = [aws_security_group.ecs.id]
     assign_public_ip = true
   }
 
@@ -203,7 +203,7 @@ resource "aws_ecs_service" "app" {
 
   network_configuration {
     subnets          = [aws_subnet.us-east-2a.id, aws_subnet.us-east-2b.id]
-    security_groups  = [aws_security_group.app.id]
+    security_groups  = [aws_security_group.ecs.id]
     assign_public_ip = true
   }
 
@@ -233,36 +233,24 @@ resource "aws_ecs_service" "app" {
   }
 }
 
-resource "aws_security_group" "payment" {
-  name        = "${var.cluster_name}-ecs-sg-payment"
-  description = "Security Group for ECS payment service"
+resource "aws_security_group" "ecs" {
+  name        = "${var.cluster_name}-ecs-task-sg"
+  description = "Security Group for ECS Task"
   vpc_id      = aws_vpc.this.id
 
   ingress {
     protocol        = "tcp"
-    from_port       = var.payment_container_port
-    to_port         = var.payment_container_port
-    security_groups = [aws_security_group.app.id]
-  }
-
-  egress {
-    protocol    = "-1"
-    from_port   = 0
-    to_port     = 0
-    cidr_blocks = ["0.0.0.0/0"]
+    from_port       = var.app_container_port
+    to_port         = var.app_container_port
+    security_groups = [aws_security_group.alb.id]
+    cidr_blocks = ["192.168.1.0/24", "192.168.2.0/24"]
   }
-}
-
-resource "aws_security_group" "app" {
-  name        = "${var.cluster_name}-ecs-sg-app"
-  description = "Security Group for ECS app service"
-  vpc_id      = aws_vpc.this.id
 
   ingress {
     protocol        = "tcp"
-    from_port       = var.app_container_port
-    to_port         = var.app_container_port
-    security_groups = [aws_security_group.alb.id, aws_security_group.payment.id]
+    from_port       = var.payment_container_port
+    to_port         = var.payment_container_port
+    cidr_blocks = ["192.168.1.0/24", "192.168.2.0/24"]
   }
 
   egress {